OTL logfile created on: 2014-06-03 13:13:18 - Run 1 OTL by OldTimer - Version 3.2.69.0     Folder = D:\Pliki załadowane Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd   1,50 Gb Total Physical Memory | 0,86 Gb Available Physical Memory | 57,23% Memory free 3,35 Gb Paging File | 2,71 Gb Available in Paging File | 80,77% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]   %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 7,50 Gb Free Space | 25,60% Space Free | Partition Type: NTFS Drive D: | 45,23 Gb Total Space | 31,80 Gb Free Space | 70,32% Space Free | Partition Type: NTFS Drive G: | 599,14 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS   Computer Name: MB-188B048854B8 | User Name: mb | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days   [color=#E56717]========== Processes (SafeList) ==========[/color]   PRC - [2014-08-30 18:00:16 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2014-08-25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe PRC - [2014-08-25 11:40:08 | 000,846,864 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2014\avgrsx.exe PRC - [2014-08-25 11:39:18 | 000,643,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe PRC - [2014-08-25 11:39:12 | 000,838,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe PRC - [2014-08-25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe PRC - [2014-08-25 11:37:18 | 005,188,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe PRC - [2014-08-25 11:31:58 | 000,657,936 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe PRC - [2014-06-03 13:12:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Pliki załadowane\OTL.exe PRC - [2014-05-08 01:29:35 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2013-01-18 13:51:24 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2013-01-18 13:51:24 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2011-07-13 08:46:12 | 000,163,840 | R--- | M] (Microsoft) -- C:\Program Files\USB 2.0 PC CAMERA\Camera Snap.exe PRC - [2010-01-22 00:47:36 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe PRC - [2005-03-14 13:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe     [color=#E56717]========== Modules (No Company Name) ==========[/color]   MOD - [2014-05-08 01:29:33 | 000,390,472 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.137\ppgooglenaclpluginchrome.dll MOD - [2014-05-08 01:29:31 | 004,081,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.137\pdf.dll MOD - [2014-05-08 01:29:26 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll MOD - [2014-05-08 01:29:24 | 000,065,352 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll MOD - [2013-06-05 12:08:53 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll MOD - [2011-10-04 23:42:36 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\custmon32i.dll MOD - [2010-01-22 00:47:36 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll     [color=#E56717]========== Services (SafeList) ==========[/color]   SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe -- (vToolbarUpdater18.1.9) SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2014-08-30 18:00:16 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2014-08-25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent) SRV - [2014-08-25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd) SRV - [2014-07-10 14:56:41 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-01-05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe -- (AxAutoMntSrv) SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2005-03-14 13:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)     [color=#E56717]========== Driver Services (SafeList) ==========[/color]   DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump) DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - File not found [Kernel | System | Stopped] --  -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] --  -- (ad0yujqm) DRV - [2014-08-12 17:43:51 | 000,042,784 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp) DRV - [2014-08-06 10:49:48 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2014-07-21 21:03:50 | 000,191,256 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverlx.sys -- (AVGIDSDriverl) DRV - [2014-06-30 12:43:12 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx) DRV - [2014-06-17 16:22:02 | 000,188,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2014-06-17 16:21:22 | 000,197,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2014-06-17 16:18:00 | 000,241,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx) DRV - [2014-06-17 16:17:58 | 000,147,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2014-06-17 16:06:22 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2014-06-17 16:06:20 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2012-10-07 20:21:05 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2011-11-25 09:07:04 | 000,038,784 | R--- | M] (usb camera) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbcamcl.sys -- (usbcamcl) DRV - [2010-01-22 00:47:36 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3132r5.sys -- (Si3132r5) DRV - [2010-01-22 00:47:36 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3531.sys -- (Si3531) DRV - [2010-01-22 00:47:36 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\Si3114r5.sys -- (Si3114r5) DRV - [2010-01-22 00:47:36 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3132.sys -- (Si3132) DRV - [2010-01-22 00:47:36 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3124.sys -- (Si3124) DRV - [2010-01-22 00:47:36 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2006-05-03 18:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)     [color=#E56717]========== Standard Registry (SafeList) ==========[/color]     [color=#E56717]========== Internet Explorer ==========[/color]   IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC]http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC[/url]   IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url=http://www.google.pl/]http://www.google.pl/[/url] IE - HKCU\..