OTL logfile created on: 2012-02-24 00:15:21 - Run 3 OTL by OldTimer - Version 3.2.33.2 Folder = D:\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 55,97% Memory free 3,84 Gb Paging File | 3,13 Gb Available in Paging File | 81,45% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 64,94 Gb Total Space | 14,09 Gb Free Space | 21,70% Space Free | Partition Type: NTFS Drive D: | 465,76 Gb Total Space | 248,34 Gb Free Space | 53,32% Space Free | Partition Type: NTFS Drive E: | 167,94 Gb Total Space | 6,05 Gb Free Space | 3,60% Space Free | Partition Type: NTFS Computer Name: INSANE | User Name: deus | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-02-23 02:30:10 | 000,583,680 | ---- | M] (OldTimer Tools) -- D:\Moje dokumenty\Pobieranie\OTL.exe PRC - [2012-01-22 08:40:04 | 003,025,112 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe PRC - [2011-05-28 00:10:44 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-07-29 20:37:32 | 000,223,744 | ---- | M] () -- C:\Program Files\TaskmgrPro\TaskmgrPro.exe PRC - [2009-06-20 01:18:41 | 005,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files\Tlen.pl\tlen.exe PRC - [2009-04-09 15:19:08 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2009-04-09 15:17:56 | 002,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005-12-30 09:15:02 | 000,107,520 | ---- | M] (www.ELMAK.pl) -- C:\Program Files\irPC\irPC.exe PRC - [2005-08-25 22:09:34 | 000,731,136 | ---- | M] () -- C:\Program Files\Loop Terminarz\Loop Terminarz.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-01-08 14:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll MOD - [2011-06-18 19:15:33 | 006,271,136 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2011-05-28 00:10:45 | 001,014,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll MOD - [2011-04-07 16:02:21 | 000,151,552 | ---- | M] () -- C:\Program Files\Tlen.pl\libgadu.dll MOD - [2010-12-19 17:07:08 | 000,250,736 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll MOD - [2010-07-29 20:37:32 | 000,223,744 | ---- | M] () -- C:\Program Files\TaskmgrPro\TaskmgrPro.exe MOD - [2009-01-17 15:47:38 | 000,033,792 | ---- | M] () -- C:\Program Files\Tlen.pl\languages\polish.dll MOD - [2009-01-06 12:55:46 | 000,061,464 | ---- | M] () -- C:\Program Files\Tlen.pl\plugins\TlenSMS.tpl MOD - [2008-12-23 15:11:32 | 000,195,096 | ---- | M] () -- C:\Program Files\Tlen.pl\plugins\Video.tpl MOD - [2008-12-22 14:32:06 | 000,093,720 | ---- | M] () -- C:\Program Files\Tlen.pl\plugins\Voice.tpl MOD - [2008-11-28 10:59:33 | 000,012,800 | ---- | M] () -- C:\Program Files\Tlen.pl\plugins\bk2.tpl MOD - [2008-07-22 08:49:48 | 000,075,800 | ---- | M] () -- C:\Program Files\Tlen.pl\plugins\FileTM.tpl MOD - [2008-07-22 08:49:40 | 000,106,520 | ---- | M] () -- C:\Program Files\Tlen.pl\plugins\File.tpl MOD - [2008-06-19 13:20:08 | 000,017,408 | ---- | M] () -- C:\Program Files\Tlen.pl\hook.dll MOD - [2008-06-19 13:15:54 | 000,030,720 | ---- | M] () -- C:\Program Files\Tlen.pl\libutil2.dll MOD - [2008-06-19 13:15:46 | 000,139,264 | ---- | M] () -- C:\Program Files\Tlen.pl\libexpat2.dll MOD - [2008-01-15 15:57:06 | 000,349,720 | ---- | M] () -- C:\Program Files\Tlen.pl\plugins\Tlenofon.tpl MOD - [2007-10-05 14:00:58 | 000,181,248 | ---- | M] () -- C:\Program Files\Tlen.pl\libutil.dll MOD - [2005-11-18 10:33:58 | 000,054,784 | ---- | M] () -- C:\Program Files\Tlen.pl\libs\libexpat.dll MOD - [2005-08-25 22:09:34 | 000,731,136 | ---- | M] () -- C:\Program Files\Loop Terminarz\Loop Terminarz.exe MOD - [2003-01-30 05:04:00 | 000,618,496 | ---- | M] () -- C:\Program Files\Tlen.pl\stlpmt45.dll MOD - [2001-03-15 05:18:08 | 000,065,536 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Distillr\adistres.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (OMSI download service) SRV - File not found [Auto | Stopped] -- -- (mi-raysat_3dsMax2009_32) SRV - File not found [Disabled | Stopped] -- -- (JavaQuickStarterService) SRV - File not found [Auto | Stopped] -- -- (DVBVRecorder) SRV - File not found [Disabled | Stopped] -- -- (CTAudSvcService) SRV - File not found [Auto | Stopped] -- -- (BlueSoleil Hid Service) SRV - File not found [Auto | Stopped] -- -- (Autodesk Licensing Service) SRV - File not found [Auto | Stopped] -- -- (ATI Smart) SRV - File not found [Auto | Stopped] -- -- (Ati HotKey Poller) SRV - [2012-02-15 12:25:34 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service) SRV - [2012-01-22 08:40:04 | 003,025,112 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2011-02-19 13:45:11 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-12-19 17:06:53 | 001,375,992 | ---- | M] (Lavasoft) [Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010-10-13 10:38:56 | 000,079,360 | ---- | M] (SolidWorks) [Disabled | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service) SRV - [2010-10-01 13:27:22 | 000,632,792 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-09-24 21:16:47 | 002,326,920 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2009-09-12 15:31:30 | 000,660,520 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2009-04-09 15:29:20 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2009-04-09 15:19:08 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2001-10-26 