OTL logfile created on: 2013-12-23 17:22:13 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\michal\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 510,42 Mb Total Physical Memory | 160,85 Mb Available Physical Memory | 31,51% Memory free 1,22 Gb Paging File | 0,91 Gb Available in Paging File | 75,02% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,33 Gb Total Space | 6,86 Gb Free Space | 9,23% Space Free | Partition Type: NTFS Drive G: | 26,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: STANIU | User Name: michal | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-12-22 21:56:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\michal\Pulpit\OTL.exe PRC - [2013-12-21 12:59:07 | 000,259,424 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files\blueconnect\DataCardMonitor.exe PRC - [2013-08-30 08:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013-08-30 08:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011-03-26 16:50:58 | 000,116,064 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Documents and Settings\michal\Dane aplikacji\blueconnect\ouc.exe PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005-09-13 09:01:18 | 000,266,240 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe PRC - [2005-09-13 09:01:08 | 000,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe PRC - [2005-09-06 13:04:52 | 000,671,744 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\Toshiba\E-KEY\CeEKey.exe PRC - [2005-09-03 15:18:30 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2005-08-30 12:21:36 | 001,077,328 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Touch and Launch\PadExe.exe PRC - [2005-08-25 18:11:58 | 000,053,248 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\Toshiba\TouchPad\TPTray.exe PRC - [2005-08-22 15:49:28 | 000,028,672 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\TCtrlIOHook.exe PRC - [2005-08-06 10:18:38 | 000,978,944 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe PRC - [2005-06-06 08:58:44 | 000,024,576 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\ZoomingHook.exe PRC - [2005-05-18 10:31:52 | 000,184,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe PRC - [2005-05-13 10:03:16 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe PRC - [2005-04-12 11:04:18 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe PRC - [2005-04-05 15:25:34 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Tvs\TvsTray.exe PRC - [2005-01-18 00:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe PRC - [2004-12-14 13:44:06 | 000,029,696 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe PRC - [2004-08-28 08:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe PRC - [2004-08-28 08:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe PRC - [2004-08-22 16:05:02 | 000,081,920 | ---- | M] (DAEMON'S HOME) -- C:\Program Files\D-Tools\daemon.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-12-11 12:36:30 | 002,244,096 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13121100\algo.dll MOD - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe MOD - [2007-04-15 14:11:32 | 000,049,852 | ---- | M] () -- C:\WINDOWS\system32\pdf995mon.dll MOD - [2005-06-20 09:24:48 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\TPeculiarity.dll MOD - [2005-06-13 08:11:00 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\TCtrlIO.dll MOD - [2005-06-06 08:51:24 | 000,024,576 | ---- | M] () -- C:\Program Files\Toshiba\TouchPad\TPECioctl.dll MOD - [2005-06-06 08:39:40 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\EKECioCtl.dll MOD - [2005-06-03 18:32:00 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\EBLib.DLL MOD - [2004-08-22 16:04:56 | 000,069,120 | ---- | M] () -- C:\WINDOWS\daemon.dll MOD - [2004-07-20 16:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll MOD - [2003-12-30 20:52:00 | 000,007,168 | ---- | M] () -- C:\Program Files\D-Tools\Plugins\Images\bw5mount.dll MOD - [2001-07-31 11:17:12 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [Auto | Stopped] -- crypserv.exe -- (Crypkey License) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013-08-30 08:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2011-11-21 20:57:44 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe) SRV - [2005-01-18 00:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2004-09-29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2004-08-28 08:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\michal\USTAWI~1\Temp\pnicml.sys -- (pnicml) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm) DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass) DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013-08-30 08:48:13 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013-08-30 08:48:13 | 000,177,864 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013-08-30 08:48:13 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013-08-30 08:48:12 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013-08-30 08:48:12 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2013-08-30 08:48:12 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013-08-30 08:48:11 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013-08-30 08:48:11 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012-08-21 10:13:14 | 000,018,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd) DRV - [2011-02-25 18:02:26 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - [2011-01-30 18:19:00 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2010-12-24 11:48:26 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010-11-24 12:28:38 | 000,013,024 