OTL logfile created on: 2012-07-25 23:45:10 - Run 1 OTL by OldTimer - Version 3.2.54.1 Folder = G:\ Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,49 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,22% Memory free 7,16 Gb Paging File | 6,34 Gb Available in Paging File | 88,52% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 136,45 Gb Total Space | 59,54 Gb Free Space | 43,64% Space Free | Partition Type: NTFS Drive D: | 101,73 Mb Total Space | 93,89 Mb Free Space | 92,29% Space Free | Partition Type: FAT Drive F: | 10,00 Gb Total Space | 6,02 Gb Free Space | 60,15% Space Free | Partition Type: NTFS Drive G: | 3,91 Gb Total Space | 3,07 Gb Free Space | 78,49% Space Free | Partition Type: FAT32 Computer Name: JOLA | User Name: Jolanta Średzińska | Logged in as Administrator. Cannot determine boot mode. | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-25 23:21:28 | 000,596,480 | ---- | M] (OldTimer Tools) -- G:\OTL.exe PRC - [2010-05-01 09:35:33 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe PRC - [2010-04-30 22:44:25 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe PRC - [2010-04-30 22:44:19 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2007-11-12 13:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe PRC - [2007-11-12 13:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe PRC - [2007-03-21 14:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007-03-06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe PRC - [2007-01-04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-03-17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe -- (WO_LiveService) SRV - [2011-02-02 15:12:01 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2010-12-27 23:50:30 | 031,124,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2010-07-16 18:23:30 | 006,638,080 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- (AllShare) SRV - [2010-05-01 09:35:33 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd) SRV - [2008-11-11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008-01-21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-11-12 13:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV) SRV - [2007-11-12 13:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters) SRV - [2007-03-21 14:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) SRV - [2007-03-06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service) SRV - [2007-01-04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Apfiltr.sys -- (ApfiltrService) DRV - [2011-05-22 20:16:15 | 000,436,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2010-04-30 22:44:25 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86) DRV - [2010-04-30 22:44:25 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010-04-30 22:44:20 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX) DRV - [2009-09-02 11:27:38 | 000,551,424 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM) DRV - [2009-09-01 15:29:06 | 000,579,840 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-07-03 14:28:02 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY) DRV - [2008-06-23 14:45:44 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2008-03-06 09:58:44 | 000,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) DRV - [2008-03-04 07:05:34 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx) DRV - [2008-03-04 07:05:18 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev) DRV - [2008-01-21 04:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) DRV - [2007-11-12 13:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2007-09-06 18:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007-09-06 18:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007-09-06 18:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006-12-12 12:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio) DRV - [2006-11-02 09:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2005-02-23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc) DRV - [2005-02-09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\Pclepci.sys -- (PCLEPCI) DRV - [2004-04-06 15:08:06 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA) DRV - [2004-04-06 15:07:58 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA) DRV - [2004-04-06 15:07:54 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA) DRV - [2004-03-29 05:06:24 | 000,090,464 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=pl&l=pl&s=pad IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=95d1fb59-182d-11e1-82ae-00219bf16649 IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{788CF00B-8D82-49AB-88CA-70DF223B1052}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481033 IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481033 IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640 IE - HKU\.DEFAULT\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-18\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640 IE - HKU\S-1-5-18\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=pl&l=pl&s=pad IE - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ IE - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\..