18:30:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (.EsetTrialReset) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-11-10 04:42:12 | 007,493,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2011-11-02 10:13:12 | 000,051,632 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc) DRV - [2011-10-17 18:40:22 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService) DRV - [2011-05-19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA) DRV - [2011-05-01 15:59:35 | 000,160,640 | ---- | M] (Utimaco Safeware AG) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Sahara.sys -- (Sahara) DRV - [2011-05-01 15:59:35 | 000,107,008 | ---- | M] (Utimaco Safeware AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Sidney.sys -- (Sidney) DRV - [2011-05-01 15:59:35 | 000,049,408 | ---- | M] (Utimaco Safeware AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Salvador.sys -- (Salvador) DRV - [2011-05-01 15:59:35 | 000,032,256 | ---- | M] (Utimaco Safeware AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Scarlet.sys -- (Scarlet) DRV - [2010-07-12 09:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009-12-09 19:47:00 | 002,006,784 | ---- | M] (Creative) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\p17xfilt.sys -- (p17xfilt) DRV - [2009-11-19 14:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM) DRV - [2009-11-19 14:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS) DRV - [2009-11-19 14:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2009-11-19 14:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM) DRV - [2009-11-19 14:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM) DRV - [2009-11-19 14:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex) DRV - [2009-11-19 14:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2009-09-24 21:16:50 | 000,159,168 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp) DRV - [2009-09-24 21:16:44 | 000,902,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm251.sys -- (tdrpman251) Acronis Try&Decide and Restore Points filter (build 251) DRV - [2009-09-24 21:16:42 | 000,570,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2009-09-24 21:16:26 | 000,157,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman) DRV - [2009-08-18 10:32:00 | 005,884,416 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009-08-13 09:51:12 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2009-06-30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot) DRV - [2009-06-25 02:24:00 | 003,734,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtKHDMI.sys -- (RTHDMIAzAudService) DRV - [2009-05-26 22:56:19 | 000,104,384 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD) DRV - [2009-04-09 15:21:12 | 000,055,768 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2009-04-09 15:21:10 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2009-04-09 15:21:06 | 000,133,000 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2009-04-09 15:18:02 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-04-09 15:10:30 | 000,113,960 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2009-04-08 22:46:22 | 000,189,968 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ahcix86.sys -- (ahcix86) DRV - [2009-03-27 07:33:42 | 000,130,816 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2008-08-05 13:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008-04-14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) DRV - [2007-11-21 21:06:26 | 001,174,528 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17xfi.sys -- (P17xfi) DRV - [2007-11-02 10:47:38 | 000,109,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mdm.sys -- (s916mdm) DRV - [2007-11-02 10:47:38 | 000,103,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mgmt.sys -- (s916mgmt) Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM) DRV - [2007-11-02 10:47:38 | 000,100,008 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916obex.sys -- (s916obex) DRV - [2007-11-02 10:47:38 | 000,083,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916bus.sys -- (s916bus) Sony Ericsson Device 916 driver (WDM) DRV - [2007-11-02 10:47:38 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mdfl.sys -- (s916mdfl) DRV - [2007-04-16 15:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2007-02-27 19:31:10 | 000,171,008 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN) DRV - [2006-11-22 08:53:02 | 001,121,536 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid) DRV - [2006-07-16 16:06:16 | 000,023,040 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb) DRV - [2006-07-01 22:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006-06-23 16:00:26 | 000,031,488 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2006-02-28 16:57:22 | 000,084,836 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr) DRV - [2006-01-19 13:31:34 | 000,010,068 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT) DRV - [2006-01-04 08:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2005-12-08 15:54:52 | 000,114,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2005-12-08 15:54:44 | 000,142,336 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2005-08-31 10:34:52 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - [2005-07-30 