OTL logfile created on: 2014-04-25 16:58:14 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\TELETEDb\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,50 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 85,73% Memory free 7,32 Gb Paging File | 6,93 Gb Available in Paging File | 94,66% Paging File free Paging file location(s): C:\pagefile.sys 4096 4096 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 51,39 Gb Total Space | 25,48 Gb Free Space | 49,58% Space Free | Partition Type: NTFS Drive D: | 97,65 Gb Total Space | 0,84 Gb Free Space | 0,87% Space Free | Partition Type: NTFS Computer Name: TELETED-BIURO | User Name: TELETEDb | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-04-25 16:54:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TELETEDb\Moje dokumenty\Pobieranie\OTL.exe PRC - [2014-01-03 02:46:10 | 030,714,328 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Dropbox\bin\Dropbox.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-01-03 02:45:04 | 003,558,400 | ---- | M] () -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Dropbox\bin\wxmsw28uh_vc.dll MOD - [2013-12-18 20:43:08 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL MOD - [2013-10-19 01:55:02 | 025,100,288 | ---- | M] () -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Dropbox\bin\libcef.dll MOD - [2001-07-31 11:17:12 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL [color=#E56717]========== Services (SafeList) ==========[/color] [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2014-01-20 18:42:05 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon) DRV - [2013-06-16 14:38:16 | 000,128,672 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2012-09-18 11:32:09 | 000,044,240 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fsbts.sys -- (fsbts) DRV - [2010-11-06 14:11:12 | 000,035,008 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\libusb0.sys -- (libusb0) DRV - [2010-08-12 11:44:06 | 000,071,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2010-02-11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2009-06-25 00:27:37 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2008-04-13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2006-10-18 16:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata) DRV - [2006-06-18 23:51:32 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006-03-02 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2006-03-02 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2006-01-12 13:46:28 | 000,252,928 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73) DRV - [2000-01-01 02:00:00 | 005,444,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2000-01-01 02:00:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2000-01-01 02:00:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2000-01-01 02:00:00 | 000,168,040 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts) DRV - [2000-01-01 02:00:00 | 000,013,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-220523388-1364589140-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=0334A969712347DCCA141D50AE2A6E70 IE - HKU\S-1-5-21-220523388-1364589140-725345543-1004\..\SearchScopes,DefaultScope = {7241AF51-111A-435B-8ED8-7447EDD707C2} IE - HKU\S-1-5-21-220523388-1364589140-725345543-1004\..\SearchScopes\{7241AF51-111A-435B-8ED8-7447EDD707C2}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms} IE - HKU\S-1-5-21-220523388-1364589140-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-220523388-1364589140-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2014-04-23 11:38:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Mozilla\Extensions [2010-01-13 14:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2014-03-29 11:52:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-03-29 11:52:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2014-04-07 15:50:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O3 - HKU\S-1-5-21-220523388-1364589140-725345543-1004\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - Startup: C:\Documents and Settings\TELETEDb\Menu Start\Programy\Autostart\Dropbox.lnk = C:\Documents and Settings\TELETEDb\Dane aplikacji\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-220523388-1364589140-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-220523388-1364589140-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-220523388-1364589140-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-220523388-1364589140-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - Reg Error: Key error. File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-220523388-1364589140-725345543-1004\..Trusted Domains: mks.com.pl ([]http in Zaufane witryny) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1347963978703 (WUWebControl Class) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (Reg Error: Key error.) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1349190663281 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.55.2) O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.55.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23A09394-787F-44AC-843B-1AD36DBEBBE6}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A4CC232-D265-4B43-B0E3-C23DC26AA5CF}: NameServer = 194.204.152.34,194.204.159.