OTL logfile created on: 2012-07-22 15:14:34 - Run 2
OTL by OldTimer - Version 3.2.54.0     Folder = D:\MUZYKA
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,41% Memory free
3,85 Gb Paging File | 3,57 Gb Available in Paging File | 92,80% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 1,39 Gb Free Space | 3,56% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 154,38 Gb Free Space | 25,89% Space Free | Partition Type: NTFS
Drive E: | 109,98 Gb Total Space | 0,12 Gb Free Space | 0,11% Space Free | Partition Type: NTFS
Drive K: | 576,46 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: JFKSJDS-F9E25C5 | User Name: Sylwia | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-07-22 15:13:38 | 000,596,480 | ---- | M] (OldTimer Tools) -- D:\MUZYKA\OTL(1).exe
PRC - [2012-06-26 11:04:11 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008-04-14 23:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-06-26 11:04:11 | 002,042,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-07-20 12:43:41 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-06-26 11:04:11 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011-04-24 23:08:00 | 004,303,928 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2010-09-10 17:50:28 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Stopped] -- D:\CD BurnerXP\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- E:\alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-07-20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-02-26 19:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2011-01-23 17:30:10 | 000,436,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2011-01-03 10:38:36 | 000,136,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011-01-03 10:38:36 | 000,121,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011-01-03 10:38:36 | 000,114,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011-01-03 10:38:36 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010-12-21 07:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2009-11-12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006-04-06 14:20:44 | 004,258,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-03-16 18:51:32 | 000,099,840 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2006-02-17 04:28:32 | 000,013,056 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-02-17 04:28:30 | 000,034,176 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005-10-27 15:06:00 | 000,356,096 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2005-03-09 15:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005-01-31 12:12:46 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004-10-08 13:59:12 | 000,326,656 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2004-05-02 10:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ironto
IE - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=ac8435ed000000000000000e2e9a7812&tlver=1.4.19.19&affID=17162
IE - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
IE - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultthis.engineName: "free-downloads.net Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "www.pajacyk.pl"
FF - prefs.js..extensions.enabledItems: {E6C93316-271E-4b3d-8D7E-FE11B4350AEB}:1.4.19
FF - prefs.js..extensions.enabledItems: fbdislike@doweb.fr:1.2.2
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.5
FF - prefs.js..extensions.enabledItems: dislikebutton_pl@dislike.netnovate.com:1.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@clickteam.com/Vitalize!,version=4.0.0.0: C:\WINDOWS\system32\Clickteam\Vitalize\v4\npcnc32.dll (Clickteam)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\picasa 3\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Documents and Settings\All Users\Dane aplikacji\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-27 19:49:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-26 11:04:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-06-07 21:20:39 | 000,000,000 | ---D | M]
 
[2005-08-07 20:45:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sylwia\Dane aplikacji\Mozilla\Extensions
[2012-07-19 22:37:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sylwia\Dane aplikacji\Mozilla\Firefox\Profiles\4cy394w7.default\extensions
[2012-06-07 21:30:52 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Sylwia\Dane aplikacji\Mozilla\Firefox\Profiles\4cy394w7.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012-07-19 22:37:24 | 000,000,000 | ---D | M] (free-downloads.net Community Toolbar) -- C:\Documents and Settings\Sylwia\Dane aplikacji\Mozilla\Firefox\Profiles\4cy394w7.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
[2012-06-07 21:30:51 | 000,000,000 | ---D | M] ("Przycisk "Nie LubiÄ™!" na Facebooka") -- C:\Documents and Settings\Sylwia\Dane aplikacji\Mozilla\Firefox\Profiles\4cy394w7.default\extensions\dislikebutton_pl@dislike.netnovate.com
[2011-05-03 10:42:05 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\Sylwia\Dane aplikacji\Mozilla\Firefox\Profiles\4cy394w7.default\extensions\DTToolbar@toolbarnet.com
[2012-06-08 18:40:18 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\Sylwia\Dane aplikacji\Mozilla\Firefox\Profiles\4cy394w7.default\extensions\ffxtlbr@babylon.com
[2011-12-23 23:46:57 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\Sylwia\Dane aplikacji\Mozilla\Firefox\Profiles\4cy394w7.default\extensions\ffxtlbr@Facemoods.com
