OTL logfile created on: 07-11-13 10:36:02 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\xxx\Pulpit\infekcja\obowiązkowe dla zrobienia logów
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd-MM-yy
 
767,49 Mb Total Physical Memory | 344,20 Mb Available Physical Memory | 44,85% Memory free
4,73 Gb Paging File | 4,42 Gb Available in Paging File | 93,54% Paging File free
Paging file location(s): C:\pagefile.sys 1814 3000D:\pagef [Binary data over 200 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18,71 Gb Total Space | 5,74 Gb Free Space | 30,68% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 7,97 Gb Free Space | 39,86% Space Free | Partition Type: NTFS
Drive E: | 73,06 Gb Total Space | 47,52 Gb Free Space | 65,03% Space Free | Partition Type: NTFS
Drive F: | 20,00 Gb Total Space | 9,65 Gb Free Space | 48,27% Space Free | Partition Type: NTFS
Drive G: | 30,01 Gb Total Space | 15,29 Gb Free Space | 50,96% Space Free | Partition Type: NTFS
Drive J: | 24,52 Gb Total Space | 12,17 Gb Free Space | 49,63% Space Free | Partition Type: NTFS
 
Computer Name: BEATA | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-11-07 09:23:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxx\Pulpit\infekcja\obowiązkowe dla zrobienia logów\OTL.exe
PRC - [2013-11-07 09:12:10 | 001,089,445 | ---- | M] (Farbar) -- C:\Documents and Settings\xxx\Pulpit\infekcja\obowiązkowe dla zrobienia logów\FRST.exe
PRC - [2010-04-14 21:45:21 | 000,598,696 | ---- | M] ( ) -- C:\WINDOWS\system32\lxeacoms.exe
PRC - [2010-02-09 01:15:00 | 000,593,920 | ---- | M] ( ) -- C:\WINDOWS\system32\lmabcoms.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-10-27 15:23:04 | 000,347,432 | ---- | M] (Microsoft Corporation) -- E:\Office12\WINWORD.EXE
PRC - [2001-01-15 03:52:00 | 000,600,600 | ---- | M] (C. Ghisler & Co.) -- C:\Wincmd\WINCMD32.EXE
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2009-11-04 14:14:38 | 000,165,376 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeadrui.dll
MOD - [2009-11-04 14:14:19 | 000,157,696 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxeadrpp.dll
MOD - [2009-11-04 14:14:06 | 000,236,032 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeadr.dll
MOD - [2009-06-08 01:44:02 | 000,167,936 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeaprpr.dll
MOD - [2009-05-18 14:29:08 | 000,819,200 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeaptpc.dll
MOD - [2008-07-23 13:40:22 | 000,076,288 | ---- | M] () -- D:\INSTALKI\Ikony na Pulpicie\rozpakowane\DeskSaveShellEx.dll
MOD - [2008-04-14 21:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006-10-26 11:56:46 | 000,757,008 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD - [2006-10-22 11:22:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2006-10-22 11:22:00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] --  -- (PEVSystemStart)
SRV - [2013-10-29 17:24:03 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-05-24 14:22:48 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-02-29 07:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010-04-14 21:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxeacoms.exe -- (lxea_device)
SRV - [2010-04-14 21:45:14 | 000,193,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV - [2010-02-09 01:15:00 | 000,593,920 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lmabcoms.exe -- (lmab_device)
SRV - [2006-10-27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VcommMgr.sys -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VComm.sys -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\SophosMEMSWEEP.SYS -- (MEMSWEEP2)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vbtenum.sys -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcusb.sys -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (BT)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (BlueletAudio)
DRV - [2013-11-07 08:27:35 | 000,324,096 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010-10-25 10:07:48 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009-12-22 03:31:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-09-19 06:30:10 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-09-19 06:30:10 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2009-09-19 06:30:10 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009-09-19 06:30:10 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-04-13 23:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006-04-07 16:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VNUSB.sys -- (VNUSB)
DRV - [2006-01-12 11:56:56 | 000,102,528 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SI3112r.sys -- (SI3112r)
DRV - [2005-09-23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005-02-09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2005-01-10 11:45:56 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2K)
DRV - [2004-12-24 13:50:10 | 000,010,880 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2004-11-01 11:21:32 | 000,010,368 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2004-08-25 16:09:02 | 000,005,120 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2004-06-28 11:08:56 | 000,042,752 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2004-06-10 09:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sacm2A.sys -- (USBCM)
DRV - [2004-06-09 15:06:52 | 000,126,208 | ---- | M] (Plextor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Xstream.sys -- (WISTechVIDCAP)
DRV - [2004-01-21 18:55:12 | 000,013,184 | ---- | M] (Plextor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\XLoader.sys -- (XLoader)
