OTL logfile created on: 2012-08-12 14:03:43 - Run 2 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\Ja\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,48 Mb Total Physical Memory | 552,23 Mb Available Physical Memory | 53,96% Memory free 1,65 Gb Paging File | 1,29 Gb Available in Paging File | 78,11% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 24,41 Gb Total Space | 1,46 Gb Free Space | 5,96% Space Free | Partition Type: NTFS Drive D: | 60,55 Gb Total Space | 15,99 Gb Free Space | 26,42% Space Free | Partition Type: NTFS Drive E: | 64,08 Gb Total Space | 0,88 Gb Free Space | 1,37% Space Free | Partition Type: NTFS Drive G: | 1,06 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive K: | 1,85 Gb Total Space | 1,84 Gb Free Space | 99,09% Space Free | Partition Type: FAT32 Computer Name: KOMP | User Name: Ja | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-07 23:42:06 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ja\Pulpit\OTL.exe PRC - [2012-08-07 08:43:41 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2012-07-05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe PRC - [2009-07-20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-04-16 16:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2001-10-26 18:29:52 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-08-07 08:43:40 | 000,442,392 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.75\ppgooglenaclpluginchrome.dll MOD - [2012-08-07 08:43:37 | 003,997,720 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.75\pdf.dll MOD - [2012-08-07 08:42:09 | 000,144,424 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.75\avutil-51.dll MOD - [2012-08-07 08:42:08 | 000,266,792 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.75\avformat-54.dll MOD - [2012-08-07 08:42:07 | 002,480,680 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.75\avcodec-54.dll MOD - [2004-08-25 07:27:00 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Ares\chatServer.exe -- (AresChatServer) SRV - [2012-08-03 02:10:15 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-07-05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2009-07-20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hitmanpro35.sys -- (hitmanpro35) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (azjydroc) DRV - File not found [Kernel | Auto | Stopped] -- C:\DOCUME~1\Ja\USTAWI~1\Temp\3019.sys -- (3019) DRV - [2011-11-23 02:03:25 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2010-03-15 12:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2010-03-15 12:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) DRV - [2010-03-15 12:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) DRV - [2010-03-15 12:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex) DRV - [2010-03-15 12:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) DRV - [2010-03-15 12:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) DRV - [2010-03-15 12:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2009-03-25 18:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm) DRV - [2009-03-25 18:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus) DRV - [2009-03-25 18:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2008-05-02 08:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2008-04-14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008-04-07 17:06:48 | 000,105,088 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2008-01-24 17:36:16 | 004,127,488 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) DRV - [2006-10-17 21:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\videX32.sys -- (videX32) DRV - [2004-08-25 07:28:46 | 000,787,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2004-05-02 10:47:08 | 000,023,040 | R--- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv) DRV - [2003-09-17 16:57:22 | 000,008,440 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LANPkt.sys -- (LANPkt) DRV - [2001-08-17 21:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) DRV - [2001-08-17 21:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) DRV - [2001-08-17 21:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) DRV - [2001-08-17 21:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/idg/idg_1341453734_117386 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-515967899-813497703-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1341453734_117386 IE - HKU\S-1-5-21-515967899-813497703-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/idg/idg_1341453734_117386 IE - HKU\S-1-5-21-515967899-813497703-1801674531-1003\..\URLSearchHook: {09900DE8-1DCA-443F-9243-26FF581438AF} - No CLSID value found IE - HKU\S-1-5-21-515967899-813497703-1801674531-1003\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No CLSID value found IE - HKU\S-1-5-21-515967899-813497703-1801674531-1003\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-515967899-813497703-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-515967899-813497703-1801674531-1003\..\SearchScopes\{936B25C2-DF3C-4519-812A-E0279B314DB8}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms} IE - HKU\S-1-5-21-515967899-813497703-1801674531-1003\..\SearchScopes\{E88E0043-C9D4-4e33-8555-FEE4F5B63060}: "URL" = http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb IE - HKU\S-1-5-21-515967899-813497703-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.pl/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.google.pl/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.75\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.75\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\plugins\nprpjplug.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - Extension: YouTube = C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Simple Adblock = C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo\1.0.2_0\ CHR - Extension: Gmail = C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012-08-12 12:48:34 | 000,000,761 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-515967899-813497703-1801674531-1003..