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewfiltertdidriver.sys -- (filtertdidriver) DRV - [2010-07-27 09:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2010-06-03 11:18:44 | 000,036,352 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt) DRV - [2009-04-01 00:09:16 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009-04-01 00:09:16 | 000,011,904 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009-04-01 00:09:14 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2008-07-08 13:55:56 | 000,121,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdmdm.sys -- (lgmdmdm) DRV - [2008-07-08 13:55:56 | 000,114,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdmgmt.sys -- (lgmdmgmt) DRV - [2008-07-08 13:55:56 | 000,111,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdobex.sys -- (lgmdobex) DRV - [2008-07-08 13:55:56 | 000,089,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdbus.sys -- (lgmdbus) DRV - [2008-07-08 13:55:56 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdmdfl.sys -- (lgmdmdfl) DRV - [2005-09-29 18:01:51 | 000,066,048 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) DRV - [2005-08-10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2005-08-04 07:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005-07-29 08:55:46 | 000,030,592 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs) DRV - [2005-06-23 17:16:08 | 000,162,176 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2005-06-21 06:08:44 | 002,324,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) DRV - [2005-06-03 18:49:42 | 000,009,600 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav) DRV - [2005-06-02 11:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf) DRV - [2005-05-16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) DRV - [2005-04-30 15:01:56 | 003,281,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) DRV - [2005-03-24 15:36:54 | 000,008,192 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec) DRV - [2005-03-05 13:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005-03-04 19:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp) DRV - [2004-11-16 00:22:08 | 000,101,874 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2004-08-22 15:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\d347prt.sys -- (d347prt) DRV - [2004-08-22 15:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\d347bus.sys -- (d347bus) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) DRV - [2004-07-30 14:05:08 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSIOMngr.sys -- (SrvcSSIOMngr) DRV - [2003-09-19 00:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc) DRV - [2003-01-29 22:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) DRV - [2000-11-25 10:38:48 | 000,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\KMM4XNT.SYS -- (Kmm4xNT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/ IE - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.pl/ IE - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_plPL407 IE - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = http://badoo.com/startpage/?source=bsb&q={searchTerms} IE - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2139138 IE - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2013-12-23 06:00:56 | 000,000,000 | ---D | M] FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) [2012-01-06 13:43:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\michal\Dane aplikacji\Mozilla\Firefox\extensions [2012-01-06 13:43:48 | 000,000,000 | ---D | M] (PC Gear EN Generic Community Toolbar) -- C:\Documents and Settings\michal\Dane aplikacji\Mozilla\Firefox\extensions\{3796e649-4334-4cbf-89d3-a927554ad438} [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - Extension: Google Wallet = C:\Documents and Settings\michal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\ O1 HOSTS File: ([2004-08-04 11:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CeEKEY] C:\Program Files\Toshiba\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.) O4 - HKLM..\Run: [DAEMON Tools-1033] C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME) O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\blueconnect\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.) O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [PadTouch] C:\Program Files\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA) O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA) O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA) O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found O4 - HKLM..\Run: [TPNF] C:\Program Files\Toshiba\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.) O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Zooming] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA) O4 - HKU\S-1-5-21-3959863898-355217972-3840397993-1006..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-3959863898-355217972-3840397993-1006..\Run: [HW_OPENEYE_OUC_blueconnect] C:\Program Files\blueconnect\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.) O4 - HKU\S-1-5-21-3959863898-355217972-3840397993-1006..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\EPSON Background Monitor.lnk = File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3959863898-355217972-3840397993-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\NPJPI150_03.dll (Sun Microsystems, Inc.