07:21:32 | 000,011,988 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum) DRV - [2005-05-01 05:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2004-10-19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm) DRV - [2004-08-23 13:20:06 | 000,158,720 | ---- | M] ( ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus) DRV - [2004-04-30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi) DRV - [2002-04-26 12:04:16 | 000,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\KMM4XNT.SYS -- (Kmm4xNT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-220523388-1677128483-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-220523388-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1 FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8 FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.6.1 FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13 FF - prefs.js..extensions.enabledItems: rsDownloadHelper@yevgenyandrov.net:1.0 FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.7.2 FF - prefs.js..extensions.enabledItems: sortplaces@andyhalford.com:1.7.2 FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3 FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a66}:0.6.1.14 FF - prefs.js..extensions.enabledItems: searchimdb@sogame.cat:1.2.0 FF - prefs.js..extensions.enabledItems: last-tab-close-button@victor.sacharin:0.3.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7 FF - prefs.js..extensions.enabledItems: {03c5aa89-a413-40df-8896-562697687bbc}:1.5.4 FF - prefs.js..extensions.enabledItems: {359faf50-e061-11dd-ad8b-0800200c9a66}:2.2.1 FF - prefs.js..extensions.enabledItems: {624bab10-c637-11dd-ad8b-0800200c9a66}:0.8.7 FF - prefs.js..extensions.enabledItems: {eb46c787-131a-4eb7-9b93-7f62ca550917}:0.4.2 FF - prefs.js..extensions.enabledItems: {269e35b1-cdde-11de-8a39-0800200c9a67}:0.3.3 FF - prefs.js..extensions.enabledItems: {7a94a9a7-be7f-4d51-afe9-06063380ca94}:3.07 FF - prefs.js..network.proxy.type: 2 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-26 20:46:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-22 13:07:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-02-23 00:52:08 | 000,000,000 | ---D | M] [2010-04-08 19:56:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Extensions [2012-02-23 04:19:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions [2010-06-26 16:45:34 | 000,000,000 | ---D | M] ("FoxWorld") -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{03c5aa89-a413-40df-8896-562697687bbc} [2011-02-09 19:31:28 | 000,000,000 | ---D | M] (Session Manager) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} [2010-04-08 21:25:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{13b4437e-b706-11dc-8314-0800200c9a66} [2010-05-01 21:04:18 | 000,000,000 | ---D | M] ("Garmin Communicator") -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2010-04-09 18:25:27 | 000,000,000 | ---D | M] (Netfox) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{269e35b1-cdde-11de-8a39-0800200c9a67} [2010-08-04 00:56:05 | 000,000,000 | ---D | M] (Slickerfox) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{359faf50-e061-11dd-ad8b-0800200c9a66} [2010-04-08 23:33:01 | 000,000,000 | ---D | M] (Minimap Addon) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66} [2010-04-09 21:49:22 | 000,000,000 | ---D | M] (Favicon Picker 2) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a66} [2010-04-09 18:13:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{5476e6b0-3de0-11dd-ae16-0800200c9a66} [2010-06-26 16:44:39 | 000,000,000 | ---D | M] (SKY plus!) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{624bab10-c637-11dd-ad8b-0800200c9a66} [2011-02-09 19:31:27 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{64161300-e22b-11db-8314-0800200c9a66} [2010-04-09 18:25:41 | 000,000,000 | ---D | M] (Modern Modoki) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{7a94a9a7-be7f-4d51-afe9-06063380ca94} [2010-10-08 18:00:52 | 000,000,000 | ---D | M] (Sage) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596} [2011-12-13 21:37:32 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-06-26 16:05:18 | 000,000,000 | ---D | M] ("CoolPreviews") -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} [2010-04-08 20:46:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66} [2010-04-09 18:07:35 | 000,000,000 | ---D | M] ("GrayModern2") -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{eb46c787-131a-4eb7-9b93-7f62ca550917} [2010-11-17 23:36:01 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2010-07-14 19:22:08 | 000,000,000 | ---D | M] (Check4Change) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\check4change-owner@mozdev.org [2011-02-09 19:31:27 | 000,000,000 | ---D | M] (FireGestures) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\firegestures@xuldev.org [2010-08-25 10:03:05 | 000,000,000 | ---D | M] (Last tab close button) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\last-tab-close-button@victor.sacharin [2010-04-09 15:40:06 | 000,000,000 | ---D | M] (RapidShare DownloadHelper) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\rsDownloadHelper@yevgenyandrov.net [2010-04-11 19:59:53 | 000,000,000 | ---D | M] (SearchIMDB) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\searchimdb@sogame.cat [2010-04-09 17:04:16 | 000,000,000 | ---D | M] (Smart Bookmarks Bar) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\smartbookmarksbar@remy.juteau [2011-02-09 19:31:28 | 000,000,000 | ---D | M] (SortPlaces) -- C:\Documents and Settings\deus\Dane aplikacji\Mozilla\Firefox\Profiles\sh6vjyh8.default\extensions\sortplaces@andyhalford.com [2012-02-23 04:19:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-08-05 00:13:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-12-11 20:16:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2009-12-08 15:18:50 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011-11-10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-05-16 15:52:28 | 000,258,560 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll [2011-05-28 00:10:49 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-05-28 00:10:49 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-05-28 00:10:49 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-05-28 00:10:49 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-05-28 00:10:49 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-05-28 00:10:49 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\deus\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\deus\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\deus\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\16.0.912.75\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: EModel scriptable Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npEModelPlugin.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\deus\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Documents and Settings\deus\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\deus\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Gmail = C:\Documents and Settings\deus\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2012-01-03 03:54:29 | 000,001,777 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com127.0.0.1 validation.sls.microsoft.com O1 - Hosts: 127.0.0.1 server1.dvbviewer.com O1 - Hosts: 127.0.0.1 dd1002.kasserver.com O1 - Hosts: 127.0.0.1 wiki.dvbviewer.tv O1 - Hosts: 127.0.0.1 sitecheck2.opera.com O1 - Hosts: 127.0.0.1 static.39.17.63.178.clients.your-server.de O1 - Hosts: 127.0.0.1 80-239-254-146.customer.teliacarrier.com O1 - Hosts: 127.0.0.1 dvbviewer.com O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com O1 - Hosts: 127.0.0.1 server1.dvbviewer.com O1 - Hosts: 127.0.0.1 dd1002.kasserver.com O1 - Hosts: 127.0.0.1 wiki.dvbviewer.tv O1 - Hosts: 127.0.0.1 sitecheck2.opera.com O1 - Hosts: 127.0.0.1 static.39.17.63.178.clients.your-server.de O1 - Hosts: 127.0.0.1 80-239-254-146.customer.teliacarrier.com O1 - Hosts: 127.0.0.1 dvbviewer.com O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com O1 - Hosts: 127.0.0.1 server1.dvbviewer.com O1 - Hosts: 127.0.0.1 dd1002.kasserver.com O1 - Hosts: 127.0.0.1 wiki.dvbviewer.tv O1 - Hosts: 127.0.0.1 sitecheck2.opera.com O1 - Hosts: 127.0.0.1 static.39.17.63.178.clients.your-server.de O1 - Hosts: 127.0.0.1 80-239-254-146.customer.teliacarrier.com O1 - Hosts: 127.0.0.1 dvbviewer.com O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found. O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [SystemTray] C:\WINDOWS\System32\systray.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-220523388-1677128483-725345543-1003..\Run: [Loop Terminarz] C:\Program Files\Loop Terminarz\Loop Terminarz.exe () O4 - HKU\S-1-5-21-220523388-1677128483-725345543-1003..\Run: [TaskmgrPro] C:\Program Files\TaskmgrPro\TaskmpStart.exe () O4 - HKU\.DEFAULT..\RunOnce: [DefaultP17] P17Def.Exe File not found O4 - HKU\.DEFAULT..\RunOnce: [DefaultP17MIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd) O4 - HKU\S-1-5-18..\RunOnce: [DefaultP17] P17Def.Exe File not found O4 - HKU\S-1-5-18..\RunOnce: [DefaultP17MIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd) O4 - Startup: C:\Documents and Settings\deus\Menu Start\Programy\Autostart\irPC.lnk = C:\Program Files\irPC\irPC.exe (www.ELMAK.pl) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-220523388-1677128483-725345543-1003\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-21-220523388-1677128483-725345543-1003\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-21-220523388-1677128483-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-220523388-1677128483-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-220523388-1677128483-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data] O7 - HKU\S-1-5-21-220523388-1677128483-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-220523388-1677128483-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCANetwork = 0 O7 - HKU\S-1-5-21-220523388-1677128483-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAVolume = 0 O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\wshbth.dll File not found O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave ActiveX Control) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {41ACD49D-791A-1974-0981-AA9872721044} http://cached.gamedesire.com/g_bin/pl/boards_2_0_0_39.cab (Ganymede Board Games) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} http://download.sopcast.cn/download/SOPCORE.CAB (SopCore Control) O16 - DPF: {A1FE3DE0-11D4-CF77-8340-0080C8D7ED4A} http://cached.gamedesire.com/g_bin/pl/demon_2_0_0_34.cab (GameDesire Pinball Demon) O16 - DPF: {BFA1F11D-AFE1-3121-4112-894323212DAC} http://cached.gamedesire.com/g_bin/pl/words_2_0_0_55.cab (GameDesire Word Games) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab (Creative Software AutoUpdate Support Package) O16 - DPF: {FDDBE2B8-4AD8-6602-946D-94C5A32FA6C1} http://cached.gamedesire.com/g_bin/pl/billard8_2_0_0_40.cab (GameDesire Pool 8) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 79.163.127.70 217.116.100.65 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B64FE39-E69A-417F-A593-A9DF77A79186}: DhcpNameServer = 79.163.127.70 217.116.100.65 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\TPSvc: DllName - (TPSvc.dll) - File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\deus\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\deus\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O27 - HKLM IFEO\KeyTool.exe: Debugger - C:\WINDOWS\System32\wins.exe (Smart-X) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-02-19 13:21:50 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2009-07-02 20:15:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{27ca885e-71b5-11e0-952c-001fd0565d30}\Shell - "" = AutoRun O33 - MountPoints2\{27ca885e-71b5-11e0-952c-001fd0565d30}\Shell\AutoRun\command - "" = F:\Startme.exe O33 - MountPoints2\{88601acc-1e98-11e1-9566-001fd0565d30}\Shell - "" = AutoRun O33 - MountPoints2\{88601acc-1e98-11e1-9566-001fd0565d30}\Shell\AutoRun\command - "" = C:\WINDOWS\explorer.exe -- [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{903308c4-2712-11df-9154-001fd0565d30}\Shell - "" = AutoRun O33 - MountPoints2\{903308c4-2712-11df-9154-001fd0565d30}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O33 - MountPoints2\{ea58cb0d-6748-11de-b7da-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{ea58cb0d-6748-11de-b7da-806d6172696f}\Shell\AutoRun\command - "" = F:\Autorun.exe O33 - MountPoints2\{eb111dfd-b84d-11e0-95f6-001fd0565d30}\Shell\AutoRun\command - "" = F:\bycfht.exe O33 - MountPoints2\{eb111dfd-b84d-11e0-95f6-001fd0565d30}\Shell\open\Command - "" = F:\bycfht.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-220523388-1677128483-725345543-1003\...exe [@ = exefile] -- Reg Error: Key error. File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-02-23 11:57:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Emsisoft Anti-Malware [2012-02-23 03:23:55 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012-02-23 03:23:55 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012-02-23 03:23:55 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012-02-23 03:23:55 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012-02-23 03:23:34 | 000,000,000 | --SD | C] -- C:\ComboFix [2012-02-23 03:23:31 | 000,000,000 | ---D | C] -- C:\Qoobox [2012-02-23 00:52:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ESET [2012-02-23 00:26:18 | 000,335,504 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\TrufosAlt.sys [2012-02-22 21:18:18 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys [2012-02-22 21:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2012-02-22 21:09:10 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2012-02-22 20:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\deus\Dane aplikacji\QuickScan [2012-02-22 20:28:27 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012-02-22 20:28:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy [2012-02-15 12:26:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Macrovision [2012-02-15 12:25:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macromedia Shared [2012-02-15 12:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Macromedia [2012-02-15 12:25:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macromedia [2011-04-28 17:53:40 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Dane aplikacji\hpe218.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-02-23 23:32:59 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2012-02-23 16:11:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-02-23 16:07:48 | 000,000,054 | ---- | M] () -- C:\Documents and Settings\deus\defogger_reenable [2012-02-23 02:47:05 | 000,000,512 | ---- | M] () -- C:\MBR.dat [2012-02-23 01:05:37 | 000,335,504 | ---- | M] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\TrufosAlt.sys [2012-02-22 22:56:04 | 003,767,648 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-02-22 20:51:13 | 000,000,492 | ---- | M] () -- C:\WINDOWS\WININIT.INI [2012-02-22 19:42:33 | 000,532,580 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-02-22 19:42:33 | 000,472,538 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-02-22 19:42:33 | 000,093,706 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-02-22 19:42:33 | 000,075,632 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-02-22 19:34:39 | 000,000,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg [2012-02-19 21:03:02 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012-02-16 11:50:43 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\deus\Dane aplikacji\Adobe PNG Format CS5 Prefs [2012-02-15 22:20:10 | 000,000,026 | ---- | M] () -- C:\WINDOWS\Zone.Identifier [2012-02-12 13:51:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-02-23 16:07:45 | 000,000,054 | ---- | C] () -- C:\Documents and Settings\deus\defogger_reenable [2012-02-23 03:23:55 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2012-02-23 03:23:55 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2012-02-23 03:23:55 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2012-02-23 03:23:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2012-02-23 03:23:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2012-02-23 02:47:05 | 000,000,512 | ---- | C] () -- C:\MBR.dat [2012-02-22 19:34:39 | 000,000,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg [2012-01-06 01:30:36 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2012-01-06 01:30:36 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2012-01-06 01:30:36 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2012-01-03 03:07:13 | 000,243,168 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2012-01-03 02:04:41 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2012-01-03 02:04:41 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2012-01-03 01:42:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-01-02 23:08:42 | 000,005,109 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\mxnhytee.feu [2012-01-02 18:12:28 | 000,001,042 | ---- | C] () -- C:\Documents and Settings\deus\Dane aplikacji\coreavc.ini [2012-01-02 17:23:10 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll [2012-01-02 17:22:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll [2011-11-09 22:39:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll [2011-11-09 22:39:32 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll [2011-11-04 13:36:56 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe [2011-10-06 20:48:37 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\deus\Dane aplikacji\Adobe GIF Format CS5 Prefs [2011-04-16 02:56:08 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2011-04-16 02:56:08 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2011-04-16 00:51:45 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\deus\Dane aplikacji\Adobe PNG Format CS5 Prefs [2011-02-24 15:47:30 | 000,000,654 | ---- | C] () -- C:\WINDOWS\unins000.dat [2011-02-01 11:32:30 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2011-02-01 11:32:30 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2011-02-01 02:23:02 | 000,482,979 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-220523388-1677128483-725345543-1003-0.dat [2011-02-01 02:23:02 | 000,334,046 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2011-01-31 20:06:10 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\deus\Dane aplikacji\$_hpcst$.hpc [2011-01-28 14:21:35 | 000,004,620 | ---- | C] () -- C:\WINDOWS\XChange.dat [2011-01-04 16:10:56 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2011-01-04 16:10:56 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2011-01-04 16:10:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2011-01-04 16:10:56 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2010-12-11 16:08:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll [2010-12-10 19:15:16 | 003,907,640 | ---- | C] () -- C:\WINDOWS\System32\gsdll32.dll [2010-11-02 11:37:35 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2010-10-13 10:38:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI [2010-08-05 18:46:28 | 000,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll [2010-08-01 22:46:09 | 000,036,864 | ---- | C] () -- C:\WINDOWS\StmClean.exe [2010-06-22 22:27:43 | 000,075,776 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01e.exe [2010-04-08 19:55:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-04-08 10:53:18 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll [2010-04-08 10:53:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll [2010-04-08 10:53:14 | 000,022,936 | ---- | C] () -- C:\WINDOWS\System32\Ludap17.ini [2010-04-08 10:53:14 | 000,008,339 | ---- | C] () -- C:\WINDOWS\sfsyn.ini [2010-04-08 10:53:14 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [2010-04-05 22:31:22 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini [2010-03-28 16:12:36 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat [2010-03-28 16:12:36 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\deus\Ustawienia lokalne\Dane aplikacji\DonationCoder_ScreenshotCaptor_InstallInfo.dat [2010-03-27 23:50:57 | 000,137,216 | ---- | C] () -- C:\WINDOWS\System32\OemSpi.dll [2010-03-25 11:54:35 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-03-19 18:55:08 | 000,000,029 | ---- | C] () -- C:\WINDOWS\sfbm.INI [2010-03-19 14:15:54 | 000,000,492 | ---- | C] () -- C:\WINDOWS\WININIT.INI [color=#E56717]========== LOP Check ==========[/color] [2011-05-27 19:04:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2009-09-24 21:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Acronis [2011-05-09 12:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alien Skin [2011-02-19 13:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2009-12-04 17:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth [2010-08-02 20:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2009-07-03 13:21:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ [2012-01-03 21:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CMUV [2011-01-28 08:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-11-26 21:22:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DonationCoder [2009-07-03 10:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2009-12-02 18:14:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Fallout3 [2011-04-06 14:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-05-01 22:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GARMIN [2011-02-17 19:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2011-09-18 12:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security [2010-03-13 11:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Phase One [2012-01-10 15:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe [2011-11-08 20:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [2009-09-26 01:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SlySoft [2010-01-13 20:38:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\StreamSoft [2012-02-23 13:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-07-03 14:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl [2009-07-06 20:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WhereIsIt [2010-08-09 19:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E} [2009-09-24 21:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Acronis [2011-05-05 19:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Alien Skin [2011-06-07 17:50:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\AtomZombieData [2011-02-19 13:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Autodesk [2010-07-23 16:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010-03-28 16:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\DonationCoder [2010-10-13 10:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\EDrawings [2011-12-08 21:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\ElevatedDiagnostics [2011-06-06 16:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Elmak [2009-07-05 17:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\ESET [2012-02-20 21:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\FileZilla [2011-04-06 14:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Gadu-Gadu 10 [2009-09-23 22:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\GanymedeNet [2010-05-01 21:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\GARMIN [2010-12-11 16:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\InterTrust [2011-02-17 19:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\ipla [2012-02-15 22:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\jStrip [2009-12-20 16:37:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\MyPhoneExplorer [2010-03-01 23:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\NeatImage PS [2011-12-28 14:39:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\NeatImage PS 32 [2010-03-01 23:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\NeatImage SL [2009-07-02 23:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Opera [2012-02-22 20:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\QuickScan [2011-12-09 14:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Red Alert 3 [2011-11-04 16:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Registry Mechanic [2010-11-16 18:44:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\RigNRoll_pol [2011-01-20 23:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Rovio [2010-07-14 19:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\RssPopper [2009-12-15 21:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\runic games [2011-02-01 11:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Samsung [2010-07-14 20:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\ScoopScanner [2010-07-14 19:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Simbolic [2009-11-24 14:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Softland [2011-04-28 17:42:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Sony [2011-04-28 17:46:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Sony Setup [2012-01-13 21:03:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\SWiSH Max4 [2010-10-09 16:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\TaskmgrPro [2011-02-24 01:59:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\TheCompany [2011-02-22 23:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Thinstall [2012-02-23 12:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Tlen.pl [2009-08-19 11:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\WordToPDF [2009-12-12 11:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\deus\Dane aplikacji\Zaxwerks [2009-08-19 11:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Softland [2011-11-04 13:37:42 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job [2010-07-14 20:17:15 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{ACE58669-7C99-4713-ABC1-5BB57C892927}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:9E00596C @Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D1B5B4F1 @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C8B8CEBD < End of report >