OTL logfile created on: 2012-07-09 19:06:32 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = G:\ Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 92,36% Memory free 5,09 Gb Paging File | 5,03 Gb Available in Paging File | 98,82% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 2,48 Gb Free Space | 5,08% Space Free | Partition Type: NTFS Drive D: | 7,81 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive E: | 416,92 Gb Total Space | 10,10 Gb Free Space | 2,42% Space Free | Partition Type: NTFS Drive G: | 3,73 Gb Total Space | 3,73 Gb Free Space | 99,98% Space Free | Partition Type: FAT32 Computer Name: OWNER-06A67EF2D | User Name: Owner | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-09 18:20:06 | 000,595,968 | ---- | M] (OldTimer Tools) -- G:\OTL.exe PRC - [2008-04-14 19:21:08 | 000,396,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012-06-20 07:09:34 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-05-09 20:43:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012-05-09 20:43:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012-01-04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011-03-16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-11-16 15:37:38 | 000,264,704 | ---- | M] () [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe) SRV - [2008-05-21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [On_Demand | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv) SRV - [2007-04-02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Auto | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ataft3n9) DRV - [2012-05-09 20:43:44 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2012-05-09 20:43:44 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011-12-09 13:40:53 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011-11-01 11:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2011-11-01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2011-11-01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011-11-01 11:07:24 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2011-11-01 11:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2011-11-01 11:07:24 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2010-10-09 14:48:36 | 000,072,576 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2010-08-27 13:53:32 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2010-08-07 17:48:30 | 000,106,496 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010-07-27 09:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2010-06-17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010-02-24 12:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\acedrv11.sys -- (acedrv11) DRV - [2009-09-23 00:24:52 | 000,279,712 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-09-23 00:24:52 | 000,025,888 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-09-06 22:55:50 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2009-08-14 06:27:00 | 004,485,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-01-21 12:33:32 | 000,009,096 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\amdide1.sys -- (amdide1) DRV - [2008-12-19 05:39:30 | 000,993,280 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2008-10-31 04:14:20 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-02-14 08:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt) DRV - [2007-05-14 10:12:28 | 003,526,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService) DRV - [2007-05-02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2007-05-02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2007-05-02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2007-04-16 13:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2007-02-10 17:55:50 | 000,013,824 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt) DRV - [2007-01-24 11:46:49 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2001-08-17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1935655697-261903793-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gazeta.hit.gemius.pl/hitredir/id=1_2aoau32zKrY2K8AzHtuKPMXfaG5wd126fPuctBzrP.67/stparam=loptipgnqn/url=http://www.gazeta.pl/0,0.html?promocja=pit2011_wyb01&utm_campaign=p_124 IE - HKU\S-1-5-21-1935655697-261903793-839522115-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-1935655697-261903793-839522115-1004\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} IE - HKU\S-1-5-21-1935655697-261903793-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-1935655697-261903793-839522115-1004\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=VD&o=14778&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=VX&apn_dtid=&apn_uid=53E2D840-4DFF-4860-B5CF-410CC06BE1C4&apn_sauid=A4E66451-2575-41AC-97FC-260D2911A877 IE - HKU\S-1-5-21-1935655697-261903793-839522115-1004\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/?source=c3348dd4&tbp=rbox&q={searchTerms} IE - HKU\S-1-5-21-1935655697-261903793-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.interia.pl/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10 FF - prefs.js..extensions.enabledItems: SignPlugin@bph.pl:1.4.0.6 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7 FF - prefs.js..extensions.enabledItems: {21cfaec0-dbb3-11dc-95ff-0800200c9a66}:1.1.2.4 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.2.1 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1 FF - prefs.js..extensions.enabledItems: silvermelxt@pardal.de:1.4.4 FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.1 FF - prefs.js..extensions.enabledItems: player@vividas.com:4.1.0 FF - prefs.js..extensions.enabledItems: daumtheme@duamcorp.com:0.1 FF - prefs.js..extensions.enabledItems: {d596c130-b00a-11db-abbd-0800200c9a66}:2.080708 FF - prefs.js..extensions.enabledItems: silvermel@pardal.de:1.4.4 FF - prefs.js..keyword.URL: "http://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=VD&o=14778&locale=en_US&q=" FF - prefs.js..network.proxy.backup.ftp: "lan-proxy.netblok.pl" FF - prefs.js..network.proxy.backup.ftp_port: 3128 FF - prefs.js..network.proxy.backup.gopher: "lan-proxy.netblok.pl" FF - prefs.js..network.proxy.backup.gopher_port: 3128 FF - prefs.js..network.proxy.backup.socks: "lan-proxy.netblok.pl" FF - prefs.js..network.proxy.backup.socks_port: 3128 FF - prefs.js..network.proxy.backup.ssl: "lan-proxy.netblok.pl" FF - prefs.js..network.proxy.backup.ssl_port: 3128 FF - prefs.js..network.proxy.ftp: "lan-proxy.netblok.pl" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.gopher: "lan-proxy.netblok.pl" FF - prefs.js..network.proxy.gopher_port: 3128 FF - prefs.js..network.proxy.http: "lan-proxy.netblok.pl" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "lan-proxy.netblok.pl" FF - prefs.js..network.proxy.socks_port: 3128 FF - prefs.js..network.proxy.ssl: "lan-proxy.netblok.pl" FF - prefs.js..network.proxy.ssl_port: 3128 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@fxinteractive.com/fxplanet: C:\Documents and Settings\All Users\Dane aplikacji\FXWebPlayer\npfxplanet.dll (FX Interactive) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_8.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_8.0 [2012-01-12 22:22:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-20 07:09:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-12-21 08:16:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011-12-21 08:15:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011-12-21 08:16:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_2.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_2.0 [2012-01-12 22:22:13 | 000,000,000 | ---D | M] [2009-09-05 12:06:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Extensions [2012-07-04 19:51:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\extensions [2009-09-05 13:06:59 | 000,000,000 | ---D | M] (Easy DragToGo) -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\extensions\{21cfaec0-dbb3-11dc-95ff-0800200c9a66} [2012-03-29 22:54:30 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2009-09-05 15:21:57 | 000,000,000 | ---D | M] (Miint) -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\extensions\{d596c130-b00a-11db-abbd-0800200c9a66} [2009-09-05 15:17:51 | 000,000,000 | ---D | M] (Daum Firefox용 테마) -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\extensions\daumtheme@duamcorp.com [2011-12-30 18:56:31 | 000,000,000 | ---D | M] (BPH Sign Plugin) -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\extensions\SignPlugin@bph.pl [2011-03-08 18:34:52 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\extensions\tineye@ideeinc.com [2009-09-05 15:17:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\extensions\daumtheme@duamcorp.com\chrome\mozapps\extensions [2010-05-26 15:18:50 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\askcom.xml [2011-12-14 19:43:06 | 000,000,957 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\dictionarycom.xml [2011-12-14 19:43:06 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\digg.xml [2011-12-14 19:43:06 | 000,001,747 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\google-blogs.xml [2011-12-14 19:43:06 | 000,001,749 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\google-books.xml [2011-12-14 19:43:06 | 000,001,759 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\google-directory.xml [2011-12-14 19:43:06 | 000,001,666 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\google-finance.xml [2011-12-14 19:43:06 | 000,001,755 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\google-groups.xml [2011-12-14 19:43:06 | 000,001,716 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\google-images.xml [2011-12-14 19:43:06 | 000,001,705 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\google-maps.xml [2011-12-14 19:43:06 | 000,001,730 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\google-news.xml [2011-12-14 19:43:06 | 000,001,666 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\google-products.xml [2011-12-14 19:43:06 | 000,001,713 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\google-scholar.xml [2011-12-14 19:43:06 | 000,001,663 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\google-trends.xml [2011-12-14 19:43:06 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\google-video.xml [2011-12-14 19:43:06 | 000,000,709 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\imdb.xml [2011-12-14 19:43:06 | 000,001,473 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\longman-english-dictionary.xml [2011-12-14 19:43:06 | 000,000,914 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\thesauruscom.xml [2011-12-14 19:43:06 | 000,001,351 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\twitter.xml [2011-12-14 19:43:06 | 000,000,980 | ---- | M] () -- C:\Documents and Settings\Owner\Dane aplikacji\Mozilla\Firefox\Profiles\gu54pcpu.default\searchplugins\youtube.xml [2011-12-12 23:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-06-30 08:31:13 | 000,525,327 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\GU54PCPU.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI [2011-12-13 21:02:03 | 000,330,316 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\GU54PCPU.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI [2012-05-11 09:45:31 | 000,055,163 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\GU54PCPU.DEFAULT\EXTENSIONS\SILVERMELXT@PARDAL.DE.XPI [2010-05-05 00:19:57 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2012-06-20 07:09:36 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010-05-05 00:19:57 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2009-07-31 14:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll [2011-02-10 16:45:50 | 000,180,896 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npVividasPlayer.dll [2012-02-19 22:35:06 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-12-16 23:14:50 | 000,002,067 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\blekkotb.xml [2012-02-19 22:35:06 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-19 22:35:06 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-19 22:35:06 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-19 22:35:06 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-19 22:35:06 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Updater For Spam Free Search Bar) - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files\blekkotb\auxi\blekkoAu.dll (Visicom Media) O2 - BHO: (Spam Free Search Bar) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files\blekkotb\blekkoDx.dll () O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Spam Free Search Bar) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files\blekkotb\blekkoDx.dll () O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKU\S-1-5-21-1935655697-261903793-839522115-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Dane aplikacji\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security)) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [gwvyysyvqukviqz] C:\Documents and Settings\All Users\Dane aplikacji\gwvyysyv.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKU\S-1-5-21-1935655697-261903793-839522115-1004..\Run: [] File not found O4 - HKU\S-1-5-21-1935655697-261903793-839522115-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1935655697-261903793-839522115-1004..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKU\S-1-5-21-1935655697-261903793-839522115-1004..\Run: [gwvyysyvqukviqz] C:\Documents and Settings\All Users\Dane aplikacji\gwvyysyv.exe () O4 - HKU\S-1-5-21-1935655697-261903793-839522115-1004..\Run: [HW_OPENEYE_OUC_PLAY ONLINE] C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.) O4 - HKU\S-1-5-21-1935655697-261903793-839522115-1004..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG) O4 - HKU\S-1-5-21-1935655697-261903793-839522115-1004..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O4 - HKU\S-1-5-21-1935655697-261903793-839522115-1004..\Run: [Simple Sticky Notes] C:\Program Files\Simnet\Simple Sticky Notes\ssn.exe (Simnet Ltd) O4 - HKU\S-1-5-21-1935655697-261903793-839522115-1004..\Run: [SoftAuto.exe] C:\Program Files\Creative\Software Update 3\SoftAuto.exe (Creative Technology Ltd) O4 - HKU\S-1-5-21-1935655697-261903793-839522115-1004..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - Startup: C:\Documents and Settings\Owner\Menu Start\Programy\Autostart\MiniMinder.lnk = C:\Program Files\MiniMind\MiniMind.exe (Vellosoft) O4 - Startup: C:\Documents and Settings\Owner\Menu Start\Programy\Autostart\Registration Myst V () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1935655697-261903793-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} https://www.bph.pl/pi/components/bph/SignActivX.cab (SignActivX Control) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.108.202.21 89.108.195.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{245BC1B3-F8EC-4D3A-8E46-B809E4158EA3}: DhcpNameServer = 89.108.202.21 89.108.195.