ÿþOTL logfile created on: 2013-10-19 03:43:39 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Piotr\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,93 Gb Total Physical Memory | 2,38 Gb Available Physical Memory | 81,11% Memory free 4,77 Gb Paging File | 4,15 Gb Available in Paging File | 86,97% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 9,20 Gb Free Space | 23,55% Space Free | Partition Type: NTFS Drive D: | 193,82 Gb Total Space | 52,12 Gb Free Space | 26,89% Space Free | Partition Type: NTFS Computer Name: R-E0302CF8EB514 | User Name: Piotr | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-10-19 03:42:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotr\Moje dokumenty\Pobieranie\OTL.exe PRC - [2013-10-19 03:33:45 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2013-10-19 03:25:42 | 001,070,944 | ---- | M] (Solid State Networks) -- C:\Documents and Settings\Piotr\Ustawienia lokalne\Temp\install_flashplayer11x32_mssa_aaa_aih.exe PRC - [2013-10-01 13:11:56 | 000,440,392 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2013-10-01 13:11:34 | 000,431,688 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2013-10-01 13:11:29 | 000,440,392 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2013-10-01 13:11:28 | 000,681,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2013-10-01 01:36:48 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013-05-09 19:50:28 | 000,212,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Piotr\Ustawienia lokalne\Temp\RtkBtMnt.exe PRC - [2013-02-13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2012-11-29 21:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINNT\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-10-01 01:36:47 | 003,279,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013-08-12 18:38:38 | 000,394,824 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll MOD - [2013-02-13 04:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2013-02-13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe MOD - [2012-11-29 21:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013-10-19 03:33:45 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013-10-01 13:11:56 | 000,440,392 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013-10-01 13:11:35 | 001,164,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2013-10-01 13:11:29 | 000,440,392 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013-10-01 01:36:48 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-11-29 21:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2011-03-21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Disabled | Stopped] -- System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013-10-01 13:12:00 | 000,137,208 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINNT\system32\drivers\avipbb.sys -- (avipbb) DRV - [2013-10-01 13:12:00 | 000,089,376 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINNT\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013-10-01 13:12:00 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINNT\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013-08-12 18:38:46 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINNT\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010-10-29 02:46:21 | 000,076,440 | ---- | M] (Prevx) [File_System | System | Running] -- C:\WINNT\system32\drivers\pxrts.sys -- (pxrts) DRV - [2010-10-29 02:46:21 | 000,032,008 | ---- | M] (Prevx) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\pxscan.sys -- (pxscan) DRV - [2010-10-29 02:46:20 | 000,026,096 | ---- | M] (Prevx) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\pxkbf.sys -- (pxkbf) DRV - [2009-02-25 21:17:52 | 001,344,224 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\athw.sys -- (AR5416) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-06-13 18:11:16 | 004,754,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2008-03-19 15:26:00 | 000,175,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\b57xp32.sys -- (b57w2k) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1614895754-329068152-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm IE - HKU\S-1-5-21-1614895754-329068152-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-21-1614895754-329068152-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1614895754-329068152-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-1614895754-329068152-839522115-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=5C97001F16956B02&affID=119357&tsp=4945 