[2010-01-20 13:16:28 | 000,000,939 | ---- | M] () -- C:\Documents and Settings\Sylwia\Dane aplikacji\Mozilla\Firefox\Profiles\4cy394w7.default\searchplugins\conduit.xml
[2011-05-03 10:41:43 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Sylwia\Dane aplikacji\Mozilla\Firefox\Profiles\4cy394w7.default\searchplugins\daemon-search.xml
[2012-06-07 21:20:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-10-20 20:42:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-06-07 21:21:21 | 000,009,489 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\SYLWIA\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\4CY394W7.DEFAULT\EXTENSIONS\{E6C93316-271E-4B3D-8D7E-FE11B4350AEB}.XPI
[2012-06-26 11:04:13 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-04-19 22:31:42 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012-06-26 11:04:08 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-03-08 21:45:23 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-06-26 11:04:08 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-12-23 23:46:58 | 000,002,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2012-06-26 11:04:08 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-26 11:04:08 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-26 11:04:08 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-26 11:04:08 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2012-01-06 18:18:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre2.dll (Conduit Ltd.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found
O3 - HKLM\..\Toolbar: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - D:\Tłumacz\InternetTranslator.dll (Techland)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\prxtbfre2.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\adobe reader 9.4.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [GrooveMonitor] D:\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] D:\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [mfglnisjasnoxas] C:\Documents and Settings\All Users\Dane aplikacji\mfglnisj.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Standby] C:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [WinampAgent] D:\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003..\Run: [AlcoholAutomount] E:\alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003..\Run: [ALLUpdate] D:\Allplayer\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003..\Run: [Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003..\Run: [DAEMON Tools Lite] D:\daemon\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003..\Run: [KiesHelper] D:\kies samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003..\Run: [KiesPDLR] D:\kies samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003..\Run: [KiesTrayAgent] D:\kies samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003..\Run: [mfglnisjasnoxas] C:\Documents and Settings\All Users\Dane aplikacji\mfglnisj.exe ()
O4 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003..\Run: [Steam] D:\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1708537768-1604221776-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @D:\Tłumacz\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - D:\Tłumacz\InternetTranslator.dll (Techland)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57745C1B-86C5-489F-89BC-587CBCB6899A}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Sylwia\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sylwia\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-06-17 20:05:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006-10-09 23:40:30 | 000,203,593 | ---- | M] () - D:\auto pot.exe -- [ NTFS ]
O32 - AutoRun File - [2008-08-05 22:16:06 | 000,379,904 | ---- | M] () - D:\auto_login.exe -- [ NTFS ]
O32 - AutoRun File - [2008-10-12 18:01:00 | 000,379,904 | ---- | M] () - E:\auto connect.exe -- [ NTFS ]
O32 - AutoRun File - [2009-05-23 11:40:55 | 000,000,225 | ---- | M] () - E:\AutoPotConfig.ini -- [ NTFS ]
O32 - AutoRun File - [2008-08-05 22:16:06 | 000,379,904 | ---- | M] () - E:\auto_login.exe -- [ NTFS ]
O32 - AutoRun File - [2010-02-23 16:03:55 | 000,000,039 | R--- | M] () - K:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-22 14:32:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2012-07-22 14:15:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\hsatvzerangnewn
[2012-07-08 15:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\Grupa IMAGE
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-07-22 15:09:47 | 008,650,752 | -H-- | M] () -- C:\Documents and Settings\Sylwia\NTUSER.DAT
[2012-07-22 15:09:47 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\Sylwia\ntuser.ini
[2012-07-22 14:36:13 | 001,265,496 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2012-07-22 14:36:13 | 000,559,018 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-07-22 14:36:13 | 000,496,642 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-07-22 14:36:13 | 000,106,214 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-07-22 14:36:13 | 000,085,126 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-07-22 14:31:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-07-22 14:30:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012-07-22 14:26:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012-07-22 14:21:19 | 000,050,257 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012-07-22 14:15:46 | 000,000,051 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\kkwkoecwsepodtv