\Run: [Facebook Update] C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-515967899-813497703-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Download All using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ALL_LINK File not found O8 - Extra context menu item: &Download using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ONE_LINK File not found O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Ja\Dane aplikacji\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Ja\Dane aplikacji\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.233.233.233 87.204.204.204 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B6BD8AB-5689-47FD-A776-11455957325F}: DhcpNameServer = 62.233.233.233 87.204.204.204 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll () O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-11-11 17:50:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012-07-05 04:06:25 | 027,129,119 | ---- | M] (GameHitZone.com ) - E:\AutoRacingClassics.exe -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-12 13:52:36 | 000,000,000 | ---D | C] -- C:\_OTL [2012-08-12 13:52:05 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ja\Pulpit\OTL.exe [2012-08-12 13:24:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\DoctorWeb [2012-08-12 12:58:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\Malwarebytes [2012-08-12 12:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware [2012-08-12 12:58:28 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012-08-12 12:58:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-08-12 12:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2012-08-12 12:57:59 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Ja\Pulpit\mbam-setup-1.62.0.1300.exe [2012-08-12 12:36:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\HitmanPro35 Portable [2012-08-12 12:36:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\AppData [2012-08-12 12:36:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\Hitman Pro 3.5.8.121 [PL][Portable] [2012-08-12 12:28:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012-08-12 12:28:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ja\Recent [2012-08-12 12:06:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\XSxS [2012-08-12 12:06:53 | 000,000,000 | ---D | C] -- C:\WORK [2012-08-12 12:06:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winevt [2012-08-10 10:37:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2012-08-07 23:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\xerox [2012-08-07 23:34:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2012-08-07 23:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2012-08-07 23:11:00 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012-08-07 23:11:00 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012-08-07 23:11:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012-08-07 23:11:00 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012-08-07 23:09:33 | 000,000,000 | ---D | C] -- C:\Qoobox [2012-08-06 22:38:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\hellomoto [2012-08-04 00:23:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\na fb stronke [2012-08-03 18:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\na stronke [2012-08-03 17:49:48 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\Ja\M-10-6897-8685-3464 [2012-08-03 02:10:11 | 009,231,560 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2012-08-02 17:58:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\obrobione foty [2012-08-02 01:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\na fb [2012-07-30 20:30:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\Originals [2012-07-29 19:28:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\Nowy folder [2012-07-28 23:32:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Facebook [2012-07-28 23:32:17 | 000,501,240 | ---- | C] (Facebook Inc.) -- C:\Documents and Settings\Ja\Pulpit\FacebookMessengerSetup_v1.2.205.0.exe [2012-07-28 15:24:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\17 urdziny PYRY [2012-07-27 19:59:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\Projekt X - Project X 2012 [DVDRiP.XViD] [Lektor PL].up.by.Venoom [2012-07-25 15:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-07-25 15:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2012-07-25 15:19:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Sun [2012-07-25 15:19:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\Oracle [2012-07-25 15:19:04 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012-07-25 15:19:04 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012-07-25 15:18:40 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012-07-25 15:18:40 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012-07-25 15:16:00 | 000,893,936 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\Ja\Pulpit\Niepotwierdzony 61698.crdownload [2012-07-22 14:25:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\Zbiory Ilustracji 3d, czarnoskóry, wstążka - czarnoskóry, smutek... csp2277879 – Szukaj Kliparty Wektorowe, Rysunki, Ilustracje i Obrazy Graficzne EPS_files [2012-07-21 13:23:11 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2012-07-21 10:46:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\do studia [2012-01-19 02:08:21 | 002,161,160 | ---- | C] (DownVision ) -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\setup.