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2644C591-D84B-4AB9-914E-7E1EFF504BD0}: DhcpNameServer = 217.8.188.166 217.8.168.244 157.25.5.18 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Dane aplikacji\IrfanView\IrfanView_Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Dane aplikacji\IrfanView\IrfanView_Wallpaper.bmp O31 - SafeBoot: UseAlternatShell - 1 O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-09-03 16:52:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-05-31 03:11:48 | 000,000,044 | R--- | M] () - D:\autorun.inf -- [ UDF ] O33 - MountPoints2\{0ba7a68a-666f-11df-8624-001966c81ea0}\Shell - "" = AutoRun O33 - MountPoints2\{0ba7a68a-666f-11df-8624-001966c81ea0}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{68d14264-9828-11df-86a2-001966c81ea0}\Shell - "" = AutoRun O33 - MountPoints2\{68d14264-9828-11df-86a2-001966c81ea0}\Shell\AutoRun\command - "" = I:\iStudio.exe O33 - MountPoints2\{71562bd6-a97d-11e0-88ad-001966c81ea0}\Shell - "" = AutoRun O33 - MountPoints2\{71562bd6-a97d-11e0-88ad-001966c81ea0}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{f3d3a5fe-8617-11e0-8853-001966c81ea0}\Shell - "" = AutoRun O33 - MountPoints2\{f3d3a5fe-8617-11e0-8853-001966c81ea0}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-09 07:05:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\rzrgiahalphgovv [2012-07-08 21:43:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Ustawienia lokalne\Dane aplikacji\dxhr [2012-07-08 21:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Ustawienia lokalne\Dane aplikacji\28050 [2012-07-08 11:56:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Menu Start\Programy\Steam [2012-06-27 20:11:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Pulpit\fishki [2012-06-25 12:27:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Moje dokumenty\GrayMatter [2012-06-25 10:48:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gray Matter [2012-06-19 23:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Pulpit\do przeróbki [2012-06-19 07:10:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Pulpit\blade runner [2012-06-19 07:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Pulpit\Miejsca do odwiedzenia [2012-06-15 19:26:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Moje dokumenty\BotaniculaSaves [2012-06-10 18:49:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Pulpit\MiM [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-09 19:05:34 | 000,435,688 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-07-09 19:05:34 | 000,085,344 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-07-09 19:05:34 | 000,068,584 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-07-09 19:05:34 | 000,000,342 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-07-09 19:01:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-07-09 18:56:11 | 000,394,368 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-07-09 18:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2012-07-09 07:08:05 | 006,325,745 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\pwg10440_11.wmv [2012-07-09 07:06:10 | 006,301,745 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\pwg10440_12.wmv [2012-07-09 07:05:45 | 000,000,051 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\xprrfaerxztlafn [2012-07-09 07:05:38 | 000,088,064 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\pqomvsjf.exe [2012-07-09 07:05:38 | 000,088,064 | ---- | M] () -- C:\Documents and Settings\Owner\ms.exe [2012-07-09 07:05:38 | 000,088,064 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\gwvyysyv.exe [2012-07-09 07:05:38 | 000,088,064 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\cdwbnilb.exe [2012-07-09 07:04:40 | 000,029,523 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\609.jpg [2012-07-09 07:03:23 | 008,493,663 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\sbc-jewels-jade4-01-gdas-01.wmv [2012-07-09 07:01:11 | 004,794,338 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\rws-april_oneil_01_eith_01.wmv [2012-07-09 07:00:50 | 008,245,669 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\sbc-jewels-jade4-01-gdas-02.wmv [2012-07-09 06:57:09 | 007,338,338 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\rws-april_oneil_01_eith_02.wmv [2012-07-09 06:43:05 | 000,004,985 | ---- | M] () -- C:\WINDOWS\wincmd.ini [2012-07-08 21:41:46 | 000,109,708 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\Weekend_Tatrach_5827604.jpg [2012-07-08 21:40:50 | 000,065,713 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\Weekend_Tatrach_5827598.jpg [2012-07-08 11:56:11 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\Deus Ex Human Revolution.url [2012-07-08 10:22:34 | 000,004,201 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\photo-78.jpg [2012-07-08 10:06:11 | 000,019,441 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\ChomikImage.aspx [2012-07-08 10:03:45 | 000,051,598 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\2441915559.jpg [2012-07-07 12:12:53 | 000,040,351 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\13929772_10.jpg [2012-07-06 07:08:34 | 000,060,989 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\409761_440495502657187_1768449066_n.jpg [2012-07-06 07:00:26 | 000,090,959 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\0001PDAEGYHKGKIT-C303.jpg [2012-07-04 07:19:53 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-07-03 07:23:37 | 000,225,280 | ---- | M] () -- C:\Documents and Settings\Owner\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-03 07:20:41 | 000,047,894 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\z11908869X,Fanka-reprezentacji-Hiszpanii.jpg [2012-07-02 07:12:42 | 000,078,688 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\0001OP7SP1392IEI-C303 Jessica Chastain.jpg [2012-06-30 11:26:52 | 000,004,096 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\00001A7C.LCS [2012-06-30 10:13:59 | 000,038,924 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\foto_49d5f0e3f4307855c631e773ddde8844.jpg [2012-06-30 10:12:53 | 000,083,974 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\foto_2d700f1b451d98ccab8d515be3770742.jpg [2012-06-30 09:27:03 | 000,088,269 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\Maluchy_wroclawskiego_zoo_5819224.jpg [2012-06-30 09:26:52 | 000,040,450 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\Maluchy_wroclawskiego_zoo_5819220.jpg [2012-06-30 09:26:47 | 000,044,218 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\Maluchy_wroclawskiego_zoo_5819222.jpg [2012-06-26 21:54:25 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012-06-25 11:04:10 | 000,030,065 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\z11102973X,I-chyba-nikt-jej-za-to-nie-potepi.jpg [2012-06-25 11:03:55 | 000,023,846 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\z11102936X,Mamy-nadzieje--ze-poskutkowalo.jpg [2012-06-25 11:03:37 | 000,025,493 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\z11102950X,Kazdego-bohatera-da-sie-opisac-jednym-zdaniem--Kazdy.jpg [2012-06-25 11:00:51 | 000,104,951 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\51,111858,11102621.html [2012-06-19 23:16:38 | 000,097,258 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\mike.jpg [2012-06-19 23:16:38 | 000,004,847 | ---- | M] () -- C:\Documents and Settings\Owner\.recently-used.xbel [2012-06-19 22:16:40 | 000,047,060 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\mike0.jpg [2012-06-19 20:12:11 | 000,048,108 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\545176_383938728319993_2133414009_n.jpg [2012-06-18 18:39:33 | 000,171,324 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\tajne_akta_3_nina.jpg [2012-06-17 17:57:57 | 015,917,766 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\przewodnik_slask_cieszynski_ebook.pdf [2012-06-13 23:28:39 | 000,263,311 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\tumblr_m4a19u7qyi1qatgt2o1_1280.jpg [2012-06-13 23:28:28 | 000,040,311 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\69fb11267b52210cc8e22f1448fcc1c1.jpeg [2012-06-13 23:20:24 | 000,063,086 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\you-shall-not-pass-7.jpg [2012-06-13 23:19:56 | 000,339,688 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\you-shall-not-pass_o_176851.png [2012-06-13 23:19:17 | 000,287,136 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\you-shall-not-pass_c_181906.jpg [2012-06-13 23:19:05 | 000,039,479 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\you-shall-not-pass.jpg [2012-06-13 23:18:59 | 000,195,103 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\omg-you-shall-not-pass-big.jpg [2012-06-13 23:17:46 | 003,305,576 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\127419895771.png [2012-06-13 23:17:29 | 000,028,703 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\you-shall-not-pass-4974_preview.gif [2012-06-10 16:45:04 | 000,044,110 | ---- | M] () -- C:\Documents and Settings\Owner\Pulpit\foto_d47d14a0b963939fb5730224f293872d.jpg [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-09 07:07:34 | 006,325,745 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\pwg10440_11.wmv [2012-07-09 07:05:45 | 000,088,064 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\pqomvsjf.exe [2012-07-09 07:05:45 | 000,088,064 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\gwvyysyv.exe [2012-07-09 07:05:39 | 000,088,064 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\cdwbnilb.exe [2012-07-09 07:05:38 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\xprrfaerxztlafn [2012-07-09 07:05:36 | 000,088,064 | ---- | C] () -- C:\Documents and Settings\Owner\ms.exe [2012-07-09 07:05:26 | 006,301,745 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\pwg10440_12.wmv [2012-07-09 07:04:40 | 000,029,523 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\609.jpg [2012-07-09 07:01:44 | 008,493,663 