DRV - [2003-09-19 00:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003-09-02 14:51:00 | 000,054,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2003-08-15 17:22:16 | 000,072,771 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2003-03-19 13:51:00 | 000,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2003-02-19 07:58:44 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation       ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002-01-12 16:30:34 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PortTalk.sys -- (PortTalk)
DRV - [2001-08-17 22:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001-08-17 20:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [2001-08-17 20:50:26 | 000,731,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4.sys -- (nv4)
DRV - [2001-08-17 19:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [2001-01-15 03:52:00 | 000,007,888 | ---- | M] (C. Ghisler & Co.) [Kernel | On_Demand | Stopped] -- C:\Wincmd\CGLPTNT.SYS -- (cglptnt)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2000478354-507921405-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
IE - HKU\S-1-5-21-2000478354-507921405-725345543-1003\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2000478354-507921405-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: mfmb@maciejfulawka.eu:1.4
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\xxx\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\xxx\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-05-24 14:22:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-05-24 14:22:28 | 000,000,000 | ---D | M]
 
[2008-12-30 19:46:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxx\Dane aplikacji\Mozilla\Extensions
[2013-10-28 19:55:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxx\Dane aplikacji\Mozilla\Firefox\Profiles\5kozsv79.default\extensions
[2009-02-23 10:28:36 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\xxx\Dane aplikacji\Mozilla\Firefox\Profiles\5kozsv79.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(2)
[2009-03-31 14:00:37 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\xxx\Dane aplikacji\Mozilla\Firefox\Profiles\5kozsv79.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(3)
[2009-01-14 09:34:38 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\xxx\Dane aplikacji\Mozilla\Firefox\Profiles\5kozsv79.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2009-02-23 10:28:19 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\xxx\Dane aplikacji\Mozilla\Firefox\Profiles\5kozsv79.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}(2)
[2008-07-03 11:27:37 | 000,000,000 | ---D | M] ("mBank: Generator wyrdukĂłw") -- C:\Documents and Settings\xxx\Dane aplikacji\Mozilla\Firefox\Profiles\5kozsv79.default\extensions\mfmb@maciejfulawka.eu
[2013-10-28 19:55:11 | 000,534,765 | ---- | M] () (No name found) -- C:\Documents and Settings\xxx\Dane aplikacji\Mozilla\Firefox\Profiles\5kozsv79.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013-10-15 20:40:14 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\xxx\Dane aplikacji\Mozilla\Firefox\Profiles\5kozsv79.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2007-12-29 13:18:21 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\xxx\Dane aplikacji\Mozilla\Firefox\Profiles\5kozsv79.default\searchplugins\aolsearch.xml
[2008-07-03 11:27:45 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\xxx\Dane aplikacji\Mozilla\Firefox\Profiles\5kozsv79.default\searchplugins\winamp-search.xml
[2013-05-24 14:22:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-05-24 14:22:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-02-19 17:44:32 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\xxx\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\29.0.1547.62\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Documents and Settings\xxx\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\xxx\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: GanymedeNet.Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\xxx\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.65\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Skype Click to Call = C:\Documents and Settings\xxx\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\xxx\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
 
O1 HOSTS File: ([2013-11-07 07:57:50 | 000,000,798 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-2000478354-507921405-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKU\S-1-5-21-2000478354-507921405-725345543-1003\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2000478354-507921405-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2000478354-507921405-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2000478354-507921405-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2000478354-507921405-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 1
O7 - HKU\S-1-5-21-2000478354-507921405-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKU\S-1-5-21-2000478354-507921405-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-2000478354-507921405-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\S-1-5-21-2000478354-507921405-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKU\S-1-5-21-2000478354-507921405-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: &Winamp Search - Reg Error: Value error. File not found
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {3334504D-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/C/8/0C8EDFAB-30BC-4792-898E-2DABE27B2C4D/mp43dmo.CAB (Reg Error: Key error.)