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} http://www.eska.pl/streamplayers/OggX.ocx (OggX Control) O16 - DPF: {1F831FAC-42FC-11D4-95A6-0080AD30DCE1} file://C:\Program Files\AutoCAD LT 2002 Plk\InstFred.ocx (InstaFred) O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file://C:\Program Files\AutoCAD LT 2002 Plk\AcDcToday.ocx (AcDcToday) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03) O16 - DPF: {AE56372C-B4F5-11D4-A415-00108302FDFD} file://C:\Program Files\AutoCAD LT 2002 Plk\InstBanr.ocx (NOXLATE-BANR) O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab (Microsoft Download Manager ActiveX control) O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file://C:\Program Files\AutoCAD LT 2002 Plk\AcPreview.ocx (AcPreview Control) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3959863898-355217972-3840397993-1006 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\michal\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\michal\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005-09-26 12:47:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () - G:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2011-05-05 15:33:19 | 000,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{2a8068b4-6a2f-11e3-83cf-0013ceea30c1}\Shell - "" = AutoRun O33 - MountPoints2\{2a8068b4-6a2f-11e3-83cf-0013ceea30c1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{2c8d96df-1165-11df-9418-0013ceea30c1}\Shell - "" = AutoRun O33 - MountPoints2\{2c8d96df-1165-11df-9418-0013ceea30c1}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{2d33ef93-6b36-11e3-83d5-0013ceea30c1}\Shell - "" = AutoRun O33 - MountPoints2\{2d33ef93-6b36-11e3-83d5-0013ceea30c1}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{4a10813e-a7b9-11dc-86e9-000fb0d7ad52}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe O33 - MountPoints2\{4a10813e-a7b9-11dc-86e9-000fb0d7ad52}\Shell\Open(&0)\command - "" = E:\Recycled\ctfmon.exe O33 - MountPoints2\{4b5db395-6754-11df-953d-0013ceea30c1}\Shell - "" = AutoRun O33 - MountPoints2\{4b5db395-6754-11df-953d-0013ceea30c1}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{4c8c0bf0-4189-11dc-864e-000fb0d7ad52}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe O33 - MountPoints2\{4c8c0bf0-4189-11dc-864e-000fb0d7ad52}\Shell\Open(&0)\command - "" = Recycled\ctfmon.exe O33 - MountPoints2\{6f0fc114-042b-11df-93e0-0013ceea30c1}\Shell - "" = AutoRun O33 - MountPoints2\{6f0fc114-042b-11df-93e0-0013ceea30c1}\Shell\AutoRun\command - "" = F:\Install.exe O33 - MountPoints2\{9f76d5ee-df2a-11dd-9182-0013ceea30c1}\Shell - "" = AutoRun O33 - MountPoints2\{9f76d5ee-df2a-11dd-9182-0013ceea30c1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{a902b6e4-dcae-11e0-9991-0013ceea30c1}\Shell - "" = AutoRun O33 - MountPoints2\{a902b6e4-dcae-11e0-9991-0013ceea30c1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{b865e936-df30-11dd-9184-0013ceea30c1}\Shell - "" = AutoRun O33 - MountPoints2\{b865e936-df30-11dd-9184-0013ceea30c1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{b865e938-df30-11dd-9184-0013ceea30c1}\Shell - "" = AutoRun O33 - MountPoints2\{b865e938-df30-11dd-9184-0013ceea30c1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{fe9c9f44-e016-11dd-9187-0013ceea30c1}\Shell - "" = AutoRun O33 - MountPoints2\{fe9c9f44-e016-11dd-9187-0013ceea30c1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{fe9c9f45-e016-11dd-9187-0013ceea30c1}\Shell - "" = AutoRun O33 - MountPoints2\{fe9c9f45-e016-11dd-9187-0013ceea30c1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-12-22 21:56:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\michal\Pulpit\OTL.exe [2013-12-22 19:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\blueconnect [2013-12-22 19:22:49 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys [2013-12-22 19:22:49 | 000,235,392 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys [2013-12-22 19:22:49 | 000,193,792 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys [2013-12-22 19:22:49 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_hwusbdev.sys [2013-12-22 19:22:49 | 000,090,368 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcacm.sys [2013-12-22 19:22:49 | 000,073,216 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-12-22 19:22:49 | 000,064,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcecm.sys [2013-12-22 19:22:49 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_juextctrl.sys [2013-12-22 19:22:49 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys [2013-12-22 19:22:49 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_hwupgrade.sys [2013-12-22 19:22:49 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [2013-12-21 13:12:05 | 000,013,024 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewfiltertdidriver.sys [2013-12-13 19:49:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\michal\Recent [2013-12-10 16:06:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\michal\Pulpit\PWIK Będzin, Grodziec [2013-12-01 09:57:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\michal\Pulpit\AIP UKBB, 13122012 [2012-07-01 16:51:40 | 017,312,632 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 13.0.1.exe [2012-05-26 07:47:28 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.61.0.1400.exe [2010-08-15 16:18:10 | 041,507,904 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\freedwgviewer.exe [2009-11-28 10:25:18 | 001,324,824 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wmp6cdcs.exe [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-12-23 19:07:33 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{CBA24726-D812-4289-9735-3490289D667C}.job [2013-12-23 17:20:29 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013-12-23 17:19:27 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-12-23 17:19:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-12-23 17:19:04 | 535,285,760 | -HS- | M] () -- C:\hiberfil.sys [2013-12-23 04:16:49 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013-12-22 21:56:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\michal\Pulpit\OTL.exe [2013-12-22 19:23:39 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\blueconnect.lnk [2013-12-17 13:06:52 | 000,501,042 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-12-17 13:06:52 | 000,441,960 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-12-17 13:06:52 | 000,089,538 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-12-17 13:06:52 | 000,071,896 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013-12-07 19:34:59 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-12-22 19:23:39 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\blueconnect.lnk [2013-12-13 20:41:44 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2013-06-28 17:14:05 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum [2013-06-28 17:14:03 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum [2013-06-28 17:14:01 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum [2013-03-23 08:54:20 | 000,177,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys [2013-03-23 08:54:17 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys [2012-09-02 11:25:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Viewer.INI [2012-06-03 07:48:18 | 001,402,880 | ---- | C] () -- C:\Program Files\HiJackThis.msi [2012-02-16 20:26:08 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-01-16 18:41:54 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2012-01-16 18:41:54 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2012-01-16 18:41:53 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2011-11-20 20:21:16 | 000,005,257 | ---- | C] () -- C:\Documents and Settings\michal\Rysunek1_recover.dwg [2011-11-20 20:21:16 | 000,000,222 | ---- | C] () -- C:\Documents and Settings\michal\aclt.err [2011-11-20 20:21:08 | 000,007,307 | ---- | C] () -- C:\Documents and Settings\michal\acltstk.dmp [2011-11-16 20:21:10 | 061,657,056 | ---- | C] () -- C:\Program Files\setup_av_free.exe [2011-09-13 20:48:06 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ReminderNextRun [2011-05-08 10:59:28 | 019,818,600 | ---- | C] () -- C:\Program Files\DWGTrueConvert.exe [2010-08-20 19:37:04 | 024,669,088 | ---- | C] () -- C:\Program Files\gg10.exe [2008-04-11 07:53:44 | 003,858,985 | ---- | C] () -- C:\Program Files\eMule0.48a-Installer.exe [2008-03-22 12:09:05 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\michal\Dane aplikacji\PnkBstrK.sys [2007-04-15 14:11:27 | 001,376,768 | ---- | C] () -- C:\Program Files\pdf995s.exe [2007-04-15 14:10:57 | 003,276,800 | ---- | C] () -- C:\Program Files\ps2pdf995.exe [2006-03-26 14:47:04 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\michal\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-03-24 08:16:20 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\michal\default.pls [2006-03-22 12:19:38 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\michal\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2005-09-26 12:54:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 18:20:47 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 18:20:57 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2011-11-21 20:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2011-11-16 20:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2011-11-23 16:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Badoo [2013-12-22 19:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService [2010-05-17 17:14:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2007-12-12 14:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IC_Katalog [2010-08-20 19:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2012-07-10 17:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedyPC Software [2005-09-26 14:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\toshiba [2011-11-19 16:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\Austrotherm [2012-05-27 11:40:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\Autodesk [2011-09-11 20:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\blueconnect [2012-07-09 11:18:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\DriverCure [2007-08-03 06:37:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\Gadu-Gadu [2009-12-15 11:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\Gadu-Gadu 10 [2007-08-05 18:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\Image Zone Express [2010-07-08 19:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\INTERsoft [2006-03-25 10:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\InterVideo [2006-05-15 21:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\Kingston [2010-05-17 17:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\LG Electronics [2010-08-20 19:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\OpenFM [2007-04-15 14:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\pdf995 [2013-02-27 14:10:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\Podatnik.info [2011-04-17 17:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\PriceGong [2007-12-12 14:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\Profis [2010-01-18 13:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\Program Files [2012-03-24 10:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\Rockwool_EiU [2012-07-09 11:18:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\SpeedyPC Software [2007-09-30 08:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\michal\Dane aplikacji\toshiba [color=#E56717]========== Purity Check ==========[/color] < End of report >