IE - HKU\S-1-5-21-1614895754-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.172 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0 FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINNT\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-10 08:39:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-16 18:07:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-10-13 16:18:41 | 000,000,000 | ---D | M] [2013-05-09 19:53:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Piotr\Dane aplikacji\Mozilla\Extensions [2013-09-27 15:13:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Piotr\Dane aplikacji\Mozilla\Firefox\Profiles\0jc0tkd9.default\extensions [2013-07-16 17:57:22 | 000,006,507 | ---- | M] () -- C:\Documents and Settings\Piotr\Dane aplikacji\Mozilla\Firefox\Profiles\0jc0tkd9.default\searchplugins\babylon.xml [2013-07-16 17:57:22 | 000,006,507 | ---- | M] () -- C:\Documents and Settings\Piotr\Dane aplikacji\Mozilla\Firefox\Profiles\0jc0tkd9.default\searchplugins\BrowserDefender.xml [2013-07-16 17:58:06 | 000,001,294 | ---- | M] () -- C:\Documents and Settings\Piotr\Dane aplikacji\Mozilla\Firefox\Profiles\0jc0tkd9.default\searchplugins\delta.xml [2013-10-01 01:36:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Extensions [2013-10-01 01:35:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013-10-01 01:36:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013-07-16 18:07:25 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 O1 HOSTS File: ([2013-05-09 19:31:58 | 000,000,060 | ---- | M]) - C:\WINNT\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (SafeOnline BHO) - {69D72956-317C-44bd-B369-8E44D4EF9801} - C:\WINNT\system32\PxSecure.dll (Prevx) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [Alcmtr] C:\WINNT\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKU\.DEFAULT..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [nlsf] C:\WINNT\System32\cmd.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] C:\WINNT\system32\tscupgrd.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\Piotr\Menu Start\Programy\Autostart\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1614895754-329068152-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINNT\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 94.251.160.14 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63B597C0-5DAB-4215-BD85-FDD0E9C8AB12}: DhcpNameServer = 217.172.224.160 94.251.160.14 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINNT\system32\userinit.exe) - C:\WINNT\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bie|ca strona gBówna) - About:Home O24 - Desktop WallPaper: C:\WINNT\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINNT\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-12-29 02:40:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-05-08 18:57:23 | 000,000,000 | ---D | M] - D:\autobus -- [ NTFS ] O33 - MountPoints2\{0f371384-cfcf-11e0-92c1-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{0f371384-cfcf-11e0-92c1-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{0f371385-cfcf-11e0-92c1-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{0f371385-cfcf-11e0-92c1-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{219e39b0-4a42-11df-8f1e-001f16956b02}\Shell - "" = AutoRun O33 - MountPoints2\{219e39b0-4a42-11df-8f1e-001f16956b02}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{219e39bf-4a42-11df-8f1e-001f16956b02}\Shell - "" = AutoRun O33 - MountPoints2\{219e39bf-4a42-11df-8f1e-001f16956b02}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2af5c785-f413-11de-8e30-c4d6c4209a2b}\Shell\AutoRun\command - "" = F:\EmDesk.exe O33 - MountPoints2\{2af5c785-f413-11de-8e30-c4d6c4209a2b}\Shell\EmDesk\command - "" = F:\EmDesk.exe O33 - MountPoints2\{37e695bc-cf4c-11e0-92bf-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{37e695bc-cf4c-11e0-92bf-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{3cc7103c-cdb9-11e0-92bc-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{3cc7103c-cdb9-11e0-92bc-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{4ad82757-a22c-11df-8ff9-001f16956b02}\Shell - "" = AutoRun O33 - MountPoints2\{4ad82757-a22c-11df-8ff9-001f16956b02}\Shell\AutoRun\command - "" = H:\Startme.exe O33 - MountPoints2\{78ab7d90-f7b2-11de-8e44-001f16956b02}\Shell - "" = AutoRun O33 - MountPoints2\{78ab7d90-f7b2-11de-8e44-001f16956b02}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{78ab8459-f7b2-11de-8e44-001f16956b02}\Shell - "" = AutoRun O33 - MountPoints2\{78ab8459-f7b2-11de-8e44-001f16956b02}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{7c47d1bc-2858-11df-8ec8-001f16956b02}\Shell - "" = AutoRun O33 - MountPoints2\{7c47d1bc-2858-11df-8ec8-001f16956b02}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{7c47d5b9-2858-11df-8ec8-001f16956b02}\Shell - "" = AutoRun O33 - MountPoints2\{7c47d5b9-2858-11df-8ec8-001f16956b02}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{7c47d9b8-2858-11df-8ec8-001f16956b02}\Shell - "" = AutoRun O33 - MountPoints2\{7c47d9b8-2858-11df-8ec8-001f16956b02}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{7f4b5671-579c-11df-8f41-001f16956b02}\Shell - "" = AutoRun O33 - MountPoints2\{7f4b5671-579c-11df-8f41-001f16956b02}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{896bd381-a18a-11e0-9248-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{896bd381-a18a-11e0-9248-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{8b872fea-cf4e-11e0-92c0-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{8b872fea-cf4e-11e0-92c0-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{8b872fed-cf4e-11e0-92c0-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{8b872fed-cf4e-11e0-92c0-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{a774fa5a-91c5-11e0-9232-0017c47dd769}\Shell - "" = Autorun O33 - MountPoints2\{a774fa5a-91c5-11e0-9232-0017c47dd769}\Shell\AutoRun\command - "" = F:\Install_Nokia_Ovi_Suite.exe O33 - MountPoints2\{aa00ace4-2957-11df-8ecc-001f16956b02}\Shell - "" = AutoRun O33 - MountPoints2\{aa00ace4-2957-11df-8ecc-001f16956b02}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{b08b8d34-d058-11e0-92c3-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{b08b8d34-d058-11e0-92c3-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{b08b8d35-d058-11e0-92c3-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{b08b8d35-d058-11e0-92c3-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{b0d2f9f6-0cf1-11e1-932c-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{b0d2f9f6-0cf1-11e1-932c-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{b0d2f9f7-0cf1-11e1-932c-0017c47dd769}\Shell - "" = Autorun O33 - MountPoints2\{b0d2f9f7-0cf1-11e1-932c-0017c47dd769}\Shell\AutoRun\command - "" = G:\Install_Nokia_Ovi_Suite.exe O33 - MountPoints2\{c070a26d-f7e3-11de-8e46-001f16956b02}\Shell - "" = AutoRun O33 - MountPoints2\{c070a26d-f7e3-11de-8e46-001f16956b02}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c070a275-f7e3-11de-8e46-001f16956b02}\Shell - "" = AutoRun O33 - MountPoints2\{c070a275-f7e3-11de-8e46-001f16956b02}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{d9ae58c0-d6c8-11e0-92cd-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{d9ae58c0-d6c8-11e0-92cd-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{d9ae58c1-d6c8-11e0-92cd-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{d9ae58c1-d6c8-11e0-92cd-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{d9ae58c2-d6c8-11e0-92cd-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{d9ae58c2-d6c8-11e0-92cd-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{dc341b64-b05a-11e0-927e-0017c47dd769}\Shell - "" = AutoRun O33 - MountPoints2\{dc341b64-b05a-11e0-927e-0017c47dd769}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-10-19 03:38:10 | 004,812,567 | ---- | C] (Tim Kosse) -- C:\Documents and Settings\Piotr\Moje dokumenty\FileZilla_3.7.3_win32-setup.exe [2013-10-19 03:35:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013-10-19 03:34:41 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINNT\System32\javaws.exe [2013-10-19 03:34:41 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINNT\System32\javacpl.cpl [2013-10-19 03:34:25 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINNT\System32\javaw.exe [2013-10-19 03:34:25 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINNT\System32\WindowsAccessBridge.dll [2013-10-19 03:34:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java [2013-10-19 03:34:24 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINNT\System32\java.exe [2013-10-18 22:47:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Piotr\Recent [2013-10-17 03:07:44 | 000,000,000 | ---D | C] -- C:\WINNT\System32\XPSViewer [2013-10-17 03:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2013-10-17 03:07:26 | 000,000,000 | ---D | C] -- C:\WINNT\System32\en-US [2013-10-17 03:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2013-10-17 03:05:58 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\printfilterpipelinesvc.exe [2013-10-17 03:05:58 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\prntvpt.dll [2013-10-17 03:05:58 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\filterpipelineprintproc.dll [2013-10-17 03:05:57 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\xpsshhdr.dll [2013-10-17 03:05:56 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\xpssvcs.dll [2013-10-17 03:05:56 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\xpssvcs.dll [2013-10-17 03:04:01 | 000,000,000 | R-SD | C] -- C:\WINNT\assembly [2013-10-17 03:03:08 | 000,000,000 | ---D | C] -- C:\WINNT\Microsoft.NET [2013-10-09 09:02:31 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\hidparse.sys [2013-10-09 09:02:31 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\usbscan.sys [2013-10-09 09:02:29 | 000,026,240 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\usbser.sys [2013-10-09 09:02:27 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\usbaudio.sys [2013-10-09 09:02:27 | 000,046,848 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\irbus.sys [2013-10-09 09:02:26 | 000,123,008 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\usbvideo.sys [2013-10-09 09:01:38 | 000,144,128 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\usbport.sys [2013-10-09 09:01:38 | 000,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\usbccgp.sys [2013-10-09 09:01:38 | 000,030,336 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\usbehci.sys [2013-10-09 09:01:38 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\usbd.sys [2013-10-01 01:35:57 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-10-19 03:43:00 | 000,001,034 | ---- | M] () -- C:\WINNT\tasks\GoogleUpdateTaskMachineUA.job [2013-10-19 03:38:38 | 000,001,663 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FileZilla Client.lnk [2013-10-19 03:38:14 | 004,812,567 | ---- | M] (Tim Kosse) -- C:\Documents and Settings\Piotr\Moje dokumenty\FileZilla_3.7.3_win32-setup.exe [2013-10-19 03:33:47 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINNT\System32\WindowsAccessBridge.dll [2013-10-19 03:33:39 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINNT\System32\javaws.exe [2013-10-19 03:33:39 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINNT\System32\javaw.exe [2013-10-19 03:33:39 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINNT\System32\java.exe [2013-10-19 03:33:39 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINNT\System32\javacpl.cpl [2013-10-19 03:20:05 | 000,001,030 | ---- | M] () -- C:\WINNT\tasks\GoogleUpdateTaskMachineCore.job [2013-10-19 03:20:05 | 000,000,278 | ---- | M] () -- C:\WINNT\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1614895754-329068152-839522115-1003.job [2013-10-19 03:20:01 | 000,002,048 | --S- | M] () -- C:\WINNT\bootstat.dat [2013-10-18 17:38:03 | 000,494,504 | ---- | M] () -- C:\WINNT\System32\perfh015.dat [2013-10-18 17:38:03 | 000,436,016 | ---- | M] () -- C:\WINNT\System32\perfh009.dat [2013-10-18 17:38:03 | 000,085,756 | ---- | M] () -- C:\WINNT\System32\perfc015.dat [2013-10-18 17:38:03 | 000,068,912 | ---- | M] () -- C:\WINNT\System32\perfc009.dat [2013-10-18 16:20:46 | 000,002,206 | ---- | M] () -- C:\WINNT\System32\wpa.dbl [2013-10-17 03:34:49 | 000,205,712 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT [2013-10-10 16:11:54 | 003,973,120 | ---- | M] () -- C:\Documents and Settings\Piotr\Pulpit\10.10.2013_161534.mdb [2013-10-10 08:11:16 | 001,347,584 | ---- | M] () -- C:\Documents and Settings\Piotr\Pulpit\10.10.2013_082918.mdb [2013-10-06 23:47:01 | 000,000,286 | ---- | M] () -- C:\WINNT\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1614895754-329068152-839522115-1003.job [2013-10-01 13:12:00 | 000,137,208 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINNT\System32\drivers\avipbb.sys [2013-10-01 13:12:00 | 000,089,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINNT\System32\drivers\avgntflt.sys [2013-10-01 13:12:00 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINNT\System32\drivers\avkmgr.sys [2013-09-30 09:21:44 | 001,347,584 | ---- | M] () -- C:\Documents and Settings\Piotr\Pulpit\30.09.2013_092827.mdb [2013-09-30 08:36:27 | 003,973,120 | ---- | M] () -- C:\Documents and Settings\Piotr\Pulpit\30.09.2013_083856.mdb [2013-09-24 01:15:01 | 000,000,326 | ---- | M] () -- C:\WINNT\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1614895754-329068152-839522115-1003.job [2013-09-23 23:55:10 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ieframe.dll [2013-09-23 20:25:12 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\wininet.dll [2013-09-23 20:25:11 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\urlmon.dll [2013-09-23 20:25:11 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\vgx.dll [2013-09-23 20:25:11 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\mstime.dll [2013-09-23 20:25:11 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mstime.dll [2013-09-23 20:25:11 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\occache.dll [2013-09-23 20:25:11 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\url.dll [2013-09-23 20:25:11 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\url.dll [2013-09-23 20:25:11 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mshtmled.dll [2013-09-23 20:25:10 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\mshtml.dll [2013-09-23 20:25:09 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iertutil.dll [2013-09-23 20:25:09 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\inetcpl.cpl [2013-09-23 20:25:09 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\inetcpl.cpl [2013-09-23 20:25:09 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\msfeeds.dll [2013-09-23 20:25:09 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msfeeds.dll [2013-09-23 20:25:09 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\jsdbgui.dll [2013-09-23 20:25:09 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\msfeedsbs.dll [2013-09-23 20:25:09 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\msfeedsbs.dll [2013-09-23 20:25:09 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\licmgr10.dll [2013-09-23 20:25:09 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\licmgr10.dll [2013-09-23 20:25:09 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\jsproxy.dll [2013-09-23 20:25:09 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\jsproxy.dll [2013-09-23 20:25:08 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\iepeers.dll [2013-09-23 20:25:08 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iepeers.dll [2013-09-23 20:25:06 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iedvtool.dll [2013-09-23 20:25:06 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\iedkcs32.dll [2013-09-23 20:25:06 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\iedkcs32.dll [2013-09-23 20:25:06 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\corpol.dll [2013-09-23 20:25:06 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\corpol.dll [2013-09-23 20:07:42 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\ie4uinit.exe [2013-09-23 20:07:42 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\dllcache\ie4uinit.exe [2013-09-23 20:07:41 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\html.iec [2013-09-19 07:51:29 | 001,314,816 | ---- | M] () -- C:\Documents and Settings\Piotr\Pulpit\19.09.2013_080028.mdb [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-10-19 03:38:38 | 000,001,663 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\FileZilla Client.lnk [2013-10-10 16:15:34 | 003,973,120 | ---- | C] () -- C:\Documents and Settings\Piotr\Pulpit\10.10.2013_161534.mdb [2013-10-10 08:29:18 | 001,347,584 | ---- | C] () -- C:\Documents and Settings\Piotr\Pulpit\10.10.2013_082918.mdb [2013-09-30 09:28:27 | 001,347,584 | ---- | C] () -- C:\Documents and Settings\Piotr\Pulpit\30.09.2013_092827.mdb [2013-09-30 08:38:56 | 003,973,120 | ---- | C] () -- C:\Documents and Settings\Piotr\Pulpit\30.09.2013_083856.mdb [2013-09-19 08:00:28 | 001,314,816 | ---- | C] () -- C:\Documents and Settings\Piotr\Pulpit\19.09.2013_080028.mdb [2013-08-20 11:21:42 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-07-16 18:01:58 | 000,645,632 | ---- | C] () -- C:\WINNT\System32\xvidcore.dll [2013-07-16 18:01:58 | 000,240,640 | ---- | C] () -- C:\WINNT\System32\xvidvfw.dll [2013-07-16 18:00:55 | 000,079,360 | ---- | C] () -- C:\WINNT\System32\ff_vfw.dll [2013-07-16 18:00:38 | 