O16 - DPF: {5334504D-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/8/D/08D91A3B-CFF6-45DE-95DF-64415075E344/mpg4sdmo.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{87B45234-6BA5-4924-A245-5782E91E1783}: DhcpNameServer = 192.168.10.1 62.179.1.62 62.179.1.63
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F057B46D-7A3D-4978-A882-F2CB675EB6DA}: DhcpNameServer = 192.168.10.1 62.179.1.62 62.179.1.63
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F81313C1-67CB-4BD0-84B9-A1EE11CD0165}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-03-10 16:33:12 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{51eda1d8-4a69-11e1-a172-fcee08a20817}\Shell - "" = AutoRun
O33 - MountPoints2\{51eda1d8-4a69-11e1-a172-fcee08a20817}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL start.exe
O33 - MountPoints2\{af19ee70-1552-11e2-a3e6-000461580e3d}\Shell - "" = AutoRun
O33 - MountPoints2\{af19ee70-1552-11e2-a3e6-000461580e3d}\Shell\AutoRun\command - "" = K:\start.exe
O33 - MountPoints2\{ff96374c-f827-11e0-a04f-00116765fef7}\Shell - "" = AutoRun
O33 - MountPoints2\{ff96374c-f827-11e0-a04f-00116765fef7}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-11-07 10:11:08 | 000,000,000 | ---D | C] -- C:\FRST
[2013-11-07 08:49:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Pulpit\infekcja
[2013-11-07 08:26:47 | 000,522,752 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\xxx\Pulpit\SPTDinst-v184-x86.exe
[2013-11-07 08:00:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013-11-05 13:10:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013-11-05 13:10:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013-11-05 13:10:57 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013-11-05 13:10:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013-11-05 13:10:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-11-05 11:35:03 | 000,000,000 | ---D | C] -- C:\SDFix
[2013-11-03 15:13:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Doctor Web
[2013-11-03 14:46:01 | 002,759,192 | ---- | C] (Sony Corporation) -- C:\Documents and Settings\xxx\Pulpit\install_flashplayer11x32_mssd_au_aih.exe.EXE
[2013-11-03 12:58:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2013-11-03 12:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony Corporation
[2013-11-03 12:16:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Dane aplikacji\Sony Corporation
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-11-07 10:18:16 | 000,004,216 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2013-11-07 09:49:08 | 000,002,237 | ---- | M] () -- C:\Documents and Settings\xxx\Pulpit\Microsoft Office Word 2007.lnk
[2013-11-07 09:46:56 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2013-11-07 09:46:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-11-07 08:27:58 | 000,000,077 | ---- | M] () -- C:\Documents and Settings\xxx\Pulpit\forum komputerowe.url
[2013-11-07 08:26:47 | 000,522,752 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\xxx\Pulpit\SPTDinst-v184-x86.exe
[2013-11-07 07:57:50 | 000,000,798 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013-11-06 20:19:11 | 000,001,098 | ---- | M] () -- C:\WINDOWS\BALTIE.INI
[2013-11-05 11:04:06 | 000,357,083 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts20131107.backup
[2013-11-05 07:45:28 | 000,002,235 | ---- | M] () -- C:\Documents and Settings\xxx\Pulpit\Microsoft Office Excel 2007.lnk
[2013-11-04 21:27:12 | 000,428,592 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-11-04 09:08:38 | 000,001,475 | ---- | M] () -- C:\Documents and Settings\xxx\Pulpit\Eksplorator Windows.lnk
[2013-11-03 14:46:01 | 002,759,192 | ---- | M] (Sony Corporation) -- C:\Documents and Settings\xxx\Pulpit\install_flashplayer11x32_mssd_au_aih.exe.EXE
[2013-11-03 14:10:17 | 000,000,328 | RHS- | M] () -- C:\boot.ini
[2013-11-03 13:11:52 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\xxx\Pulpit\Eusing Free Registry Cleaner.lnk
[2013-10-30 21:09:38 | 000,099,328 | ---- | M] () -- C:\Documents and Settings\xxx\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-10-29 17:24:04 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-10-29 17:24:03 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013-10-29 17:24:03 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013-10-28 13:47:02 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-10-27 08:45:03 | 000,521,114 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2013-10-27 08:45:03 | 000,461,946 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-10-27 08:45:03 | 000,097,842 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2013-10-27 08:45:03 | 000,080,136 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-10-14 19:34:34 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-11-07 08:27:41 | 000,000,077 | ---- | C] () -- C:\Documents and Settings\xxx\Pulpit\forum komputerowe.url