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\sbc-jewels-jade4-01-gdas-01.wmv [2012-07-09 06:58:59 | 004,794,338 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\rws-april_oneil_01_eith_01.wmv [2012-07-09 06:58:16 | 008,245,669 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\sbc-jewels-jade4-01-gdas-02.wmv [2012-07-09 06:56:34 | 007,338,338 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\rws-april_oneil_01_eith_02.wmv [2012-07-08 21:41:46 | 000,109,708 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\Weekend_Tatrach_5827604.jpg [2012-07-08 21:40:50 | 000,065,713 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\Weekend_Tatrach_5827598.jpg [2012-07-08 11:56:11 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\Deus Ex Human Revolution.url [2012-07-08 10:22:33 | 000,004,201 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\photo-78.jpg [2012-07-08 10:06:10 | 000,019,441 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\ChomikImage.aspx [2012-07-08 10:03:44 | 000,051,598 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\2441915559.jpg [2012-07-07 12:12:49 | 000,040,351 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\13929772_10.jpg [2012-07-06 07:08:34 | 000,060,989 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\409761_440495502657187_1768449066_n.jpg [2012-07-06 07:00:26 | 000,090,959 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\0001PDAEGYHKGKIT-C303.jpg [2012-07-03 07:20:41 | 000,047,894 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\z11908869X,Fanka-reprezentacji-Hiszpanii.jpg [2012-07-02 07:12:36 | 000,078,688 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\0001OP7SP1392IEI-C303 Jessica Chastain.jpg [2012-06-30 10:13:59 | 000,038,924 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\foto_49d5f0e3f4307855c631e773ddde8844.jpg [2012-06-30 10:12:52 | 000,083,974 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\foto_2d700f1b451d98ccab8d515be3770742.jpg [2012-06-30 09:27:03 | 000,088,269 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\Maluchy_wroclawskiego_zoo_5819224.jpg [2012-06-30 09:26:52 | 000,040,450 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\Maluchy_wroclawskiego_zoo_5819220.jpg [2012-06-30 09:26:46 | 000,044,218 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\Maluchy_wroclawskiego_zoo_5819222.jpg [2012-06-30 08:33:04 | 005,259,894 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\SAM_2281.JPG [2012-06-25 12:26:44 | 000,004,096 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\00001A7C.LCS [2012-06-25 11:04:10 | 000,030,065 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\z11102973X,I-chyba-nikt-jej-za-to-nie-potepi.jpg [2012-06-25 11:03:55 | 000,023,846 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\z11102936X,Mamy-nadzieje--ze-poskutkowalo.jpg [2012-06-25 11:03:37 | 000,025,493 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\z11102950X,Kazdego-bohatera-da-sie-opisac-jednym-zdaniem--Kazdy.jpg [2012-06-25 11:00:51 | 000,104,951 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\51,111858,11102621.html [2012-06-19 23:16:38 | 000,004,847 | ---- | C] () -- C:\Documents and Settings\Owner\.recently-used.xbel [2012-06-19 23:12:49 | 000,097,258 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\mike.jpg [2012-06-19 22:16:40 | 000,047,060 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\mike0.jpg [2012-06-19 20:12:11 | 000,048,108 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\545176_383938728319993_2133414009_n.jpg [2012-06-18 18:39:32 | 000,171,324 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\tajne_akta_3_nina.jpg [2012-06-17 17:57:57 | 015,917,766 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\przewodnik_slask_cieszynski_ebook.pdf [2012-06-13 23:28:38 | 000,263,311 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\tumblr_m4a19u7qyi1qatgt2o1_1280.jpg [2012-06-13 23:28:28 | 000,040,311 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\69fb11267b52210cc8e22f1448fcc1c1.jpeg [2012-06-13 23:20:24 | 000,063,086 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\you-shall-not-pass-7.jpg [2012-06-13 23:19:56 | 000,339,688 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\you-shall-not-pass_o_176851.png [2012-06-13 23:19:17 | 000,287,136 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\you-shall-not-pass_c_181906.jpg [2012-06-13 23:19:05 | 000,039,479 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\you-shall-not-pass.jpg [2012-06-13 23:18:59 | 000,195,103 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\omg-you-shall-not-pass-big.jpg [2012-06-13 23:17:46 | 003,305,576 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\127419895771.png [2012-06-13 23:17:28 | 000,028,703 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\you-shall-not-pass-4974_preview.gif [2012-06-10 16:45:04 | 000,044,110 | ---- | C] () -- C:\Documents and Settings\Owner\Pulpit\foto_d47d14a0b963939fb5730224f293872d.jpg [2012-04-03 19:01:46 | 