OTL logfile created on: 2012-07-10 19:17:55 - Run 2 OTL by OldTimer - Version 3.2.53.1 Folder = J:\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,48 Mb Total Physical Memory | 545,57 Mb Available Physical Memory | 53,30% Memory free 3,35 Gb Paging File | 3,08 Gb Available in Paging File | 91,84% Paging File free Paging file location(s): D:\pagefile.sys 2500 2500 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 32,64 Gb Total Space | 8,59 Gb Free Space | 26,33% Space Free | Partition Type: NTFS Drive D: | 62,02 Gb Total Space | 5,98 Gb Free Space | 9,64% Space Free | Partition Type: NTFS Drive E: | 54,37 Gb Total Space | 2,89 Gb Free Space | 5,31% Space Free | Partition Type: NTFS Drive I: | 39,06 Gb Total Space | 5,65 Gb Free Space | 14,46% Space Free | Partition Type: NTFS Drive J: | 109,99 Gb Total Space | 42,01 Gb Free Space | 38,20% Space Free | Partition Type: NTFS Computer Name: DOM2 | User Name: grzesiek | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-10 19:12:02 | 000,595,968 | ---- | M] (OldTimer Tools) -- J:\Pobieranie\OTL.exe PRC - [2012-06-17 08:06:54 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-02-28 18:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-06-17 08:06:44 | 002,042,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2010-07-04 23:32:38 | 000,010,752 | ---- | M] () -- d:\Program Files\Unlocker\UnlockerCOM.dll MOD - [2010-06-19 23:22:42 | 000,016,832 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012-06-17 08:06:48 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-05-30 00:46:31 | 003,417,376 | ---- | M] () [Auto | Stopped] -- c:\program files\common files\akamai/netsession_win_80c2ffa.dll -- (Akamai) SRV - [2012-02-28 18:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011-12-15 21:12:37 | 001,045,328 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-10-25 16:59:16 | 000,244,960 | ---- | M] () [Auto | Stopped] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar) SRV - [2011-10-12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011-08-02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-03-31 10:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Stopped] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2008-05-13 00:12:54 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Stopped] -- C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe -- (RalinkRegistryWriter) SRV - [2008-04-07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008-03-09 14:54:58 | 000,187,120 | ---- | M] (Systweak Inc) [Auto | Stopped] -- C:\Program Files\Systweak\Systweak CacheBoost\cbSrv.exe -- (CacheBoost Service) SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2006-09-28 11:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2006-05-24 08:49:14 | 000,024,576 | R--- | M] (Syntek America Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\StkASv2K.exe -- (StkASSrv) SRV - [2004-07-12 21:06:00 | 000,036,864 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\acs.exe -- (ACS) SRV - [2002-10-16 21:56:00 | 000,176,128 | ---- | M] (Executive Software International, Inc.) [Auto | Stopped] -- d:\Program Files\Executive Software\DiskeeperLite\DKService.exe -- (Diskeeper) SRV - [2000-06-23 07:00:00 | 001,702,400 | ---- | M] (Inprise Corporation) [On_Demand | Stopped] -- C:\Program Files\Borland\InterBase\bin\ibserver.exe -- (InterBaseServer) SRV - [2000-06-23 07:00:00 | 000,022,016 | ---- | M] (Inprise Corporation) [Auto | Stopped] -- C:\Program Files\Borland\InterBase\bin\ibguard.exe -- (InterBaseGuardian) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | Auto | Stopped] -- D:\Program Files\MySecretFolder\MSF32.SYS -- (MSF32) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\h648103.sys -- (h648103) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\dfrdrd\catchme.sys -- (catchme) DRV - [2012-07-10 19:03:42 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2012-04-01 19:51:48 | 000,011,936 | ---- | M] (Highresolution Enterprises [www.highrez.co.uk]) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\inpout32.sys -- (inpout32) DRV - [2011-12-16 19:23:20 | 000,022,016 | ---- | M] (Feitian Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rockey4.sys -- (ROCKEYNT) DRV - [2011-10-07 07:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2011-10-04 07:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2011-09-13 07:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2011-08-08 07:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011-07-29 13:54:56 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv) DRV - [2011-07-29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2011-07-11 02:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2011-07-11 02:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2011-07-11 02:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH) DRV - [2011-07-11 02:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2011-03-18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2011-03-18 13:46:26 | 000,061,704 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS) DRV - [2011-03-18 13:46:10 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K) DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- d:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010-04-27 17:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2010-04-27 17:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2010-04-27 17:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2010-04-27 15:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2010-04-27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2010-04-27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV - [2010-04-27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV - [2009-12-29 18:23:53 | 000,279,712 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-12-29 18:23:53 | 000,025,888 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-11-04 05:03:56 | 000,031,808 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PPortJoy.sys -- (PPortJoystick) DRV - [2009-11-04 05:03:56 | 000,015,936 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PPJoyBus.sys -- (PPJoyBus) DRV - [2009-07-30 11:15:54 | 000,014,336 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP) DRV - [2009-07-27 04:43:18 | 000,058,908 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-02-28 15:35:40 | 000,028,672 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\libusb0.sys -- (libusb0) DRV - [2008-12-26 13:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM) DRV - [2008-09-07 13:20:16 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x) DRV - [2008-08-21 16:52:49 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2008-07-30 01:44:44 | 000,619,136 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870) DRV - [2008-04-18 10:44:04 | 000,026,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Mac606.sys -- (Mac606) DRV - [2008-04-18 10:43:54 | 000,018,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HidNt.sys -- (HidNt) DRV - [2008-04-17 15:52:50 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008-03-06 11:32:42 | 000,035,864 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hid8103.sys -- (hid8103) DRV - [2008-02-13 12:34:50 | 012,067,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD) DRV - [2007-09-17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007-07-18 13:26:04 | 004,547,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-06-15 13:46:26 | 000,099,200 | ---- | M] (10moons) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tridvid.sys -- (TridVid) DRV - [2006-11-27 16:33:54 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-11-27 16:33:50 | 000,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-10-18 16:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata) DRV - [2006-09-27 05:01:36 | 000,241,628 | R--- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkAMini.sys -- (StkAMini) DRV - [2006-08-02 08:44:04 | 000,004,772 | R--- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkScan.sys -- (StkScan) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2005-11-03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2005-09-24 00:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus) DRV - [2005-08-10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005-05-19 16:52:58 | 000,017,792 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\x10ufx2.sys -- (XUIF) DRV - [2005-05-16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2005-03-30 11:12:38 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\TVicPort.sys -- (TVicPort) DRV - [2005-03-09 16:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2005-01-21 11:19:28 | 000,411,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211) DRV - [2005-01-07 18:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService) DRV - [2004-08-22 16:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\d347prt.sys -- (d347prt) DRV - [2004-08-22 16:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\d347bus.sys -- (d347bus) DRV - [2004-08-09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004-08-09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2004-07-19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1) DRV - [2004-03-24 04:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\nsndis5.sys -- (NSNDIS5) DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2002-12-31 19:35:34 | 000,009,728 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Amps2prt.sys -- (Amps2prt) DRV - [2002-04-02 16:30:16 | 000,033,024 | ---- | M] (Colorvision Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cvspydr2.sys -- (cvspydr2) DRV - [1998-09-16 10:07:10 | 000,041,472 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\sfc4.sys -- (SFC4) DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = WWW.WP.PL IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = WWW.WP.PL IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120709&user_guid=A295EC6AEED9469B9C822C8CD99B65EF&machine_id=36df412749c2db2d224a393f38d1c9f1&browser=IE&os=win&os_version=5.1-x86-SP3 IE - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://search.softonic.com/MON00084/tb_v1?SearchSource=10&cc= IE - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\..\SearchScopes,DefaultScope = {0388404D-6072-4CEB-B521-8F090FEAEE57} IE - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120709&user_guid=A295EC6AEED9469B9C822C8CD99B65EF&machine_id=36df412749c2db2d224a393f38d1c9f1&browser=IE&os=win&os_version=5.1-x86-SP3&iesrc={referrer:source} IE - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\..\SearchScopes\{728DDEE9-62DD-4539-ABB2-7D68B12E5F71}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\..\SearchScopes\{B4C5D556-946D-46FD-8596-21BE3905B4F7}: "URL" = http://search.softonic.com/MON00084/tb_v1?q={searchTerms}&SearchSource=4&cc= IE - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421; [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "https://www.google.pl/" FF - prefs.js..keyword.URL: "http://klit.startnow.com/s/?src=addrbar&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120709&user_guid=A295EC6AEED9469B9C822C8CD99B65EF&machine_id=36df412749c2db2d224a393f38d1c9f1&browser=FF&os=win&os_version=5.1-x86-SP3&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: d:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Dane aplikacji\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll File not found FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Documents and Settings\grzesiek\Ustawienia lokalne\Dane aplikacji\RobloxVersions\version-21cdb2fff9fb4df2\\NPRobloxProxy.