000,216,064 | ---- | C] ( ) -- C:\WINNT\System32\lagarith.dll [2013-07-16 18:00:37 | 000,715,038 | ---- | C] () -- C:\WINNT\unins000.exe [2013-07-16 18:00:36 | 000,001,792 | ---- | C] () -- C:\WINNT\unins000.dat [2013-02-02 10:04:46 | 000,003,072 | ---- | C] () -- C:\WINNT\System32\iacenc.dll [2012-09-04 01:30:40 | 000,000,076 | ---- | C] () -- C:\Documents and Settings\Piotr\.borg.out [2012-08-07 05:03:18 | 000,000,664 | ---- | C] () -- C:\WINNT\System32\d3d9caps.dat [2011-02-13 15:37:02 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Piotr\intlname.ols [2010-06-06 19:21:28 | 018,250,038 | ---- | C] () -- C:\Documents and Settings\Piotr\DSCF5571.bmp [2010-06-06 19:21:05 | 001,600,589 | ---- | C] () -- C:\Documents and Settings\Piotr\DSCF5571.JPG [color=#E56717]========== ZeroAccess Check ==========[/color] [2013-10-17 03:04:02 | 000,000,227 | RHS- | M] () -- C:\WINNT\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 19:20:47 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINNT\system32\wbem\fastprox.dll -- [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINNT\system32\wbem\wbemess.dll -- [2008-04-14 19:20:57 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2010-09-24 23:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2013-08-12 18:28:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2013-07-16 17:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon [2010-03-02 00:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Broadcom [2011-06-15 04:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2011-06-15 04:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaAccount [2011-06-15 04:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache [2011-06-15 04:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2010-10-29 02:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PrevxCSI [2013-08-12 17:14:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotr\Dane aplikacji\Autodesk [2013-07-16 18:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotr\Dane aplikacji\CDXReader [2013-08-12 18:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotr\Dane aplikacji\Codec Package Packages [2013-07-16 17:56:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotr\Dane aplikacji\DSite [2013-10-19 03:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotr\Dane aplikacji\FileZilla [2013-07-16 18:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotr\Dane aplikacji\LavFilters [2012-06-25 21:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotr\Dane aplikacji\Stellarium [2013-08-12 17:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotr\Dane aplikacji\VSO [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2013-09-28 00:18:24 | 098,372,650 | ---- | M] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\“ ;‘lV; [2013-09-28 00:18:24 | 098,372,650 | ---- | C] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\“ ;‘lV; [2013-09-23 23:35:05 | 098,798,431 | ---- | M] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\š2dlV; [2013-09-23 23:35:05 | 098,798,431 | ---- | C] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\š2dlV; [2013-09-13 09:26:06 | 045,937,980 | ---- | M] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\ÐmðlV; [2013-09-12 19:59:11 | 045,937,980 | ---- | C] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\ÐmðlV; [2013-09-12 01:59:03 | 097,190,063 | ---- | M] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\[Ú lV; [2013-09-11 19:59:33 | 097,190,063 | ---- | C] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\[Ú lV; [2013-09-04 08:10:58 | 095,812,354 | ---- | M] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\퇦lV; [2013-09-04 02:11:24 | 095,812,354 | ---- | C] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\퇦lV; [2013-09-02 05:03:13 | 095,199,985 | ---- | M] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\uªKlV; [2013-09-02 05:03:13 | 095,199,985 | ---- | C] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\uªKlV; [2013-09-01 23:03:37 | 095,199,041 | ---- | M] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\LFSlV; [2013-09-01 23:03:37 | 095,199,041 | ---- | C] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\LFSlV; [2013-08-30 08:59:43 | 094,712,498 | ---- | M] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\Ȥ»lV; [2013-08-30 08:59:43 | 094,712,498 | ---- | C] ()(C:\WINNT\System32\???;) -- C:\WINNT\System32\Ȥ»lV; < End of report >