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\TELETEDb\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\TELETEDb\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2009-06-25 00:10:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-04-25 16:55:04 | 000,000,000 | ---D | C] -- C:\FRST [2014-04-23 14:17:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TELETEDb\Moje dokumenty\Nowy folder [2014-04-23 13:12:04 | 001,177,088 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libeay32.dll [2014-04-23 13:12:04 | 000,270,336 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssleay32.dll [2014-04-23 13:12:04 | 000,270,336 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libssl32.dll [2014-04-23 12:04:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Hellcore Mailer [2014-04-22 17:27:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Package Cache [2014-04-22 17:16:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TELETEDb\Ustawienia lokalne\Dane aplikacji\Opera Software [2014-04-22 17:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Opera Software [2014-04-22 17:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2014-04-22 16:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TELETEDb\Moje dokumenty\Pobieranie [2014-04-22 15:57:16 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2014-04-22 15:57:16 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2014-04-22 15:57:09 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2014-04-22 15:57:09 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2014-04-22 15:57:09 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2014-04-22 15:57:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java [2014-04-22 13:12:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TELETEDb\Ustawienia lokalne\Dane aplikacji\Microsoft_Corporation [2014-04-19 13:42:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp [2014-04-19 12:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles [2014-04-19 12:43:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA [2014-04-19 12:36:37 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2014-04-19 12:24:29 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll [2014-04-09 11:28:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Learnpulse [2014-04-08 13:40:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Thunderbird [2014-04-07 12:54:39 | 001,419,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01005.dll [2014-04-07 12:47:45 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr90.dll [2014-04-07 12:47:45 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp90.dll [2014-04-07 12:47:45 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcm90.dll [2014-04-07 12:47:29 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll [2014-04-07 12:45:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\LGMOBILEAX [2014-04-01 10:02:43 | 000,000,000 | ---D | C] -- C:\d232bde085d1c3d1106c9d [2014-03-29 11:52:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014-03-27 10:47:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xp_eos.exe [2014-03-27 10:47:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xp_eos.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-04-25 16:52:43 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job [2014-04-25 16:52:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014-04-25 16:31:35 | 000,007,516 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps [2014-04-25 13:04:38 | 3757,654,016 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2014-04-23 17:37:03 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2014-04-22 17:17:14 | 000,629,596 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2014-04-22 17:17:14 | 000,543,664 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2014-04-22 17:17:14 | 000,135,386 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2014-04-22 17:17:14 | 000,104,438 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2014-04-22 16:21:13 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\TELETEDb\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-04-22 12:26:33 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2014-04-22 12:26:32 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2014-04-22 09:49:49 | 001,425,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2014-04-19 12:43:39 | 001,122,776 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2014-04-19 12:43:39 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2014-04-19 12:41:48 | 001,122,776 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2014-04-19 12:15:39 | 000,000,036 | ---- | M] () -- C:\WINDOWS\iltwain.ini [2014-04-15 10:09:54 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif [2014-04-14 20:13:52 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2014-04-14 20:05:11 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2014-04-14 20:05:06 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2014-04-14 20:04:29 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2014-04-14 19:47:42 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2014-04-10 10:37:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2014-04-08 15:00:07 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job [2014-04-08 07:26:36 | 000,270,336 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssleay32.dll [2014-04-08 07:26:36 | 000,270,336 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libssl32.dll [2014-04-08 07:26:22 | 001,177,088 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libeay32.dll [2014-04-07 16:01:20 | 000,002,411 | ---- | M] () -- C:\WINDOWS\System32\lgAxconfig.ini [2014-04-07 15:03:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_lgandnetadb_01005.Wdf [2014-04-07 15:03:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf [2014-04-04 16:16:12 | 001,385,078 | ---- | M] () -- C:\Documents and Settings\TELETEDb\Pulpit\nowa wersja Umowy Agencyjno-Przedstawicielskiej.eml [2014-04-04 12:04:43 | 000,022,328 | ---- | M] () -- C:\Documents and Settings\TELETEDb\Dane aplikacji\PnkBstrK.sys [2014-03-31 13:59:20 | 000,013,169 | ---- | M] () -- C:\Documents and Settings\TELETEDb\Moje dokumenty\ZESTAWIENI KOREKT ZAKUPU 21-03-2014.ods [2014-03-31 13:43:02 | 000,012,626 | ---- | M] () -- C:\Documents and Settings\TELETEDb\Moje dokumenty\ZESTAWIENI KOREKT ZAKUPU 07-03-2014.ods [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-04-25 09:30:25 | 000,001,715 | ---- | C] () -- C:\Documents and Settings\TELETEDb\Pulpit\Mozilla Thunderbird.lnk [2014-04-23 10:51:00 | 000,206,722 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-220523388-1364589140-725345543-1004-0.dat [2014-04-22 17:54:25 | 000,206,722 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2014-04-22 17:15:56 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2014-04-22 16:21:12 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\TELETEDb\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-04-22 13:14:52 | 000,106,632 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2014-04-22 13:07:03 | 026,126,705 | ---- | C] () -- C:\Documents and Settings\TELETEDb\Pulpit\Adobe.Photoshop.CS3.PL.Podrecznik.uzytkownika.pdf [2014-04-22 12:17:18 | 001,385,078 | ---- | C] () -- C:\Documents and Settings\TELETEDb\Pulpit\nowa wersja Umowy Agencyjno-Przedstawicielskiej.eml [2014-04-07 15:03:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_lgandnetadb_01005.Wdf [2014-04-07 15:03:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf [2014-04-07 12:47:29 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll [2014-04-07 12:47:29 | 000,002,411 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini [2014-04-04 12:04:43 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\TELETEDb\Dane aplikacji\PnkBstrK.sys [2014-03-31 13:59:20 | 000,013,169 | ---- | C] () -- C:\Documents and Settings\TELETEDb\Moje dokumenty\ZESTAWIENI KOREKT ZAKUPU 21-03-2014.ods [2014-03-31 13:43:01 | 000,012,626 | ---- | C] () -- C:\Documents and Settings\TELETEDb\Moje dokumenty\ZESTAWIENI KOREKT ZAKUPU 07-03-2014.ods [2014-03-29 10:56:42 | 000,000,228 | ---- | C] () -- C:\WINDOWS\tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job [2014-03-29 10:56:41 | 000,000,222 | ---- | C] () -- C:\WINDOWS\tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job [2014-01-20 18:47:39 | 000,000,036 | ---- | C] () -- C:\WINDOWS\iltwain.ini [2014-01-20 18:47:34 | 000,009,391 | ---- | C] () -- C:\WINDOWS\System32\dymourl.ini [2014-01-20 18:47:07 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\DYMOCFG.DLL [2014-01-20 16:01:47 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\TELETEDb\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2013-11-07 16:33:25 | 000,217,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2013-11-07 15:59:08 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\TELETEDb\Ustawienia lokalne\Dane aplikacji\PUTTY.RND [2013-10-25 12:46:37 | 000,025,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT [2013-10-25 11:39:48 | 000,013,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys [2013-06-26 15:30:59 | 000,000,248 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat [2013-06-26 13:24:22 | 000,000,305 | ---- | C] () -- C:\WINDOWS\System32\secushr.dat [2013-06-26 12:32:32 | 000,000,025 | ---- | C] () -- C:\WINDOWS\emcore.INI [2013-04-03 13:24:13 | 000,002,436 | ---- | C] () -- C:\Documents and Settings\TELETEDb\Ustawienia lokalne\Dane aplikacji\recently-used.xbel [2012-11-22 15:40:35 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat [2012-10-18 13:52:26 | 001,122,776 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2012-10-18 13:52:26 | 001,122,776 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2012-10-18 13:52:26 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2012-09-18 11:32:09 | 000,044,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys [2012-06-06 10:40:55 | 000,000,060 | ---- | C] () -- C:\WINDOWS\mag_zes.ini [2011-07-08 17:40:26 | 000,017,000 | ---- | C] () -- C:\Documents and Settings\TELETEDb\Menu Start.rar [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-06-25 02:08:06 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009-04-29 06:35:21 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 19:20:57 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-11-22 15:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CPA_VA [2013-05-29 10:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InsERT [2014-04-19 12:28:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LGMOBILEAX [2014-04-23 11:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Package Cache [2012-11-22 15:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Ad-Aware Antivirus [2013-07-09 16:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\BITS [2014-03-17 12:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\BitSpirit [2012-11-22 15:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\blekko [2014-04-25 16:53:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Dropbox [2014-04-09 11:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\FileZilla [2013-06-26 12:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\FlashgetSetup [2010-03-10 13:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Gadu-Gadu [2009-07-03 12:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Genie-Soft [2011-03-01 11:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\GHISLER [2014-04-23 12:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Hellcore Mailer [2014-01-20 14:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\InsERT GT [2014-01-20 14:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\InsERT Sello [2014-04-19 12:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Learnpulse [2013-10-25 15:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\OpenOffice [2009-07-09 12:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\OpenOffice.org [2014-04-22 17:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Opera Software [2012-06-21 12:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Oracle [2014-04-10 17:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Thunderbird [2013-11-16 12:52:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Unity [2014-01-20 15:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Windows Desktop Search [2014-01-21 12:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\Windows Search [2011-11-18 17:46:06 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\TELETEDb\Dane aplikacji\winn [color=#E56717]========== Purity Check ==========[/color] < End of report >