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-02-25 23:32:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-17 08:06:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-02-20 22:49:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: i:\Mozilla Thunderbird\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: i:\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\avgthb@avg.com: C:\Program Files\AVG\AVG2012\Thunderbird\ [2012-02-25 23:30:49 | 000,000,000 | ---D | M] [2011-03-10 00:30:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\grzesiek\Dane aplikacji\Mozilla\Extensions [2011-03-10 00:30:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\grzesiek\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012-07-09 20:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\vmk8r33s.default\extensions [2011-08-12 00:23:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\vmk8r33s.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-06-12 15:04:54 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\vmk8r33s.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2012-07-09 20:38:15 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Documents and Settings\grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\vmk8r33s.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F} [2010-09-15 15:22:19 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\vmk8r33s.default\extensions\battlefieldheroespatcher@ea.com [2011-11-21 16:50:52 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Documents and Settings\grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\vmk8r33s.default\extensions\battlefieldplay4free@ea.com [2012-05-27 22:43:47 | 000,002,060 | ---- | M] () -- C:\Documents and Settings\grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\vmk8r33s.default\searchplugins\softonic.xml [2012-07-09 20:38:13 | 000,001,390 | ---- | M] () -- C:\Documents and Settings\grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\vmk8r33s.default\searchplugins\yahoo-zugo.xml [2012-06-08 08:04:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-05-07 20:08:59 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2012-06-17 08:06:56 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-10-26 20:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-08 08:04:04 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-08 08:04:04 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-08 08:04:04 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-08 08:04:04 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-06-08 08:04:04 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-08 08:04:04 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-11-10 17:32:08 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll () O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.5.21.0\bh\Softonic.dll (Softonic.com) O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll (Softonic.com) O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\..\Toolbar\ShellBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [CacheBoost] C:\Program Files\Systweak\Systweak CacheBoost\trayicon.exe ( Systweak Inc) O4 - HKLM..\Run: [ExpressFiles] C:\Program Files\ExpressFiles\ExpressFiles.exe (http://www.express-files.com/) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [MSF_Monitor] D:\Program Files\MySecretFolder\MSFMON.exe (WinAbility® Software Corporation) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix) O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe (SONIX) O4 - HKLM..\Run: [UIRibbon] C:\Documents and Settings\grzesiek\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\2146\UIRibbon.exe () O4 - HKU\S-1-5-21-1547161642-1500820517-682003330-1003..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-1547161642-1500820517-682003330-1003..\Run: [Akamai NetSession Interface] C:\Documents and Settings\grzesiek\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKU\S-1-5-21-1547161642-1500820517-682003330-1003..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKU\S-1-5-21-1547161642-1500820517-682003330-1003..\Run: [Greenshot] C:\Program Files\Greenshot\Greenshot.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Wireless Utility.lnk = C:\Program Files\EDIMAX\Common\RaUI.exe (Edimax Technology Co.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1547161642-1500820517-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/softwareupdate/su/ocx/15031/CTSUEng.cab (Reg Error: Key error.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/59.19/uploader2.cab (Reg Error: Key error.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://driveragent.com/files/driveragent.cab (Reg Error: Key error.) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/softwareupdate/su/ocx/15035/CTPID.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34EB7890-E4BC-467D-BAF3-661D83CD0695}: NameServer = 194.204.159.1,194.204.159.34 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F2B4483-F102-4508-B39D-C47AA82947A6}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{752B7DD1-F5A0-44C8-A156-51D5BBD8B0FA}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D8F9E925-4D1A-4B87-AC02-98F0905F6B27}: DhcpNameServer = 194.204.159.1 80.244.128.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE36A962-CE80-41F1-A552-07ACE75DB058}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE36A962-CE80-41F1-A552-07ACE75DB058}: NameServer = 208.67.222.22,208.67.220.220 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F6FDD041-DB32-43E4-ADD1-F6B62C01CD3A}: NameServer = 194.204.159.1,194.204.152.34 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007-03-21 12:14:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2007-03-21 12:14:50 | 000,000,000 | ---- | M] () - I:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-10 19:06:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\grzesiek\Recent [2012-07-10 15:23:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\grzesiek\Dane aplikacji\hellomoto [2012-07-09 20:39:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Media Player Classic [2012-07-09 20:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\StartNow