[2012-07-22 14:15:39 | 000,053,248 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\pxborxcy.exe
[2012-07-22 14:15:39 | 000,053,248 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\mfglnisj.exe
[2012-07-22 14:15:39 | 000,053,248 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\jzrbaica.exe
[2012-07-22 14:15:39 | 000,053,248 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\fulsoxgg.exe
[2012-07-22 14:15:39 | 000,053,248 | ---- | M] () -- C:\Documents and Settings\Sylwia\0.3464085009075998.exe
[2012-07-22 13:42:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-07-22 12:19:20 | 000,041,472 | ---- | M] () -- C:\Documents and Settings\Sylwia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-07-20 13:54:21 | 000,302,824 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-07-20 12:44:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-07-20 12:44:10 | 000,000,638 | ---- | M] () -- C:\WINDOWS\win.ini
[2012-07-20 12:43:40 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-07-20 12:43:39 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-07-20 11:21:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-07-08 15:30:24 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\Sylwia\Pulpit\Testy B.lnk
[2012-07-07 21:16:50 | 000,271,200 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2012-07-02 11:53:12 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Sylwia\Pulpit\Kosz.lnk
[2012-06-25 15:27:36 | 000,006,266 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-07-22 14:15:46 | 000,053,248 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\fulsoxgg.exe
[2012-07-22 14:15:45 | 000,053,248 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\mfglnisj.exe
[2012-07-22 14:15:45 | 000,053,248 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\jzrbaica.exe
[2012-07-22 14:15:40 | 000,053,248 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\pxborxcy.exe
[2012-07-22 14:15:40 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\kkwkoecwsepodtv
[2012-07-22 14:15:39 | 000,053,248 | ---- | C] () -- C:\Documents and Settings\Sylwia\0.3464085009075998.exe
[2012-07-08 15:30:24 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\Sylwia\Pulpit\Testy B.lnk
[2012-07-02 11:53:12 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Sylwia\Pulpit\Kosz.lnk
[2012-05-16 19:00:11 | 000,002,105 | ---- | C] () -- C:\Documents and Settings\Sylwia\.recently-used.xbel
[2012-05-13 16:19:07 | 000,223,496 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2012-05-08 15:16:54 | 000,000,264 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2012-03-11 14:44:43 | 000,000,080 | ---- | C] () -- C:\Documents and Settings\Sylwia\Dane aplikacji\mBot.ini
[2012-01-26 20:56:07 | 000,473,460 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Tibia_dat.bak
[2012-01-06 18:03:11 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012-01-06 18:03:11 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012-01-06 18:03:11 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012-01-06 18:03:11 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012-01-06 18:03:11 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012-01-06 14:35:41 | 000,000,063 | ---- | C] () -- C:\Documents and Settings\Sylwia\jagex_cl_runescape_LIVE1.dat
[2012-01-06 13:51:30 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\Sylwia\jagex_cl_runescape_LIVE.dat
[2011-11-22 23:06:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sylwia\111101_142910.jpg
[2011-09-17 16:42:34 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\Sylwia\Dane aplikacji\esroLoader.ini
[2011-07-24 03:24:20 | 002,505,296 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1708537768-1604221776-725345543-1003-0.dat
[2011-07-24 03:24:20 | 000,293,142 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2011-05-23 23:02:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sylwia\Game.png
[2011-04-19 18:04:03 | 000,000,090 | ---- | C] () -- C:\Documents and Settings\Sylwia\Dane aplikacji\XTDocSettings.ini
[2011-03-18 19:33:48 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011-03-08 14:41:06 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011-03-08 14:41:04 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011-03-08 14:41:04 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011-03-08 14:41:04 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011-03-08 14:41:04 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011-03-05 14:50:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sylwia\577908_2bf76637962e59eb1063058d518677c0.jpg
[2011-03-02 18:42:05 | 000,000,040 | ---- | C] () -- C:\WINDOWS\nfsc_patch.ini
[2011-02-16 23:00:29 | 000,004,096 | ---- | C] () -- C:\Documents and Settings\Sylwia\.recently-used.xbel.265WQV
[2011-02-14 18:31:27 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011-01-30 18:02:16 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2011-01-30 18:02:11 | 000,006,812 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2011-01-10 13:30:46 | 000,000,105 | ---- | C] () -- C:\Documents and Settings\Sylwia\Dane aplikacji\private_server_loader.ini
[2011-01-05 13:13:13 | 000,040,848 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010-12-25 21:01:53 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\Sylwia\wifs32.set
[2010-12-01 20:01:17 | 000,000,020 | ---- | C] () -- C:\WINDOWS\setupodp.ini