\URLSearchHook: {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - No CLSID value found IE - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481033 IE - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7 FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.1864: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1924: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.857: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found [2010-12-09 20:33:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jolanta Średzińska\AppData\Roaming\mozilla\Extensions [2010-12-09 20:33:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jolanta Średzińska\AppData\Roaming\mozilla\Extensions\home2@tomtom.com File not found (No name found) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.onet.pl/ CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jolanta \u015Aredzi\u0144ska\AppData\Local\Google\Chrome\Application\10.0.648.204\gcswf32.dll CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jolanta \u015Aredzi\u0144ska\AppData\Local\Google\Chrome\Application\10.0.648.204\pdf.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Jolanta \u015Aredzi\u0144ska\AppData\Local\Google\Chrome\Application\10.0.648.204\gears.dll CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Users\Jolanta \u015Aredzi\u0144ska\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Babylon Translator = C:\Users\Jolanta Średzińska\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.6_0\ O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------) O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () O3 - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------) O3 - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll () O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\VistaCodecPack\rm\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe (InterVideo Digital Technology Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" File not found O4 - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) O4 - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000..\Run: [sppcomapi] C:\Users\Jolanta Średzińska\AppData\Local\Microsoft\Windows\2277\sppcomapi.exe () O4 - Startup: C:\Users\Jolanta Średzińska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jolanta Średzińska\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-1246817037-4144419511-3129979269-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0355E5C8-EB5E-4C49-80E4-2D0E326C46C2}: DhcpNameServer = 10.14.2.26 10.14.2.8 194.204.159.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51A1A7DA-2E82-42EC-86E8-EA0BC400663D}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll () O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Jolanta Średzińska\Pictures\zdjęcia\SHANGHAI\DSC04882.JPG O24 - Desktop BackupWallPaper: C:\Users\Jolanta Średzińska\Pictures\zdjęcia\SHANGHAI\DSC04882.JPG O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-12-19 21:07:23 | 000,000,121 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008-08-26 16:45:52 | 000,001,050 | ---- | M] () - D:\AUTOEXEC.UP -- [ FAT ] O32 - AutoRun File - [2008-11-05 21:14:50 | 000,001,050 | ---- | M] () - D:\autoexec.bat -- [ FAT ] O33 - MountPoints2\{1a4432db-989a-11de-b860-002269c06623}\Shell\AutoRun\command - "" = u0riu2.exe O33 - MountPoints2\{1a4432db-989a-11de-b860-002269c06623}\Shell\open\Command - "" = u0riu2.exe O33 - MountPoints2\{559e87f2-e583-11dd-8772-002269c06623}\Shell\Auto\command - "" = wupdmgr.exe O33 - MountPoints2\{559e87f2-e583-11dd-8772-002269c06623}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wupdmgr.exe O33 - MountPoints2\{62a2a85f-fb06-11de-acb0-002269c06623}\Shell\AutoRun\command - "" = mbdm.exe O33 - MountPoints2\{62a2a85f-fb06-11de-acb0-002269c06623}\Shell\open\Command - "" = mbdm.exe O33 - MountPoints2\{ad7b1183-465b-11df-a379-002269c06623}\Shell\AutoRun\command - "" = F:\k0maw.exe O33 - MountPoints2\{ad7b1183-465b-11df-a379-002269c06623}\Shell\open\Command - "" = F:\k0maw.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-25 21:23:10 | 000,000,000 | ---D | C] -- C:\Users\Jolanta Średzińska\AppData\Roaming\hellomoto [2012-07-10 08:53:29 | 000,000,000 | ---D | C] -- C:\Users\Jolanta Średzińska\easyHDR SE 2 [2012-07-10 08:17:52 | 000,000,000 | ---D | C] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView [2012-07-10 08:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView [2012-07-08 14:27:55 | 000,000,000 | ---D | C] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Gadu-Gadu 10 [2012-07-08 14:27:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10 [2012-07-08 14:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10 [2012-07-07 19:27:07 | 000,000,000 | ---D | C] -- C:\Users\Jolanta Średzińska\AppData\Roaming\wargaming.net [2012-07-07 19:26:52 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2012-07-07 19:26:52 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2012-07-07 19:26:52 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2012-07-07 19:26:52 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2012-07-07 19:26:52 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2012-07-07 19:26:52 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2012-07-07 19:26:51 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2012-07-07 19:26:51 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2012-07-07 19:26:51 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2012-07-07 19:26:51 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2012-07-07 19:26:51 