Toolbar [2012-07-09 20:37:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack [2012-07-03 22:19:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\grzesiek\Pulpit\yalp_pliki [2012-06-30 23:10:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\grzesiek\Pulpit\muzyka [2012-06-30 21:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\grzesiek\Pulpit\Downloads [2012-06-17 20:28:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\grzesiek\Pulpit\history [2012-06-14 13:56:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\grzesiek\Moje dokumenty\GTA San Andreas User Files [2012-06-13 23:55:34 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll [17 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-10 19:12:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-07-10 19:03:42 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys [2012-07-10 18:47:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-07-10 15:36:07 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Start On grzesiek Logon.job [2012-07-10 15:30:16 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Express Files Updater.job [2012-07-10 15:29:08 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-07-10 15:29:01 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2012-07-10 15:26:00 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-07-10 15:15:51 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI [2012-07-10 15:15:29 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012-07-10 14:01:23 | 000,000,506 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for grzesiek.job [2012-07-10 12:01:56 | 101,338,631 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm [2012-07-10 00:46:15 | 016,515,072 | ---- | M] () -- C:\Documents and Settings\grzesiek\ntuser.dat [2012-07-10 00:46:15 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\grzesiek\ntuser.ini [2012-07-09 23:59:23 | 000,317,960 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm [2012-07-09 13:15:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-07-06 18:30:23 | 000,080,895 | ---- | M] () -- C:\Documents and Settings\grzesiek\Pulpit\2.gif [2012-07-03 22:20:02 | 000,035,160 | ---- | M] () -- C:\Documents and Settings\grzesiek\Pulpit\yalp.htm [2012-06-30 23:22:53 | 001,679,409 | ---- | M] () -- C:\Documents and Settings\grzesiek\Pulpit\DSC_9733.jpg [2012-06-30 23:10:22 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\grzesiek\Pulpit\Nowy Adobe Photoshop Image 12.psd [2012-06-26 23:39:52 | 000,001,648 | ---- | M] () -- C:\WINDOWS\wincmd.ini [2012-06-26 23:35:44 | 000,002,706 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini [2012-06-25 02:00:01 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-DOM2-grzesiek.job [2012-06-22 23:42:15 | 001,389,697 | ---- | M] () -- C:\Documents and Settings\grzesiek\Pulpit\malutki Balirc2.jpg [2012-06-22 23:41:51 | 000,407,444 | ---- | M] () -- C:\Documents and Settings\grzesiek\Pulpit\malutki Balirc.jpg [2012-06-22 23:39:05 | 060,127,072 | ---- | M] () -- C:\Documents and Settings\grzesiek\Pulpit\mały balirc.psd [2012-06-17 23:35:10 | 000,360,406 | ---- | M] () -- C:\Documents and Settings\grzesiek\Pulpit\DSC_0635.JPG [2012-06-14 13:54:07 | 003,708,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-06-14 08:09:38 | 000,560,008 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-06-14 08:09:38 | 000,496,576 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-06-14 08:09:38 | 000,107,620 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-06-14 08:09:38 | 000,086,154 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-06-14 08:09:37 | 001,222,712 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2012-06-13 23:04:25 | 000,000,657 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk [2012-06-12 22:47:34 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\grzesiek\Pulpit\mecz.rtf [17 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-10 18:50:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-07-06 18:30:16 | 000,080,895 | ---- | C] () -- C:\Documents and Settings\grzesiek\Pulpit\2.gif [2012-07-03 22:19:57 | 000,035,160 | ---- | C] () -- C:\Documents and Settings\grzesiek\Pulpit\yalp.htm [2012-06-30 23:22:47 | 001,679,409 | ---- | C] () -- C:\Documents and Settings\grzesiek\Pulpit\DSC_9733.jpg [2012-06-30 23:10:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\grzesiek\Pulpit\Nowy Adobe Photoshop Image 12.psd [2012-06-22 23:42:12 | 001,389,697 | ---- | C] () -- C:\Documents and Settings\grzesiek\Pulpit\malutki Balirc2.jpg [2012-06-22 23:41:48 | 000,407,444 | ---- | C] () -- C:\Documents and Settings\grzesiek\Pulpit\malutki Balirc.jpg [2012-06-22 23:38:56 | 060,127,072 | ---- | C] () -- C:\Documents and Settings\grzesiek\Pulpit\mały balirc.psd [2012-06-17 23:35:10 | 000,360,406 | ---- | C] () -- C:\Documents and Settings\grzesiek\Pulpit\DSC_0635.JPG [2012-06-13 23:04:25 | 000,000,657 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk [2012-06-12 22:47:34 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\grzesiek\Pulpit\mecz.rtf [2012-04-10 00:47:28 | 000,007,393 | ---- | C] () -- C:\Documents and Settings\grzesiek\.recently-used.xbel [2012-03-29 07:55:09 | 016,515,072 | ---- | C] () -- C:\Documents and Settings\grzesiek\ntuser.dat [2012-03-26 00:31:33 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\WIN.INI [2012-03-25 18:39:29 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe [2012-03-25 18:39:29 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe [2012-03-25 18:39:29 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2012-03-25 18:39:29 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2012-03-25 18:39:29 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2012-02-18 18:19:06 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol [2012-02-16 08:41:19 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-01-28 18:37:59 | 000,014,640 