\SearchScopes,DefaultScope =  IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url=http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC]http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC[/url] IE - HKCU\..\SearchScopes\{26A6BE4B-B2AC-4018-920D-D7FABADEEFE6}: "URL" = [url=https://www.google.com/search?q={searchTerms}]https://www.google.com/search?q={searchTerms}[/url] IE - HKCU\..\SearchScopes\{36B7D707-D522-4D20-8762-483B349F6C38}: "URL" = [url=http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=490215B5-23E8-463D-8451-99D04C4B5117&apn_sauid=2D405B27-1C6D-41E4-8D4A-AAE52660F7EB]http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=490215B5-23E8-463D-8451-99D04C4B5117&apn_sauid=2D405B27-1C6D-41E4-8D4A-AAE52660F7EB[/url] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =     [color=#E56717]========== FireFox ==========[/color]   FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)     [2012-10-05 19:40:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mb\Dane aplikacji\Mozilla\Extensions [2013-03-10 12:40:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013-07-15 12:28:04 | 000,121,504 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll   [color=#E56717]========== Chrome  ==========[/color]   CHR - default_search_provider: Bing (Enabled) CHR - default_search_provider: search_url = [url=http://www.bing.com/search?setmkt=pl-PL&q={searchTerms}]http://www.bing.com/search?setmkt=pl-PL&q={searchTerms}[/url] CHR - default_search_provider: suggest_url = [url=http://api.bing.com/osjson.aspx?query={searchTerms}&language={language},]http://api.bing.com/osjson.aspx?query={searchTerms}&language={language},[/url] CHR - plugin: Error reading preferences file CHR - Extension: Docs = C:\Documents and Settings\mb\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\ CHR - Extension: Dysk Google = C:\Documents and Settings\mb\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: YouTube = C:\Documents and Settings\mb\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\mb\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Gmail = C:\Documents and Settings\mb\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\   O1 HOSTS File: ([2010-01-22 00:47:36 | 000,000,775 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1       localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found O4 - HKLM..\Run: [Snap] C:\Program Files\USB 2.0 PC CAMERA\Camera Snap.exe (Microsoft) O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\mb\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe" File not found O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (AQQ Sp. z o.o.) O4 - HKCU..\Run: [AVG-Secure-Search-Update_1213b] C:\Documents and Settings\mb\Dane aplikacji\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=924133cc3f7447d0ba99d1581d9d6ac0-06ce4fc639803a2e3563922518183d8e94088cb9 /CMPID=1213b File not found O4 - HKCU..\Run: [Badoo Desktop] C:\Documents and Settings\All Users\Dane aplikacji\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe File not found O4 - Startup: C:\Documents and Settings\mb\Menu Start\Programy\Autostart\OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2FAB807-CA0E-4C97-89A6-275336B0C669}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-09-28 14:35:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2005-05-25 19:02:46 | 000,264,192 | R--- | M] () - G:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [2005-05-25 19:05:41 | 000,000,044 | R--- | M] () - G:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)   [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]   [2014-08-30 18:00:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2014-08-30 18:00:50 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2014-08-30 18:00:50 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2014-08-30 18:00:33 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2014-08-30 18:00:33 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2014-08-30 18:00:33 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2014-08-30 18:00:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java [2014-08-26 09:59:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avg_Update_0814tb [2014-07-14 20:04:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mb\Ustawienia lokalne\Dane aplikacji\Adobe [2014-06-24 15:49:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2014-06-17 16:17:56 | 000,191,256 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsdriverlx.sys [2014-06-16 17:59:21 | 023,062,528 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\mb\Moje dokumenty\IE10-Windows6.1-x86-en-us.exe [2014-06-03 12:52:58 