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2012-07-07 19:26:51 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2012-07-07 19:26:50 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2012-07-07 19:26:50 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2012-07-07 19:26:50 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2012-07-07 19:26:50 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2012-07-07 19:26:49 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2012-07-07 19:26:49 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2012-07-07 19:26:49 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2012-07-07 19:26:49 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2012-07-07 19:26:49 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2012-07-07 19:26:49 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2012-07-07 19:26:48 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2012-07-07 19:26:48 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2012-07-07 19:26:48 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2012-07-07 19:26:48 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2012-07-07 19:26:47 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2012-07-07 19:26:47 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2012-07-07 19:26:47 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2012-07-07 19:26:46 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2012-07-07 19:26:46 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2012-07-07 19:26:46 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2012-07-07 19:26:46 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2012-07-07 19:26:45 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2012-07-07 19:26:45 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2012-07-07 19:26:45 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2012-07-07 19:26:44 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2012-07-07 19:26:44 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2012-07-07 19:26:44 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2012-07-07 19:26:44 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2012-07-07 19:26:44 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2012-07-07 19:26:44 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2012-07-07 19:26:43 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2012-07-07 19:26:43 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2012-07-07 19:26:43 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2012-07-07 19:26:43 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2012-07-07 19:26:43 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2012-07-07 19:26:43 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2012-07-07 19:26:42 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2012-07-07 19:26:42 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2012-07-07 19:26:42 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2012-07-07 19:26:42 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2012-07-07 19:25:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2011-03-28 21:33:46 | 042,699,176 | ---- | C] (Microsoft Corporation) -- C:\Users\Jolanta Średzińska\Project2003SP3-KB923622-FullFile-ENU.exe [2011-01-10 23:26:42 | 008,852,848 | ---- | C] (Softinterface, Inc. ) -- C:\Program Files\CD.EXE [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-25 23:48:00 | 000,790,150 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2012-07-25 23:41:03 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-07-25 23:40:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-25 23:34:05 | 005,767,168 | -HS- | M] () -- C:\Users\Jolanta Średzińska\ntuser.dat [2012-07-25 23:28:37 | 000,004,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-25 23:28:37 | 000,004,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-25 21:46:20 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012-07-25 21:42:52 | 000,524,288 | -HS- | M] () -- C:\Users\Jolanta Średzińska\ntuser.dat{239ef2ff-086a-11e1-90f7-00219bf16649}.TMContainer00000000000000000001.regtrans-ms [2012-07-25 21:42:52 | 000,065,536 | -HS- | M] () -- C:\Users\Jolanta Średzińska\ntuser.dat{239ef2ff-086a-11e1-90f7-00219bf16649}.TM.blf [2012-07-25 18:45:46 | 000,108,187 | ---- | M] () -- C:\Users\Jolanta Średzińska\Desktop\Warunki Umowy na Świadczenie Usług Telematycznych AG 2011.pdf [2012-07-25 18:45:11 | 000,439,913 | ---- | M] () -- C:\Users\Jolanta Średzińska\Desktop\Regulamin Świadczenia Usług Telematycznych AG 2011.pdf [2012-07-25 17:49:19 | 061,759,413 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2012-07-20 16:36:07 | 004,067,960 | -H-- | M] () -- C:\Users\Jolanta Średzińska\AppData\Local\IconCache.db [2012-07-12 20:48:05 | 257,345,966 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012-07-10 08:30:44 | 000,034,816 | ---- | M] () -- C:\Users\Jolanta Średzińska\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-10 08:17:54 | 000,001,689 | ---- | M] () -- C:\Users\Jolanta Średzińska\Desktop\IrfanView Thumbnails.lnk [2012-07-10 08:17:54 | 000,000,809 | ---- | M] () -- C:\Users\Jolanta Średzińska\Desktop\IrfanView.lnk [2012-07-08 14:27:58 | 000,000,885 | ---- | M] () -- C:\Users\Jolanta Średzińska\Desktop\OpenFM.lnk [2012-07-08 14:27:58 | 000,000,856 | ---- | M] () -- C:\Users\Jolanta Średzińska\Desktop\Gadu-Gadu 10.