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-08-12 14:05:00 | 000,000,478 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3BA9951C-3478-40DF-881A-F79AD1C4B881}.job [2012-08-12 13:57:32 | 000,001,024 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-08-12 13:57:30 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2012-08-12 13:57:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-08-12 13:56:30 | 008,650,752 | -H-- | M] () -- C:\Documents and Settings\Ja\NTUSER.DAT [2012-08-12 13:56:30 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Ja\ntuser.ini [2012-08-12 13:48:01 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-08-12 13:25:08 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-813497703-1801674531-1003UA.job [2012-08-12 13:10:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-08-12 13:03:06 | 091,386,720 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\launch.exe [2012-08-12 12:58:29 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2012-08-12 12:58:12 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Ja\Pulpit\mbam-setup-1.62.0.1300.exe [2012-08-12 12:48:34 | 000,000,761 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2012-08-12 12:41:04 | 000,614,903 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\adwcleaner.exe [2012-08-12 12:04:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-08-10 10:35:15 | 000,000,252 | ---- | M] () -- C:\WINDOWS\system.ini [2012-08-07 23:42:06 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ja\Pulpit\OTL.exe [2012-08-06 20:37:05 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-515967899-813497703-1801674531-1003UA.job [2012-08-04 18:03:13 | 008,271,456 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\Paluch Teren Prywatny Represent Yourself.mp3 [2012-08-04 18:03:02 | 005,095,834 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\HDS - MAM JU- TEGO DOSY- FEAT. BRAHU,FELIPE,PALUCH,G-OWA,ERO,KACPER.mp3 [2012-08-04 13:35:08 | 000,178,692 | ---- | M] () -- C:\WINDOWS\System32\c_7265180.nls [2012-08-04 00:53:26 | 001,813,833 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\hubi2.jpg [2012-08-04 00:52:33 | 000,208,171 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\hubi1.jpg [2012-08-04 00:26:10 | 000,107,520 | -H-- | M] () -- C:\Documents and Settings\Ja\Pulpit\photothumb.db [2012-08-03 02:10:13 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-08-03 02:10:13 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-08-03 02:10:11 | 009,231,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2012-08-02 18:42:46 | 000,585,534 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\ja2.jpg [2012-08-02 18:42:31 | 000,661,982 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\cały squad2.jpg [2012-08-02 18:42:24 | 002,360,417 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\cały squad.JPG [2012-08-02 18:42:03 | 000,612,174 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\cała ekipa.jpg [2012-08-02 18:40:45 | 000,202,339 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\STUDIO_2.JPG [2012-08-02 18:40:40 | 000,377,456 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\STUDIO_1.JPG [2012-08-02 18:40:36 | 000,444,226 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\STUDIO.JPG [2012-08-02 18:40:18 | 000,110,142 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\STUDIO_logo1.JPG [2012-08-02 18:40:14 | 000,412,050 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\STUDIO_logo.JPG [2012-08-02 18:40:04 | 000,107,996 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\STUDIO_3.JPG [2012-08-02 01:33:37 | 001,885,906 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\20120801_041.jpg [2012-08-02 01:29:48 | 001,250,780 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\20120801_043.jpg [2012-08-02 01:29:22 | 001,194,279 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\20120801_046.jpg [2012-08-02 01:28:15 | 001,222,286 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\20120801_048.jpg [2012-08-02 01:20:42 | 000,525,492 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\rejka.JPG [2012-07-30 20:37:53 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-30 20:37:01 | 002,550,755 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\DSC02921.JPG [2012-07-30 20:30:28 | 003,902,630 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\DSC02919.JPG [2012-07-30 03:09:26 | 000,000,203 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\Quake.rtf [2012-07-29 23:37:02 | 000,000,968 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-515967899-813497703-1801674531-1003Core.job [2012-07-28 23:32:13 | 000,501,240 | ---- | M] (Facebook Inc.) -- C:\Documents and Settings\Ja\Pulpit\FacebookMessengerSetup_v1.2.205.0.exe [2012-07-28 23:19:39 | 001,105,024 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\Niepotwierdzony 21584.crdownload [2012-07-27 20:01:42 | 000,069,343 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\taki2 motor.jpg [2012-07-27 19:34:24 | 000,069,140 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\taki1 motor.jpg [2012-07-27 19:23:22 | 000,069,481 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\motor czerń.jpg [2012-07-25 23:05:34 | 000,074,310 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\530052_300867106659949_587769716_n.jpg [2012-07-25 21:01:47 | 006,412,623 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\pyra - beats.mp3 [2012-07-25 19:57:12 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\Paluch Teren Prywatny Represent Yourself vol 10.mp3 [2012-07-25 19:55:20 | 004,090,044 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\Paluch Teren Prywatny Represent Yourself vol 1.mp3 [2012-07-25 15:18:24 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012-07-25 15:18:24 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012-07-25 15:16:02 | 000,893,936 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\Ja\Pulpit\Niepotwierdzony 61698.crdownload [2012-07-22 14:27:09 | 000,020,533 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\wstążka1.jpg [2012-07-22 14:25:19 | 000,091,376 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\Zbiory Ilustracji 3d, czarnoskóry, wstążka - czarnoskóry, smutek... csp2277879 – Szukaj Kliparty