OTL logfile created on: 2012-07-18 17:13:57 - Run 2 OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Jacek\Desktop Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,99 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 83,44% Memory free 4,21 Gb Paging File | 4,03 Gb Available in Paging File | 95,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 99,70 Gb Total Space | 60,91 Gb Free Space | 61,09% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 5,16 Gb Free Space | 51,63% Space Free | Partition Type: NTFS Computer Name: JACEK-PC | User Name: Jacek | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-05-31 12:10:12 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jacek\Desktop\OTL.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2006-11-06 10:00:56 | 000,077,824 | ---- | M] () -- C:\Windows\System32\hccutils.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010-09-22 17:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2009-03-30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-02-18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008-01-19 09:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008-01-19 09:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2008-01-19 09:34:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess) SRV - [2008-01-19 09:34:34 | 000,288,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess) SRV - [2007-11-26 15:54:12 | 001,554,728 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2009-04-11 06:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs) DRV - [2008-01-19 07:49:16 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse) DRV - [2008-01-19 07:28:02 | 000,070,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs) DRV - [2008-01-19 06:25:05 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2007-11-26 15:54:12 | 000,016,040 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\Windows\System32\drivers\InCDrec.sys -- (InCDrec) DRV - [2007-04-19 11:09:42 | 000,194,048 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NWADIenum.sys -- (NWADI) DRV - [2007-04-19 11:09:42 | 000,099,200 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbser.sys -- (NWUSBPort) DRV - [2007-04-19 11:09:42 | 000,099,200 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbmdm.sys -- (NWUSBModem) DRV - [2007-02-21 21:48:03 | 000,023,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci) DRV - [2007-02-21 21:48:03 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide) DRV - [2007-02-21 21:48:03 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide) DRV - [2007-02-21 21:48:03 | 000,015,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide) DRV - [2007-02-21 21:48:03 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide) DRV - [2007-02-21 21:48:03 | 000,013,416 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pciide.sys -- (pciide) DRV - [2007-01-06 07:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor) DRV - [2007-01-06 07:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid) NVIDIA nForce(tm) DRV - [2006-11-22 15:56:52 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2006-11-14 18:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300) DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor) DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci) DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci) DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV) DRV - [2006-11-02 11:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia) DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320) DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006-11-02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp) DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 11:50:17 | 000,080,488 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm) DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 11:50:16 | 000,078,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio) DRV - [2006-11-02 11:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port) DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas) DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs) DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc) DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas) DRV - [2006-11-02 11:49:49 | 000,027,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp) DRV - [2006-11-02 11:49:38 | 000,019,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd) DRV - [2006-11-02 10:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth) DRV - [2006-11-02 10:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR) DRV - [2006-11-02 10:55:08 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass) DRV - [2006-11-02 10:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci) DRV - [2006-11-02 10:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr) DRV - [2006-11-02 10:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen) DRV - [2006-11-02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy) DRV - [2006-11-02 10:51:33 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc) DRV - [2006-11-02 10:51:32 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk) DRV - [2006-11-02 10:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport) DRV - [2006-11-02 10:42:03 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV) DRV - [2006-11-02 10:30:19 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7) DRV - [2006-11-02 10:30:18 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8) DRV - [2006-11-02 10:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe) DRV - [2006-11-02 10:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7) DRV - [2006-11-02 10:30:18 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor) DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2005-12-22 18:02:22 | 000,051,840 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2005-11-16 21:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.shareware.pro/?lang=pl IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.shareware.pro/?lang=pl IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/?homepage&src01=6581f IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pl.