[2010-12-01 19:52:51 | 000,002,563 | ---- | C] () -- C:\WINDOWS\setupimpact.ini
[2010-11-29 21:13:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sylwia\DSC02365.JPG
[2010-10-27 16:13:58 | 002,373,712 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2010-10-14 21:09:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sylwia\Obraz(2).jpeg
[2010-10-14 21:08:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sylwia\Obraz(1).jpeg
[2010-08-19 00:28:35 | 000,006,266 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys
[2010-08-19 00:28:35 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\C9604667DC.sys
[2010-06-24 20:24:16 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Sylwia\Dane aplikacji\PnkBstrK.sys
[2010-06-20 19:44:59 | 000,041,472 | ---- | C] () -- C:\Documents and Settings\Sylwia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-17 20:34:31 | 000,083,424 | ---- | C] () -- C:\Documents and Settings\Sylwia\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-17 20:15:23 | 004,800,714 | -H-- | C] () -- C:\Documents and Settings\Sylwia\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-17 20:09:25 | 000,000,292 | -HS- | C] () -- C:\Documents and Settings\Sylwia\ntuser.ini
[2010-06-17 20:09:23 | 008,650,752 | -H-- | C] () -- C:\Documents and Settings\Sylwia\NTUSER.DAT
[2005-08-16 20:58:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sylwia\teddybears sthlm & mad cobra - cobrastyle.wav
[2005-08-05 18:37:43 | 000,000,092 | ---- | C] () -- C:\Documents and Settings\Sylwia\default.pls
[2005-07-29 22:29:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sylwia\gallery-99352058-500x500.jpg
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-01-30 17:57:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2011-02-14 18:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2011-05-03 10:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-06-18 14:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-07-22 14:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\hsatvzerangnewn
[2010-10-27 16:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software
[2010-08-19 00:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InterVideo
[2011-08-03 08:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-07-23 15:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2010-06-20 19:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SwiftKit
[2010-09-01 14:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2010-11-27 15:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012-07-04 23:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\AIMP
[2011-01-30 17:57:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\Ashampoo
[2011-03-08 21:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\BabylonToolbar
[2011-02-14 18:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\Canneverbe Limited
[2011-01-21 21:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\Canon
[2011-05-03 10:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\DAEMON Tools Lite
[2012-01-20 15:39:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\DDMSettings
[2010-12-02 16:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\Dev-Cpp
[2012-02-19 18:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\edxLabs
[2012-07-07 23:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\foobar2000
[2011-01-30 18:14:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\FotoWire
[2011-09-28 22:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\Gadu-Gadu 10
[2012-05-16 19:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\gtk-2.0
[2012-02-18 19:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\HTML Executable
[2010-10-27 16:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\id Software
[2011-05-11 19:08:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\OpenFM
[2011-06-01 17:25:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\Opera
[2011-06-01 20:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\Rainmeter
[2011-07-23 15:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\Samsung
[2011-09-20 16:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\SmartKite Software
[2011-03-28 16:47:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\Soldat
[2011-10-30 15:02:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\Tibia
[2011-07-08 13:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\Ubisoft
[2010-08-19 00:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\Ulead Systems
[2012-07-22 12:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sylwia\Dane aplikacji\uTorrent
[2012-07-22 14:26:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2012-02-09 13:49:34 | 010,744,320 | ---- | M] ()(C:\Documents and Settings\Sylwia\Pulpit\??? because i love you.mp3) -- C:\Documents and Settings\Sylwia\Pulpit\陳淑樺 because i love you.mp3
[2012-02-09 13:48:05 | 010,744,320 | ---- | C] ()(C:\Documents and Settings\Sylwia\Pulpit\??? because i love you.mp3) -- C:\Documents and Settings\Sylwia\Pulpit\陳淑樺 because i love you.mp3
[2011-10-02 23:47:05 | 030,400,819 | ---- | M] ()(C:\Documents and Settings\Sylwia\Pulpit\????????_ SEREBRO - ???? ????.mp4) -- C:\Documents and Settings\Sylwia\Pulpit\ПРЕМЬЕРА_ SEREBRO - Мама Люба.mp4
[2011-10-02 23:42:22 | 030,400,819 | ---- | C] ()(C:\Documents and Settings\Sylwia\Pulpit\????????_ SEREBRO - ???? ????.mp4) -- C:\Documents and Settings\Sylwia\Pulpit\ПРЕМЬЕРА_ SEREBRO - Мама Люба.mp4

< End of report >