Wektorowe, Rysunki, Ilustracje i Obrazy Graficzne EPS.htm [2012-07-22 14:14:10 | 000,036,052 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\wstazka.png [2012-07-21 13:23:31 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Sony PC Companion 2.1.lnk [2012-07-20 02:06:15 | 000,373,204 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\downy.jpg [2012-07-20 01:23:24 | 002,975,858 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\ja.JPG [2012-07-19 17:28:33 | 000,024,330 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\wstazka.jpg.png [2012-07-15 07:25:00 | 000,001,068 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-813497703-1801674531-1003Core.job [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-12 12:58:53 | 091,386,720 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\launch.exe [2012-08-12 12:58:29 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2012-08-12 12:41:22 | 000,614,903 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\adwcleaner.exe [2012-08-10 10:22:01 | 000,000,478 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3BA9951C-3478-40DF-881A-F79AD1C4B881}.job [2012-08-07 23:11:00 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2012-08-07 23:11:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2012-08-07 23:11:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2012-08-07 23:11:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2012-08-07 23:11:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2012-08-04 13:35:08 | 000,178,692 | ---- | C] () -- C:\WINDOWS\System32\c_7265180.nls [2012-08-04 00:53:27 | 001,813,833 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\hubi2.jpg [2012-08-04 00:53:13 | 000,208,171 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\hubi1.jpg [2012-08-02 18:42:51 | 000,585,534 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\ja2.jpg [2012-08-02 18:42:35 | 000,661,982 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\cały squad2.jpg [2012-08-02 18:42:26 | 002,360,417 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\cały squad.JPG [2012-08-02 18:42:10 | 000,612,174 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\cała ekipa.jpg [2012-08-02 18:40:46 | 000,202,339 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\STUDIO_2.JPG [2012-08-02 18:40:41 | 000,377,456 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\STUDIO_1.JPG [2012-08-02 18:40:37 | 000,444,226 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\STUDIO.JPG [2012-08-02 18:40:20 | 000,110,142 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\STUDIO_logo1.JPG [2012-08-02 18:40:16 | 000,412,050 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\STUDIO_logo.JPG [2012-08-02 18:40:09 | 000,107,996 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\STUDIO_3.JPG [2012-08-02 01:33:36 | 001,885,906 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\20120801_041.jpg [2012-08-02 01:29:47 | 001,250,780 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\20120801_043.jpg [2012-08-02 01:29:21 | 001,194,279 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\20120801_046.jpg [2012-08-02 01:28:15 | 001,222,286 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\20120801_048.jpg [2012-08-02 01:20:42 | 000,525,492 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\rejka.JPG [2012-07-30 20:24:59 | 003,902,630 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\DSC02919.JPG [2012-07-30 20:24:51 | 002,550,755 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\DSC02921.JPG [2012-07-28 23:51:16 | 000,000,203 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\Quake.rtf [2012-07-28 23:32:36 | 000,000,990 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-515967899-813497703-1801674531-1003UA.job [2012-07-28 23:32:36 | 000,000,968 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-515967899-813497703-1801674531-1003Core.job [2012-07-28 23:19:35 | 001,105,024 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\Niepotwierdzony 21584.crdownload [2012-07-27 19:35:39 | 000,069,343 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\taki2 motor.jpg [2012-07-27 19:34:24 | 000,069,140 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\taki1 motor.jpg [2012-07-27 19:23:22 | 000,069,481 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\motor czerń.jpg [2012-07-25 23:05:38 | 000,074,310 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\530052_300867106659949_587769716_n.jpg [2012-07-25 21:01:26 | 006,412,623 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\pyra - beats.mp3 [2012-07-25 19:57:23 | 008,271,456 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\Paluch Teren Prywatny Represent Yourself.mp3 [2012-07-25 19:57:12 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\Paluch Teren Prywatny Represent Yourself vol 10.mp3 [2012-07-25 19:55:25 | 005,095,834 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\HDS - MAM JU- TEGO DOSY- FEAT. BRAHU,FELIPE,PALUCH,G-OWA,ERO,KACPER.mp3 [2012-07-25 19:55:08 | 004,090,044 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\Paluch Teren Prywatny Represent Yourself vol 1.mp3 [2012-07-25 15:42:56 | 003,884,126 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\PRA - Czarny dzień.mp3 [2012-07-22 14:27:09 | 000,020,533 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\wstążka1.jpg [2012-07-22 14:25:13 | 000,091,376 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\Zbiory Ilustracji 3d, czarnoskóry, wstążka - czarnoskóry, smutek... csp2277879 – Szukaj Kliparty Wektorowe, Rysunki, Ilustracje i Obrazy Graficzne EPS.htm [2012-07-22 14:14:10 | 000,036,052 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\wstazka.png [2012-07-21 13:23:31 | 000,001,739 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Sony PC Companion 2.1.lnk [2012-07-20 02:06:15 | 000,373,204 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\downy.jpg [2012-07-20 01:23:23 | 