[2013-11-05 13:10:57 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013-11-05 13:10:57 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013-11-05 13:10:57 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013-11-05 13:10:57 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013-11-05 13:10:57 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013-11-03 13:11:52 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\xxx\Pulpit\Eusing Free Registry Cleaner.lnk
[2013-09-03 13:51:48 | 000,428,592 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-11-03 15:03:31 | 000,401,408 | ---- | C] ( ) -- C:\WINDOWS\System32\lexlog.dll
[2012-11-03 15:02:13 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabusb1.dll
[2012-11-03 15:02:13 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabpmui.dll
[2012-11-03 15:02:13 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabiesc.dll
[2012-11-03 15:02:12 | 001,044,480 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabserv.dll
[2012-11-03 15:02:12 | 000,905,216 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabip1.dll
[2012-11-03 15:02:12 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabcomc.dll
[2012-11-03 15:02:12 | 000,593,920 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabcoms.exe
[2012-11-03 15:02:12 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lmablmpm.dll
[2012-11-03 15:02:12 | 000,479,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabpar1.dll
[2012-11-03 15:02:12 | 000,450,560 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabiobj.dll
[2012-11-03 15:02:12 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabcomm.dll
[2012-11-03 15:02:12 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabinpa.dll
[2012-11-03 15:02:12 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lmabhcp.dll
[2012-02-12 20:04:39 | 000,000,448 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012-02-11 12:49:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxeavs.dll
[2012-02-11 12:49:29 | 000,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacoin.dll
[2012-02-11 12:49:25 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxeagcfg.dll
[2012-02-11 12:49:24 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxeacui.dll
[2012-02-11 12:49:24 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxeacuir.dll
[2012-02-11 12:47:51 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\System32\lxearwrd.ini
[2012-02-11 12:47:41 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeausb1.dll
[2012-02-11 12:47:41 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeainpa.dll
[2012-02-11 12:47:41 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\LXEAhcp.dll
[2012-02-11 12:47:41 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaiesc.dll
[2012-02-11 12:47:41 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\LXEAinst.dll
[2012-02-11 12:47:40 | 001,048,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaserv.dll
[2012-02-11 12:47:40 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeahbn3.dll
[2012-02-11 12:47:40 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeapmui.dll
[2012-02-11 12:47:40 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxealmpm.dll
[2012-02-11 12:47:40 | 000,324,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaih.exe
[2012-02-11 12:47:40 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\lxeains.dll
[2012-02-11 12:47:40 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lxeainsb.dll
[2012-02-11 12:47:40 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxeainsr.dll
[2012-02-11 12:47:40 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\lxeajswr.dll
[2012-02-11 12:47:39 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacomc.dll
[2012-02-11 12:47:39 | 000,598,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacoms.exe
[2012-02-11 12:47:39 | 000,373,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacfg.exe
[2012-02-11 12:47:39 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacomm.dll
[2012-02-11 12:47:39 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\lxeacu.dll
[2012-02-11 12:47:39 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxeagrd.dll
[2012-02-11 12:47:39 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\lxeacub.dll
[2012-02-11 12:47:39 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxeacur.dll
[2011-12-11 13:41:42 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\LXEAsmr.dll
[2011-12-11 13:41:41 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LXEAsm.dll
[2011-11-11 11:42:55 | 000,028,672 | ---- | C] () -- C:\WINDOWS\hookdllX.dll
[2011-11-11 11:42:55 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2010-09-23 13:28:06 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\xxx\Dane aplikacji\$_hpcst$.hpc