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-25 18:45:46 | 000,108,187 | ---- | C] () -- C:\Users\Jolanta Średzińska\Desktop\Warunki Umowy na Świadczenie Usług Telematycznych AG 2011.pdf [2012-07-25 18:45:11 | 000,439,913 | ---- | C] () -- C:\Users\Jolanta Średzińska\Desktop\Regulamin Świadczenia Usług Telematycznych AG 2011.pdf [2012-07-12 20:48:05 | 257,345,966 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012-07-10 08:17:54 | 000,001,689 | ---- | C] () -- C:\Users\Jolanta Średzińska\Desktop\IrfanView Thumbnails.lnk [2012-07-10 08:17:54 | 000,000,809 | ---- | C] () -- C:\Users\Jolanta Średzińska\Desktop\IrfanView.lnk [2012-07-08 14:27:58 | 000,000,885 | ---- | C] () -- C:\Users\Jolanta Średzińska\Desktop\OpenFM.lnk [2012-07-08 14:27:58 | 000,000,856 | ---- | C] () -- C:\Users\Jolanta Średzińska\Desktop\Gadu-Gadu 10.lnk [2012-07-08 14:27:36 | 000,000,814 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadu-Gadu 10.lnk [2012-03-31 21:45:33 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini [2012-03-31 21:45:33 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2012-03-31 21:43:31 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini [2012-01-31 22:57:38 | 000,000,956 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2012-01-31 22:57:38 | 000,000,174 | ---- | C] () -- C:\Windows\brpcfx.ini [2012-01-31 22:57:25 | 000,000,404 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012-01-31 22:57:25 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2012-01-31 22:57:05 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf09d.dat [2012-01-31 22:56:59 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll [2012-01-08 22:26:39 | 004,067,960 | -H-- | C] () -- C:\Users\Jolanta Średzińska\AppData\Local\IconCache.db [2011-11-06 13:27:42 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{239ef2ff-086a-11e1-90f7-00219bf16649}.TMContainer00000000000000000002.regtrans-ms [2011-11-06 13:27:42 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{239ef2ff-086a-11e1-90f7-00219bf16649}.TMContainer00000000000000000001.regtrans-ms [2011-11-06 13:27:42 | 000,065,536 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{239ef2ff-086a-11e1-90f7-00219bf16649}.TM.blf [2011-08-06 17:05:56 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{7daad3d7-c03d-11e0-a010-00219bf16649}.TMContainer00000000000000000002.regtrans-ms [2011-08-06 17:05:56 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{7daad3d7-c03d-11e0-a010-00219bf16649}.TMContainer00000000000000000001.regtrans-ms [2011-08-06 17:05:56 | 000,065,536 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{7daad3d7-c03d-11e0-a010-00219bf16649}.TM.blf [2011-07-04 21:23:51 | 000,049,152 | ---- | C] () -- C:\Windows\AutoSet.dll [2011-06-19 14:58:31 | 000,000,661 | ---- | C] () -- C:\Windows\if40le.ini [2011-06-19 14:58:30 | 000,000,359 | ---- | C] () -- C:\Windows\WIN.INI [2011-06-19 14:58:30 | 000,000,114 | ---- | C] () -- C:\Windows\SCNDRVU.INI [2011-06-19 14:58:06 | 000,001,256 | ---- | C] () -- C:\Windows\If42le.ini [2011-06-19 14:58:05 | 000,000,253 | ---- | C] () -- C:\Windows\PEXPLORE.INI [2011-06-19 14:57:56 | 000,000,406 | ---- | C] () -- C:\Windows\umxaddin.ini [2011-02-05 14:49:07 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{3a81a57f-3126-11e0-92ab-002269c06623}.TMContainer00000000000000000002.regtrans-ms [2011-02-05 14:49:07 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{3a81a57f-3126-11e0-92ab-002269c06623}.TMContainer00000000000000000001.regtrans-ms [2011-02-05 14:49:07 | 000,065,536 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{3a81a57f-3126-11e0-92ab-002269c06623}.TM.blf [2011-01-22 14:56:15 | 000,002,528 | ---- | C] () -- C:\Users\Jolanta Średzińska\AppData\Roaming\$_hpcst$.hpc [2010-09-15 19:39:40 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2010-09-06 21:25:55 | 001,689,901 | ---- | C] () -- C:\Program Files\screamer043.exe [2010-06-24 20:31:58 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{a0224bc3-7fbe-11df-8513-002269c06623}.TMContainer00000000000000000002.regtrans-ms [2010-06-24 20:31:58 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{a0224bc3-7fbe-11df-8513-002269c06623}.TMContainer00000000000000000001.regtrans-ms [2010-06-24 20:31:58 | 000,065,536 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{a0224bc3-7fbe-11df-8513-002269c06623}.TM.blf [2010-06-08 22:39:29 | 000,008,928 | ---- | C] () -- C:\Users\Jolanta Średzińska\AppData\Local\pl.ini [2010-06-04 09:27:02 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{4b2c9368-6faa-11df-9cb4-002269c06623}.TMContainer00000000000000000002.regtrans-ms [2010-06-04 09:27:02 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{4b2c9368-6faa-11df-9cb4-002269c06623}.TMContainer00000000000000000001.regtrans-ms [2010-06-04 09:27:02 | 000,065,536 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{4b2c9368-6faa-11df-9cb4-002269c06623}.TM.blf [2009-10-24 20:21:16 | 000,004,096 | -H-- | C] () -- C:\Users\Jolanta Średzińska\AppData\Local\keyfile3.drm [2009-09-19 01:56:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009-09-15 09:18:05 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009-03-10 23:56:34 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{045d889c-0dbd-11de-ae2c-002269c06623}.TMContainer00000000000000000002.regtrans-ms [2009-03-10 23:56:34 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{045d889c-0dbd-11de-ae2c-002269c06623}.TMContainer00000000000000000001.regtrans-ms [2009-03-10 23:56:34 | 000,065,536 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat{045d889c-0dbd-11de-ae2c-002269c06623}.TM.blf [2009-02-07 13:55:09 | 000,000,493 | ---- | C] () -- C:\Users\Jolanta Średzińska\AppData\Roaming\burnaware.ini [2009-02-07 00:02:48 | 000,153,088 | ---- | C] () -- C:\Program Files\UNWISE.EXE [2009-01-26 22:17:17 | 000,001,356 | ---- | C] () -- C:\Users\Jolanta Średzińska\AppData\Local\d3d9caps.dat [2009-01-24 22:03:04 | 000,029,239 | ---- | C] () -- C:\Users\Jolanta Średzińska\AppData\Roaming\UserTile.png [2008-12-12 00:16:54 | 000,000,640 | RHS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.pol [2008-12-08 23:58:13 | 000,034,816 | ---- | C] () -- C:\Users\Jolanta Średzińska\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-12-08 20:04:40 | 000,128,392 | ---- | C] () -- C:\Users\Jolanta Średzińska\AppData\Local\GDIPFONTCACHEV1.DAT [2008-12-08 20:03:48 | 005,767,168 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.dat [2008-12-08 20:03:48 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms [2008-12-08 20:03:48 | 000,524,288 | -HS- | C] () -- C:\Users\Jolanta Średzińska\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms [2008-12-08 20:03:48 | 000,065,536 | -HS- | C] () -- C:\Users\Jolanta Średzińska\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf [2008-12-08 20:03:48 | 000,000,020 | -HS- | C] () -- C:\Users\Jolanta Średzińska\ntuser.ini [color=#E56717]========== LOP Check ==========[/color] [2012-05-09 21:43:45 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Ashampoo [2011-02-02 15:07:31 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Autodesk [2010-05-08 17:14:38 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\BESTplayer [2009-05-11 21:38:36 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Desktopicon [2010-12-11 15:09:34 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Dokumenty AFi [2012-07-25 23:31:30 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Dropbox [2008-12-22 23:27:42 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\F-Secure [2012-07-08 19:51:34 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Gadu-Gadu 10 [2012-01-19 21:38:54 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Global-UpperIntermediate.F58001C6A320BE09FB6D7E092A4A96AA9BF1591A.1 [2012-07-25 21:23:18 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\hellomoto [2010-06-23 21:44:59 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\InterVideo [2011-10-11 21:08:16 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\ipla [2009-03-10 23:55:35 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\IrfanView [2011-10-11 21:32:04 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\JLC's Software [2011-09-10 18:37:58 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Lingoes [2010-09-15 19:46:19 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\MAGIX [2012-04-07 13:03:17 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\NapiProjekt [2009-03-11 21:53:53 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Nokia [2010-02-28 14:50:44 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Nowe Gadu-Gadu [2012-07-12 12:14:18 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\OpenFM [2010-06-20 16:08:43 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Panasonic [2009-09-20 23:36:40 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\PC Suite [2012-02-07 14:04:28 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\PC-FAX TX [2009-01-24 22:03:03 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\PeerNetworking [2011-08-04 21:48:16 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\PhoneRemoteControl [2011-09-11 20:36:14 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\PhotoFiltre [2012-06-07 19:20:44 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Pointstone [2011-04-23 15:49:07 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\RDRM [2010-08-17 21:20:55 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\RegistryTool [2012-03-31 21:52:41 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\ScanSoft [2011-01-10 23:27:31 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Softinterface, Inc [2008-12-10 21:49:35 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\tmp [2010-12-09 20:33:32 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\TomTom [2012-05-08 22:33:00 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Ulead Systems [2012-06-16 09:13:21 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\uTorrent [2011-10-10 19:05:21 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\VistaCodecs [2012-07-07 19:27:07 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\wargaming.net [2012-03-09 19:43:46 | 000,000,000 | ---D | M] -- C:\Users\Jolanta Średzińska\AppData\Roaming\Zeon [2012-07-25 21:46:20 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011-10-15 14:58:58 | 000,000,448 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{6F37A379-9276-4BEF-BE9B-4F7E981E01F1}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 171 bytes -> C:\ProgramData\TEMP:D4810DBE @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8CE646EE < End of report >