002,975,858 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\ja.JPG [2012-07-19 17:28:39 | 000,024,330 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\wstazka.jpg.png [2012-06-18 00:40:18 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2012-01-23 23:33:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ja\268652_210186705696126_100001143948516_551379_6906663_n[1].jpg [2012-01-23 23:33:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ja\263308_210183265696470_100001143948516_551370_1589501_n[1].jpg [2012-01-15 02:38:59 | 000,000,771 | ---- | C] () -- C:\WINDOWS\wordpad.ini [2011-12-12 23:27:09 | 000,004,885 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\qjaxlkio.dss [2011-12-11 15:37:10 | 000,000,111 | ---- | C] () -- C:\Documents and Settings\Ja\settings.ini [2011-11-23 02:03:25 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2011-11-20 18:34:15 | 000,000,991 | ---- | C] () -- C:\WINDOWS\wbocx.ini [2011-11-11 21:14:48 | 000,006,688 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys [2011-11-11 21:14:46 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll [2011-11-11 20:27:15 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-11-11 20:27:01 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-11-11 20:27:01 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-11-11 20:27:00 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2011-11-11 20:27:00 | 000,000,714 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2011-11-11 19:50:28 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011-11-11 19:50:02 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2011-11-11 18:43:28 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-11-11 18:42:37 | 001,174,636 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2011-11-11 18:42:35 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-11-11 18:41:27 | 000,096,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-11-11 18:41:18 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2011-11-11 18:33:37 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2011-11-11 18:33:30 | 000,151,552 | R--- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll [2011-11-11 18:31:21 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys [2011-11-11 18:07:41 | 004,807,310 | -H-- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\IconCache.db [2011-11-11 17:55:20 | 000,012,328 | ---- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2011-11-11 17:53:12 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Ja\ntuser.ini [2011-11-11 17:53:11 | 008,650,752 | -H-- | C] () -- C:\Documents and Settings\Ja\NTUSER.DAT [2011-11-11 17:51:10 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-11-11 17:50:27 | 000,050,105 | ---- | C] () -- C:\WINDOWS\activ.exe [2011-11-11 17:50:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2011-11-11 17:49:14 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2011-11-11 17:49:11 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2011-11-11 17:47:21 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-11-11 17:47:12 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2011-11-11 17:47:12 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2011-11-11 17:46:31 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2011-11-11 17:46:30 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [color=#E56717]========== LOP Check ==========[/color] [2012-06-29 12:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2011-11-23 02:03:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-11-16 00:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2012-04-19 03:49:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Guard.Mail.Ru [2011-12-20 02:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2012-03-08 15:12:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2012-06-23 11:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\4shared Desktop [2011-11-11 21:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\ACD Systems [2011-12-08 01:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Album Shaper [2012-07-03 15:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Audacity [2012-07-28 21:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\BESTplayer [2011-11-24 01:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\CityBus [2012-08-03 18:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\DAEMON Tools Lite [2012-01-07 13:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\DVDVideoSoft [2012-01-07 13:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\DVDVideoSoftIEHelpers [2012-07-12 03:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\FarmingSimulator2008 [2011-11-16 00:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Gadu-Gadu 10 [2012-08-06 22:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\hellomoto [2011-12-13 00:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\MOVAVI [2011-11-17 01:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\OpenFM [2012-01-27 23:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Opera [2012-07-25 15:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Oracle [2012-05-05 01:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\PhotoScape [2012-04-09 03:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\SkyMonk [2012-02-23 03:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\wargaming.net [2012-04-09 03:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\{DCD48218-E972-4d0c-9E5F-43462BC13E3B} [2012-07-29 23:37:02 | 000,000,968 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-813497703-1801674531-1003Core.job [2012-08-06 20:37:05 | 000,000,990 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-813497703-1801674531-1003UA.job [2012-08-12 14:05:00 | 000,000,478 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{3BA9951C-3478-40DF-881A-F79AD1C4B881}.job [color=#E56717]========== Purity Check ==========[/color] < End of report >