000,707,504 | ---- | C] () -- C:\Documents and Settings\Owner\Ustawienia lokalne\Dane aplikacji\unins000.exe [2012-04-03 18:48:27 | 000,011,761 | ---- | C] () -- C:\Documents and Settings\Owner\Ustawienia lokalne\Dane aplikacji\unins000.msg [2012-04-03 18:48:26 | 000,005,602 | ---- | C] () -- C:\Documents and Settings\Owner\Ustawienia lokalne\Dane aplikacji\unins000.dat [2012-01-29 10:22:18 | 000,008,008 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-02-06 21:45:47 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\atscie.msi [2010-11-09 00:18:42 | 000,000,295 | ---- | C] () -- C:\WINDOWS\d.ini [2010-09-15 21:22:26 | 000,018,073 | ---- | C] () -- C:\WINDOWS\CSTBox.INI [2010-07-01 22:34:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2010-02-17 02:14:26 | 000,001,373 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache [2010-01-17 00:27:56 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\Owner\elists.db [2009-12-26 20:38:55 | 000,224,736 | ---- | C] () -- C:\Documents and Settings\Owner\gncontent.cch [2009-09-05 16:28:37 | 000,225,280 | ---- | C] () -- C:\Documents and Settings\Owner\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [color=#E56717]========== LOP Check ==========[/color] [2012-01-28 21:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Anti-phishing Domain Advisor [2011-02-01 00:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BioWare [2011-04-24 00:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Colibri Games [2009-09-06 22:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-05-24 17:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService [2010-01-22 18:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2012-04-03 21:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FXWebPlayer [2010-08-16 23:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2012-01-12 22:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2012-03-13 18:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache [2012-05-27 19:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2012-01-12 22:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2011-07-20 18:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pendulo Studios [2012-07-09 07:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\rzrgiahalphgovv [2011-04-24 20:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-05-09 20:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\tmp [2009-09-09 18:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2009-11-23 02:25:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{615DB4DC-B7C1-4125-9858-78EF460B76D2} [2009-11-23 02:25:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{83F61D74-0DA9-475B-BAF3-D4F153A02B30} [2012-01-26 00:34:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6} [2010-09-17 23:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\.minecraft [2011-02-16 19:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\BlackBean [2012-03-04 08:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\blekkotb [2011-03-16 22:32:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\Canon [2011-04-24 00:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\Colibri Games [2009-09-06 22:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\DAEMON Tools [2009-09-06 22:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\DAEMON Tools Lite [2009-09-06 22:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\DAEMON Tools Pro [2010-08-16 23:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\Gadu-Gadu 10 [2012-06-19 23:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\gtk-2.0 [2010-01-09 03:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\IrfanView [2012-01-12 22:35:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\Nokia [2012-01-12 22:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\Nokia Suite [2009-09-23 22:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\Nowe Gadu-Gadu [2010-03-21 16:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\OpenFM [2012-01-12 22:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\PC Suite [2012-02-27 18:59:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\PITy2011 [2011-06-08 18:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\PLAY ONLINE [2012-06-25 12:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\ProtectDISC [2010-07-01 23:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\Samsung [2012-01-26 00:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\Stardock [2009-09-05 12:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\Thunderbird [2009-09-09 18:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\Ubisoft [2010-01-20 00:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Dane aplikacji\uTorrent [2012-07-09 18:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 830 bytes -> C:\Documents and Settings\Owner\Menu Start\Programy\Autostart\Registration Myst V: End of Ages.LNK @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:2DAD076E < End of report >