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 48 BF B2 6E 0F CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?FORM=IEFM1&q={searchTerms} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_en IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jacek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jacek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Live Search () CHR - default_search_provider: search_url = http://search.live.com/results.aspx?mkt=pl-PL&q={searchTerms} CHR - default_search_provider: suggest_url = O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LanzarP2006] "C:\Users\Jacek\AppData\Local\Temp\P2006tmp\Install.exe" /SETUP:"/l0x0015" File not found O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [O2Start] C:\Program Files\O2CM-CE\O2 Connection Manager\tscui.exe (O2) O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe (PC Tools) O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe File not found O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\Windows\is-1OKD0.exe () O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation) O4 - HKCU..\RunOnce: [Report] C:\AdwCleaner[S1].txt () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA315FE6-8B00-42FD-82B2-7B3A1D5A939D}: DhcpNameServer = 194.204.159.1 194.204.152.34 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF954A6C-9FC0-41D9-9909-BA42C532156C}: DhcpNameServer = 194.204.159.1 194.204.152.34 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img18.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img18.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-18 17:12:46 | 000,000,000 | ---D | C] -- C:\Users\Jacek\Desktop\nowe logi [2012-07-18 17:02:45 | 000,000,000 | ---D | C] -- C:\_OTL [2012-07-18 17:01:56 | 000,000,000 | ---D | C] -- C:\Users\Jacek\Desktop\stare logi [2012-07-18 15:32:52 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Jacek\Desktop\OTL.exe [2012-07-18 14:46:18 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{B76B1847-6961-4760-B057-78796DC390FB} [2012-07-18 14:46:08 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{4182F575-892A-4320-95C5-8B417A52C1C0} [2012-07-18 14:15:51 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{DC936696-75C8-478B-AAAC-9D49D24E545F} [2012-07-18 13:31:23 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{8A6838AD-AA9C-44BF-AA6E-ED37B855D79C} [2012-07-18 13:31:13 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{AACDC490-BCDE-4928-B445-7A2F6C5FEE6D} [2012-07-18 12:50:30 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{1AAC581A-A408-48B7-AA0A-DDEE61DAE047} [2012-07-18 12:50:19 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{FA351ED3-7505-4445-930B-E268669F592B} [2012-07-18 11:51:05 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{758FDD00-8AA8-4556-851E-8D61EABFFA91} [2012-07-18 11:50:56 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{1F6B55F4-D70A-431C-B994-B428F15FEF69} [2012-07-15 22:28:50 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{39C75840-FB57-4F81-94BA-70FA23BF29C7} [2012-07-15 22:28:19 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{AD50AFAF-8D05-4668-9E2E-5817D292525E} [2012-07-15 11:34:25 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012-07-15 11:13:52 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{34FD0E78-4C09-4873-8C81-DAADB904EE97} [2012-07-12 23:33:16 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{0FAD02B4-56C5-45DC-B171-D714FFE1A731} [2012-07-12 23:27:41 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{23C039F1-2C59-4287-84DC-B34CAA2027B4} [2012-07-12 23:22:31 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{FE5A6BFB-4864-40FF-B4F7-8C541FCD42E0} [2012-07-12 23:11:56 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{DD5DFC99-25CD-4159-A8F2-73D810F0F6E5} [2012-07-12 23:11:05 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{09EB260C-43C4-40CF-A695-2C8EC5E10832} [2012-07-12 22:54:34 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{04049983-0BE8-4B2B-9548-D609BF6A73A7} [2012-07-12 22:51:44 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{B4FCC779-2F65-4633-8776-3CDE35A38DE7} [2012-07-12 22:27:12 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{6784521F-3315-4541-B478-89B27CBA0E41} [2012-07-12 21:21:47 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{11E0A3CC-F955-4389-9B8E-064D5C57A719} [2012-07-12 21:21:33 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{5D0A849B-1833-4B4D-8394-57F73F93632C} [2012-07-11 00:36:19 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{8CD96F86-4111-47DA-9F70-FDEB95347E5C} [2012-07-11 00:35:33 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{8EC7D85E-0097-42CF-90BF-0F05949A7C55} [2012-07-09 22:53:36 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{1CC06A58-B751-4855-ADF9-4FF3B184C6B3} [2012-07-06 23:51:50 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{E6C14D91-3E7F-4BEA-A57A-FA82B171EC64} [2012-07-06 23:49:12 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{783BF850-EE14-4BDC-AE99-E1B43492480A} [2012-07-05 23:55:55 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{E72896A4-82CC-476C-B1B0-115E052D3655} [2012-07-05 23:54:15 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{A8237AE2-06A9-44D8-9280-3209A420A985} [2012-07-05 00:20:08 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{DD1D7039-F4FA-41C4-879D-7706A02B093D} [2012-07-05 