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\System32\sqlite3.dll [2014-05-27 14:44:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avg_Update_0414c [2014-05-23 12:13:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG [2014-05-12 16:42:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mb\Dane aplikacji\com.coursevector.minerva [2014-05-12 16:42:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Course Vector [2014-05-12 16:41:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2014-05-12 16:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\Course Vector [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]   [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]   [2014-09-02 15:43:56 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2014-09-02 10:42:01 | 000,057,787 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\10668253_712853148751179_1735767473_n.jpg [2014-09-02 10:41:12 | 000,065,611 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\10575936_712853105417850_353729828_n.jpg [2014-08-31 19:29:56 | 000,074,650 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\10617610_712172595485901_1977281568_n.jpg [2014-08-31 19:22:42 | 000,063,877 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\10656122_712172688819225_1451854782_n.jpg [2014-08-30 18:00:18 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2014-08-30 18:00:15 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2014-08-30 18:00:15 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2014-08-30 18:00:15 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2014-08-30 18:00:15 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2014-08-29 14:05:12 | 000,131,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2014-08-28 20:52:25 | 000,017,188 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\Buwez tytułu 1.odt [2014-08-25 21:02:01 | 000,015,173 | ---- | M] () -- C:\Documents and Settings\mb\Moje dokumenty\Bez tytułu 1.odt [2014-08-24 20:30:03 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\8cars.lnk [2014-08-23 03:12:11 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll [2014-08-23 03:02:13 | 001,881,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys [2014-08-23 03:02:13 | 001,881,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys [2014-08-16 14:34:40 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2014-08-16 14:29:07 | 000,500,074 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2014-08-16 14:29:07 | 000,441,248 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2014-08-16 14:29:07 | 000,089,380 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2014-08-16 14:29:07 | 000,071,566 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2014-08-15 13:14:06 | 000,000,288 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\xp-security-updates.zip [2014-08-12 17:43:51 | 000,042,784 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys [2014-08-06 10:49:48 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2014-08-01 15:24:21 | 000,619,155 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\Obraz zeskanowany 010.jpg [2014-08-01 15:23:15 | 000,873,966 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\Obraz zeskanowany 009.jpg [2014-08-01 15:22:29 | 000,825,922 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\Obraz zeskanowany 008.jpg [2014-08-01 15:18:40 | 001,449,220 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\Obraz zeskanowany 007.jpg [2014-07-29 07:46:28 | 006,026,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2014-07-29 07:46:28 | 001,217,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2014-07-29 07:46:28 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2014-07-29 07:46:28 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll [2014-07-29 07:46:28 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll [2014-07-29 07:46:28 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2014-07-29 07:46:28 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll [2014-07-29 07:46:28 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll [2014-07-29 07:46:28 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll [2014-07-29 07:46:28 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll [2014-07-29 07:46:28 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll [2014-07-29 07:46:28 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll [2014-07-29 07:46:28 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll [2014-07-29 07:46:28 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll [2014-07-29 07:46:28 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2014-07-29 07:46:28 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll [2014-07-29 07:46:28 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll [2014-07-29 07:46:28 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll [2014-07-29 07:46:28 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll [2014-07-29 07:46:27 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2014-07-29 07:46:27 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl [2014-07-29 07:46:27 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl [2014-07-29 07:46:27 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2014-07-29 07:46:27 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll [2014-07-29 07:46:27 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll [2014-07-29 07:46:26 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll [2014-07-29 07:46:26 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll [2014-07-29 07:46:26 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll [2014-07-29 07:46:26 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll [2014-07-28 23:21:46 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec [2014-07-28 23:21:46 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe [2014-07-28 23:21:46 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe [2014-07-28 22:46:28 | 011,084,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2014-07-23 12:26:57 | 000,022,567 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\Bez tytułu 1.odt [2014-07-22 12:19:44 | 000,334,590 | ---- | M] () -- C:\Documents and Settings\mb\Moje dokumenty\CV.odt [2014-07-22 12:16:37 | 000,753,246 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\TS.bmp [2014-07-21 21:03:50 | 000,191,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsdriverlx.sys [2014-07-10 14:56:41 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2014-07-10 14:56:40 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2014-06-30 12:43:12 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgdiskx.sys [2014-06-17 16:22:02 | 000,188,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2014-06-17 16:21:22 | 000,197,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2014-06-17 16:18:00 | 000,241,944 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avglogx.sys [2014-06-17 16:17:58 | 000,147,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidshx.sys [2014-06-17 16:06:22 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys [2014-06-17 16:06:20 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsshimx.sys [2014-06-16 17:59:32 | 023,062,528 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\mb\Moje dokumenty\IE10-Windows6.1-x86-en-us.exe [2014-06-08 15:00:06 | 000,000,210 | ---- | M] () -- C:\WINDOWS\tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job [2014-06-06 20:22:41 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Rollercoaster Tycoon 2.lnk [2014-06-06 20:13:04 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\mb\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-06-03 12:59:32 | 000,001,024 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2014-06-03 12:59:14 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job [2014-06-03 12:57:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014-06-03 12:57:35 | 1610,133,504 | -HS- | M] () -- C:\hiberfil.sys [2014-06-03 12:56:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2014-06-03 12:50:43 | 001,370,467 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\adwcleaner_3.309.exe [2014-06-02 18:22:48 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2014.lnk [2014-06-02 18:09:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2014-06-02 16:33:12 | 000,017,556 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\Nowy OpenDocument Dokument tekstowy (3).odt [2014-05-29 02:46:20 | 000,138,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys [2014-05-27 16:39:27 | 000,086,686 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\1922217_659761390727022_8464395557789471836_2n.JPG [2014-05-24 11:37:36 | 000,000,108 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\xp-security-updates.reg [2014-05-18 22:03:06 | 000,082,779 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\1922217_659761390727022_8464395557789471836_n.jpg [2014-05-15 00:59:28 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\poczta.lnk [2014-05-12 16:42:10 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\minerva.lnk [2014-05-12 16:32:59 | 000,981,603 | ---- | M] () -- C:\Documents and Settings\mb\Moje dokumenty\Minerva-3-5-0.air [2014-05-11 00:10:50 | 000,031,909 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\10312606_662236140479547_1639201525473813018_n.jpg [2014-05-04 14:24:40 | 000,001,137 | ---- | M] () -- C:\Documents and Settings\mb\Pulpit\Dokuhftghment.rtf [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]   [color=#E56717]========== Files Created - No Company Name ==========[/color]   [2014-09-02 10:41:58 | 000,057,787 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\10668253_712853148751179_1735767473_n.jpg [2014-09-02 10:41:05 | 000,065,611 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\10575936_712853105417850_353729828_n.jpg [2014-09-01 12:35:34 | 000,017,556 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\Nowy OpenDocument Dokument tekstowy (3).odt [2014-08-31 19:29:54 | 000,074,650 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\10617610_712172595485901_1977281568_n.jpg [2014-08-31 19:22:30 | 000,063,877 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\10656122_712172688819225_1451854782_n.jpg [2014-08-25 21:02:01 | 000,015,173 | ---- | C] () -- C:\Documents and Settings\mb\Moje dokumenty\Bez tytułu 1.odt [2014-08-24 20:30:03 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\8cars.lnk [2014-08-15 18:09:37 | 000,017,188 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\Buwez tytułu 1.odt [2014-08-15 13:16:48 | 000,000,108 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\xp-security-updates.reg [2014-08-15 13:14:06 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\xp-security-updates.zip [2014-08-01 15:24:00 | 000,619,155 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\Obraz zeskanowany 010.jpg [2014-08-01 15:22:29 | 000,873,966 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\Obraz zeskanowany 009.jpg [2014-08-01 15:22:10 | 000,825,922 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\Obraz zeskanowany 008.jpg [2014-08-01 15:17:47 | 001,449,220 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\Obraz zeskanowany 007.jpg [2014-07-23 12:26:57 | 000,022,567 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\Bez tytułu 1.odt [2014-07-22 12:16:36 | 000,753,246 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\TS.bmp [2014-07-22 12:07:25 | 000,334,590 | ---- | C] () -- C:\Documents and Settings\mb\Moje dokumenty\CV.odt [2014-06-06 20:22:41 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Rollercoaster Tycoon 2.lnk [2014-06-03 12:50:37 | 001,370,467 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\adwcleaner_3.309.exe [2014-05-27 15:02:53 | 000,086,686 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\1922217_659761390727022_8464395557789471836_2n.JPG [2014-05-18 22:02:39 | 000,082,779 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\1922217_659761390727022_8464395557789471836_n.jpg [2014-05-14 13:01:35 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk [2014-05-12 16:42:09 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\minerva.lnk [2014-05-12 16:32:55 | 000,981,603 | ---- | C] () -- C:\Documents and Settings\mb\Moje dokumenty\Minerva-3-5-0.air [2014-05-12 16:22:46 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2014.lnk [2014-05-11 00:10:45 | 000,031,909 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\10312606_662236140479547_1639201525473813018_n.jpg [2014-05-04 14:24:40 | 000,001,137 | ---- | C] () -- C:\Documents and Settings\mb\Pulpit\Dokuhftghment.rtf [2013-06-07 12:45:39 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\PDF2TXT.DAT [2013-04-05 14:40:38 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\mb\jagex_cl_runescape_LIVE.dat [2013-04-05 14:40:38 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\mb\random.dat [2013-03-10 12:40:19 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\custmon32i.dll [2013-01-11 12:32:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-12-31 21:09:06 | 000,000,052 | ---- | C] () -- C:\WINDOWS\mafosav.INI [2012-11-25 17:37:29 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\mb\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2012-11-24 16:15:05 | 000,109,691 | ---- | C] () -- C:\WINDOWS\hpoins08.dat [2012-11-24 16:15:04 | 000,007,577 | ---- | C] () -- C:\WINDOWS\hpomdl08.dat [2012-11-24 16:14:21 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll [2012-10-28 22:48:30 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\mb\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-10-07 20:09:52 | 000,000,083 | ---- | C] () -- C:\WINDOWS\Wwp.INI [2012-10-03 21:32:53 | 000,000,113 | R--- | C] () -- C:\WINDOWS\System32\camera.ini [2012-10-03 21:32:43 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\CoUninstall.dll [2012-10-02 19:45:17 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2012-10-02 19:44:13 | 000,001,019 | ---- | C] () -- C:\WINDOWS\ATICIM.INI [2012-10-02 18:19:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-09-28 16:19:04 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-09-28 16:17:31 | 000,131,688 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-09-28 15:18:31 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI [2012-09-28 15:18:29 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI [2012-09-28 15:18:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini [2012-09-28 15:18:26 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe [2012-09-28 15:18:26 | 000,121,329 | ---- | C] () -- C:\WINDOWS\Cmuda.ini [2012-09-28 15:18:26 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll [2012-09-28 15:18:25 | 000,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe [2012-09-28 15:18:25 | 000,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe [2012-09-28 15:18:25 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll [2012-09-28 14:59:49 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2012-09-28 14:59:49 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2012-09-28 14:59:48 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2012-09-28 14:59:47 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2012-09-28 14:59:47 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2012-09-28 14:39:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-09-28 14:31:17 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat   [color=#E56717]========== ZeroAccess Check ==========[/color]   [2012-10-02 20:56:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini   [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]   [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]   [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2010-01-22 00:47:36 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment   [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2010-01-22 00:47:36 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free   [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2010-01-22 00:47:36 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both