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat [2012-01-28 18:37:59 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt2870.bin [2012-01-17 16:49:15 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\grzesiek\Dane aplikacji\Preferencje Adobe CS5 dla formatu GIF [2012-01-02 21:30:52 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2012-01-02 21:30:52 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2012-01-02 21:30:43 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\grzesiek\Dane aplikacji\$_hpcst$.hpc [2011-12-15 21:13:05 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\Ry4CoInst.dll [2011-12-11 22:29:04 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\grzesiek\Dane aplikacji\Preferencje Adobe CS5 dla formatu PNG [2011-12-11 22:27:44 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\grzesiek\Dane aplikacji\Preferencje Adobe CS5 dla formatu BMP [2011-12-05 00:36:03 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys [2011-12-05 00:36:03 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini [2011-12-05 00:36:01 | 012,067,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys [2011-12-05 00:36:01 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll [2011-12-05 00:36:01 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll [2011-11-19 00:25:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\setwintitle.exe [2011-11-17 01:17:02 | 002,642,362 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1547161642-1500820517-682003330-1003-0.dat [2011-11-15 01:30:44 | 000,429,586 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2011-11-14 23:45:50 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft.SqlServer.Compact.351.32.bc [2011-11-09 18:50:43 | 000,000,367 | ---- | C] () -- C:\Documents and Settings\grzesiek\Dane aplikacji\Metin2_Multibot.cfg [2011-10-29 17:46:58 | 000,039,095 | ---- | C] () -- C:\WINDOWS\iccsigs.dat [2011-10-26 15:53:08 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-10-20 19:54:12 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\LFC.exe [2011-08-28 13:55:51 | 000,097,924 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2011-08-24 22:02:56 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys [2011-07-18 19:39:26 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ReminderNextRun [2011-07-18 11:21:25 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2011-06-21 15:57:27 | 000,064,048 | ---- | C] () -- C:\WINDOWS\System32\Hidhlp.dll [2011-06-21 15:57:27 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\iFT33C2.dll [2011-06-21 15:57:27 | 000,026,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\Mac606.sys [2011-05-12 17:12:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CorelDrw.INI [2011-02-27 20:39:36 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\grzesiek\2.png [2010-11-15 22:14:48 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010-11-15 22:14:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-11-15 22:14:48 | 000,080,384 | ---- | C] () -- C:\WINDOWS\grep.exe [2010-11-15 22:14:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010-11-15 22:14:47 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010-11-09 22:17:33 | 000,000,547 | ---- | C] () -- C:\WINDOWS\eReg.dat [2010-09-11 22:43:42 | 000,000,878 | ---- | C] () -- C:\WINDOWS\Gfact.ini [2010-09-11 22:43:42 | 000,000,027 | ---- | C] () -- C:\WINDOWS\gdx.ini [2010-09-09 18:57:54 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2010-06-02 14:50:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\grzesiek\IMG_0336.JPG [2010-05-06 07:43:49 | 002,109,646 | -H-- | C] () -- C:\Documents and Settings\grzesiek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-04-08 14:04:41 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\grzesiek\44774556.png [2010-02-15 23:04:22 | 000,103,936 | ---- | C] () -- C:\Documents and Settings\grzesiek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-02-14 20:45:50 | 000,135,296 | ---- | C] () -- C:\Documents and Settings\grzesiek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-02-12 20:54:51 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\grzesiek\Dane aplikacji\PnkBstrK.sys [2009-12-05 23:27:33 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\LocalService\Dane aplikacji\fvgqad.dat [2009-12-05 16:32:33 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\grzesiek\Dane aplikacji\fvgqad.dat [2009-03-02 21:24:36 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\grzesiek\showdesktop.scf [2009-02-23 15:00:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2008-07-11 16:58:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\grzesiek\jagex_runescape_preferences.dat [2008-05-10 17:02:40 | 000,000,550 | ---- | C] () -- C:\Documents and Settings\grzesiek\Dane aplikacji\AutoGK.ini [2007-08-31 21:51:01 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\grzesiek\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2007-04-16 23:15:21 | 000,000,103 | ---- | C] () -- C:\Documents and Settings\grzesiek\default.pls [2007-03-21 15:55:58 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat [2007-03-21 12:26:11 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\grzesiek\ntuser.ini [color=#E56717]========== LOP Check ==========[/color] [2011-12-17 21:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2DBoy [2011-12-24 17:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AeroSIM_RC [2010-07-28 15:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2011-12-19 16:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2011-12-05 08:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012 [2012-03-01 20:44:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BearShare [2012-05-08 22:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2011-11-10 17:44:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2010-11-20 11:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2012-01-28 18:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Edimax Driver [2010-01-14 21:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Farm Frenzy [2010-10-22 20:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FarmFrenzy-PizzaParty [2010-09-08 14:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2009-01-24 15:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InterAction studios [2012-07-10 12:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2010-10-03 11:29:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU [2011-04-29 14:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2012-01-02 21:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2010-03-07 16:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle [2010-03-07 16:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle Studio Plus [2010-03-07 16:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle Studio Ultimate [2011-11-25 22:19:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Recisio [2011-12-03 19:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe [2012-06-08 14:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [2009-01-02 01:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SLF [2010-06-15 22:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Studio 12 [2012-07-10 15:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2012-02-28 22:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2010-03-15 21:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems [2009-01-03 19:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Wru [2012-03-01 20:46:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{46F4B6A0-2237-4B58-92A6-75486A36846E} [2012-05-03 07:57:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\.minecraft [2011-04-25 22:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Arduino [2011-10-03 15:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Audacity [2011-12-15 20:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Autodesk [2011-11-15 08:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\AVG [2011-11-10 17:47:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\AVG2012 [2012-03-19 23:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Avnex [2012-03-22 00:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\BearShare [2010-05-13 23:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\CadSoft [2009-09-23 20:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Chromeflower [2012-01-07 02:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Clickteam [2011-11-28 18:10:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\com.adobe.downloadassistant.AdobeDownloadAssistant [2009-02-23 15:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\ConvertTemp [2009-02-10 00:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Cream Software [2009-09-23 19:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\CrystalSpace [2012-07-10 19:05:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\DAEMON Tools Lite [2012-02-09 23:46:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Dev-Cpp [2011-09-29 22:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\em_update [2012-04-21 11:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\ExpressFiles [2010-11-21 15:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\FabrykaGier [2010-10-31 20:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\flightgear.org [2010-10-31 21:30:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\fltk.org [2011-12-09 18:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\FPV Recorder [2011-12-05 00:13:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\fretsonfire [2007-06-22 16:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Gadu-Gadu [2011-05-11 22:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Gadu-Gadu 10 [2012-04-21 00:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\GetRightToGo [2012-05-27 22:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Greenshot [2009-05-11 19:40:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Groove Games [2012-04-10 14:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\gtk-2.0 [2012-07-10 15:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\hellomoto [2011-12-17 23:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Mumble [2010-06-14 21:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Nowe Gadu-Gadu [2010-10-30 09:48:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\OpenFM [2010-06-17 14:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\OpenOffice.ux.pl [2010-06-15 06:59:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Opera [2012-01-02 21:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\PC Suite [2012-06-05 00:23:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Samsung [2009-12-23 11:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Silver Style Entertainment [2012-05-27 22:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Softonic [2012-05-16 01:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Subversion [2011-08-29 16:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\TS3Client [2012-02-28 23:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Ubisoft [2010-06-14 21:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\Ulead Systems [2012-07-10 19:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\uTorrent [2012-02-17 00:48:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\wargaming.net [2010-10-07 19:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\WB Games [2011-12-16 21:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\grzesiek\Dane aplikacji\ZWSoft [2012-07-10 15:36:07 | 000,000,422 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Start On grzesiek Logon.job [2012-07-10 15:30:16 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\Express Files Updater.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:0B4227B4 @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6CC69D3C < End of report >