00:18:15 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{DF175320-8FF3-4EBA-834F-22E07BEEEA86} [2012-07-03 21:30:17 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{39CDEE94-5190-49C3-8239-C612A0DB026C} [2012-07-03 21:29:35 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{8B0D61C5-F1DF-48F7-8749-66E211DB7EDF} [2012-07-03 20:37:32 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{7E770EF5-FCA5-4563-A1DE-9AA6C1AB38AB} [2012-07-03 20:37:14 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{910403A1-FF02-4714-98A4-958D82B82D4B} [2012-07-01 12:38:19 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Roaming\Malwarebytes [2012-07-01 12:38:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-07-01 12:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-07-01 12:38:02 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012-07-01 12:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-06-22 23:08:47 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{64F8B56E-105D-4E07-BE8B-1E4D99E3DE6B} [2012-06-22 20:43:33 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{9D8ECF60-72A0-4AD9-8301-6B2DD1BC1203} [2012-06-22 20:43:00 | 000,000,000 | ---D | C] -- C:\Users\Jacek\AppData\Local\{D72439A9-4DD7-442C-8BAE-3482A29E03DF} [4 C:\Users\Jacek\Desktop\*.tmp files -> C:\Users\Jacek\Desktop\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-18 17:10:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-18 17:01:38 | 000,624,883 | ---- | M] () -- C:\Users\Jacek\Desktop\adwcleaner.exe [2012-07-18 15:45:37 | 000,711,240 | ---- | M] () -- C:\Windows\is-1OKD0.exe [2012-07-18 15:45:37 | 000,011,850 | ---- | M] () -- C:\Windows\is-1OKD0.msg [2012-07-18 15:45:37 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-07-18 15:45:37 | 000,000,440 | ---- | M] () -- C:\Windows\is-1OKD0.lst [2012-07-18 15:35:59 | 000,005,568 | ---- | M] () -- C:\Users\Jacek\AppData\Local\d3d9caps.dat [2012-07-18 15:26:16 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-07-18 15:22:47 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-18 15:22:46 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-18 15:20:51 | 000,374,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-07-18 13:13:19 | 000,598,290 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-07-18 13:13:19 | 000,104,304 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-07-15 11:12:22 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3660580578-2341623939-2954412183-1000Core.job [2012-07-15 11:12:09 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-07-15 11:12:03 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3660580578-2341623939-2954412183-1000UA.job [2012-07-12 23:14:47 | 000,003,204 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012-07-12 22:10:57 | 000,002,004 | ---- | M] () -- C:\Users\Jacek\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [4 C:\Users\Jacek\Desktop\*.tmp files -> C:\Users\Jacek\Desktop\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-18 17:08:35 | 000,624,883 | ---- | C] () -- C:\Users\Jacek\Desktop\adwcleaner.exe [2012-07-18 15:45:37 | 000,711,240 | ---- | C] () -- C:\Windows\is-1OKD0.exe [2012-07-18 15:45:37 | 000,011,850 | ---- | C] () -- C:\Windows\is-1OKD0.msg [2012-07-18 15:45:37 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-07-18 15:45:37 | 000,000,440 | ---- | C] () -- C:\Windows\is-1OKD0.lst [2012-01-11 21:58:02 | 000,000,000 | ---- | C] () -- C:\Users\Jacek\AppData\Local\{4A1EC8B3-B301-40A9-85AB-B1B15206A0E4} [2011-06-16 09:34:59 | 000,000,000 | ---- | C] () -- C:\Users\Jacek\AppData\Local\{12381947-0C61-4C06-88E6-AE6B1E833500} [2010-08-08 22:57:32 | 000,000,000 | ---- | C] () -- C:\Windows\pcfriend.INI [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\zdjecia rozne 101.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\zdjecia rozne 100.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\zdjecia rozne 079.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\zdjecia rozne 057.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\zdjecia rozne 039.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\SzaraczekWandusi i Jacusia.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\Szaraczek Wandusi i Jacusia.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\Szaraczek patrzacy.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\renewal of domain_files:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\Pareczka Dusia i Szaraczek.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\jacek.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\Dusia w koszyczku.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\Dusia odpoczywa.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\DSC00596.JPG:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\dokumenty PIT:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\dane do poczty electronicznrj_files:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\configuration.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Jacek\Documents\07-09-2007 16;56;43.jpg:Roxio EMC Stream @Alternate Data Stream - 180 bytes -> C:\Users\Jacek\Documents\doc5.JPG:3or4kl4x13tuuug3Byamue2s4b @Alternate Data Stream - 180 bytes -> C:\Users\Jacek\Documents\doc4.JPG:3or4kl4x13tuuug3Byamue2s4b @Alternate Data Stream - 180 bytes -> C:\Users\Jacek\Documents\doc3.JPG:3or4kl4x13tuuug3Byamue2s4b @Alternate Data Stream - 180 bytes -> C:\Users\Jacek\Documents\doc2.JPG:3or4kl4x13tuuug3Byamue2s4b @Alternate Data Stream - 180 bytes -> C:\Users\Jacek\Documents\doc1.JPG:3or4kl4x13tuuug3Byamue2s4b @Alternate Data Stream - 180 bytes -> C:\Users\Jacek\Documents\configuration.jpg:3or4kl4x13tuuug3Byamue2s4b @Alternate Data Stream - 164 bytes -> C:\Users\Jacek\Documents\logo Baltis.JPG:3or4kl4x13tuuug3Byamue2s4b < End of report >