[2010-09-23 13:24:38 | 004,509,360 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2008-05-26 20:56:17 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\xxx\PUTTY.RND
[2007-03-19 17:39:11 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache
[2006-09-04 10:17:41 | 000,099,328 | ---- | C] () -- C:\Documents and Settings\xxx\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-03-31 16:03:30 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\xxx\default.pls
[2005-11-01 19:33:32 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\xxx\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2005-10-09 17:49:20 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 21:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008-04-14 21:50:32 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-14 21:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-09-03 12:21:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2010-06-19 14:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2013-11-04 10:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Doctor Web
[2012-01-16 12:02:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPLAN
[2012-01-29 13:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-05-12 18:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2012-01-10 17:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Lexmark S300-S400 Series
[2010-12-06 14:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-12-06 14:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache
[2008-02-10 11:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2012-01-12 19:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle
[2008-09-04 17:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle Studio Ultimate
[2009-05-12 18:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Recisio
[2010-09-23 13:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2011-01-17 16:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SGP Systems
[2008-03-10 17:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SmartSound Software Inc
[2010-05-03 09:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Spamihilator
[2008-11-24 10:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2013-09-03 12:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2013-07-12 12:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Western Digital
[2013-09-03 12:43:28 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2013-09-03 12:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2013-09-03 12:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{6C784BD0-F8BE-4F53-8572-55AF6E559817}
[2013-09-03 12:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013-09-03 12:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{92E7A367-8E12-4830-AA70-29C32E331A81}
[2013-09-03 12:43:28 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013-05-25 18:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\.minecraft
[2011-12-11 15:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\.oit
[2011-01-16 22:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\BaltieProject
[2009-10-12 09:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\Broad Intelligence
[2013-10-05 17:39:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\com.nowaera.NZ8GB
[2013-11-07 08:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\DAEMON Tools Lite
[2007-05-03 09:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\Gadu-Gadu
[2009-05-10 10:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\GanymedeNet
[2009-09-24 16:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\GARMIN
[2008-12-30 18:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\GetRightToGo
[2006-04-20 07:40:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\InterVideo
[2009-09-02 17:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\ipla
[2009-06-09 09:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\Microgaming
[2005-11-04 11:15:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\Music Recognition
[2011-12-11 15:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\NewSoft
[2011-01-16 22:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\SGP Systems
[2013-11-05 11:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\Spamihilator
[2005-11-21 14:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\Spik
[2009-11-25 10:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\TeamViewer
[2013-04-28 14:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\teczkaView
[2013-09-03 12:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\TuneUp Software
[2009-05-24 10:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Dane aplikacji\XnView
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:7E95B6FD
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:430C6D84
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2

< End of report >