OTL logfile created on: 2012-10-19 16:20:19 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Cezar\Pulpit\naprawa
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1022,16 Mb Total Physical Memory | 603,95 Mb Available Physical Memory | 59,09% Memory free
2,40 Gb Paging File | 2,11 Gb Available in Paging File | 87,85% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 36,20 Gb Total Space | 3,67 Gb Free Space | 10,14% Space Free | Partition Type: FAT32
Drive D: | 36,36 Gb Total Space | 17,84 Gb Free Space | 49,06% Space Free | Partition Type: NTFS
 
Computer Name: ACER-5D79586868 | User Name: Cezar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-10-19 16:08:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cezar\Pulpit\naprawa\OTL.exe
PRC - [2012-08-27 18:54:50 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\ouc.exe
PRC - [2012-06-22 15:55:48 | 000,265,952 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011-03-14 17:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-09-25 19:11:20 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2005-08-17 19:39:58 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005-03-30 15:29:48 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe
PRC - [2005-03-29 11:08:14 | 000,061,440 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\HotkeyApp.exe
PRC - [2005-03-03 17:39:34 | 000,077,824 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
PRC - [2004-12-16 13:13:54 | 000,045,056 | ---- | M] () -- C:\Program Files\USB all-in-one game controller\GM_DevUpdate.exe
PRC - [2004-10-11 10:47:02 | 000,245,760 | ---- | M] () -- C:\Program Files\Launch Manager\OSDCtrl.exe
PRC - [2004-10-05 16:25:10 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004-08-16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) -- C:\Acer\eManager\anbmServ.exe
PRC - [2004-01-28 17:48:10 | 000,184,320 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\ctrlvol.exe
PRC - [2002-08-30 15:02:48 | 000,094,208 | ---- | M] () -- C:\Program Files\Launch Manager\Powerkey.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-08-27 18:54:54 | 001,148,416 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll
MOD - [2012-08-27 18:54:54 | 000,398,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\QtXml4.dll
MOD - [2012-08-27 18:54:54 | 000,384,512 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\QueryStrategy.dll
MOD - [2012-08-27 18:54:52 | 002,415,104 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\QtCore4.dll
MOD - [2012-08-27 18:54:52 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll
MOD - [2012-08-27 18:54:52 | 000,011,362 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\mingwm10.dll
MOD - [2012-08-27 18:54:50 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\ouc.exe
MOD - [2012-06-22 15:55:48 | 000,265,952 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
MOD - [2011-03-14 17:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe
MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2005-11-15 21:02:42 | 000,010,752 | ---- | M] () -- C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll
MOD - [2005-03-30 15:29:48 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe
MOD - [2005-03-03 17:39:34 | 000,077,824 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
MOD - [2004-12-16 13:13:54 | 000,045,056 | ---- | M] () -- C:\Program Files\USB all-in-one game controller\GM_DevUpdate.exe
MOD - [2004-10-11 10:47:02 | 000,245,760 | ---- | M] () -- C:\Program Files\Launch Manager\OSDCtrl.exe
MOD - [2002-08-30 15:02:48 | 000,094,208 | ---- | M] () -- C:\Program Files\Launch Manager\Powerkey.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Unavailable | Unknown] --  -- (SQLAgent$PINNACLESYS)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012-08-27 18:54:50 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc)
SRV - [2012-06-22 15:55:48 | 000,265,952 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2011-03-14 17:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2004-08-16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) [Auto | Running] -- C:\Acer\eManager\anbmServ.exe -- (anbmService)
SRV - [2004-03-18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ZDCndis5.SYS -- (ZDCndis5)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Wbutton.sys -- (Wbutton)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (mailKmd)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\BurnInTest\DirectIo32.sys -- (DIRECTIO)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | System | Stopped] --  -- (cdrbsvsd)
DRV - [2012-08-27 18:54:54 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2012-08-27 18:54:54 | 000,095,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2012-08-27 18:54:54 | 000,076,544 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2012-08-27 18:54:54 | 000,067,584 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV - [2012-08-27 18:54:54 | 000,027,520 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2012-08-27 18:54:54 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2012-02-15 15:10:34 | 000,005,152 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\io.sys -- (io.sys)
DRV - [2010-02-11 14:02:16 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009-10-22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\90095202.sys -- (90095202)
DRV - [2009-10-09 23:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\9009520.sys -- (setup_9.0.0.722_19.10.2012_16-14drv)
DRV - [2009-09-25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\90095201.sys -- (90095201)
DRV - [2008-05-01 20:25:52 | 000,072,000 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2008-05-01 20:25:52 | 000,057,536 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2007-03-16 20:41:42 | 000,105,280 | ---- | M] (Your Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Mach3.sys -- (Mach3)
DRV - [2006-11-02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006-10-02 12:38:48 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2006-07-08 21:14:46 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dtscsi.sys -- (dtscsi)
DRV - [2006-07-08 21:13:14 | 000,664,064 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2005-12-19 11:23:20 | 000,366,464 | R--- | M] (AVerMedia Technologies, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134)
DRV - [2005-12-19 11:21:00 | 000,053,536 | R--- | M] (AVerMedia Technologies, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune)
DRV - [2005-12-06 17:11:20 | 000,035,328 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync03.sys -- (sfsync03)
DRV - [2005-09-25 19:11:20 | 000,127,488 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\imagesrv.sys -- (imagesrv)
DRV - [2005-09-25 19:11:20 | 000,005,888 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\imagedrv.sys -- (imagedrv)
DRV - [2005-08-19 18:31:52 | 003,644,800 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2005-08-10 14:44:06 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005-07-13 16:55:22 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005-05-16 15:20:40 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2005-03-20 09:24:10 | 000,099,904 | ---- | M] (Your Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Mach2.sys -- (Mach2)
DRV - [2005-03-04 16:37:26 | 000,008,704 | ---- | M] (Avocent/OSA Technologies Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio)
DRV - [2005-02-09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2005-02-08 16:33:06 | 000,970,240 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005-01-14 15:57:16 | 000,004,010 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osanbm.sys -- (osanbm)
DRV - [2005-01-10 15:47:14 | 000,449,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004-12-21 03:32:12 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004-12-16 15:45:14 | 000,020,992 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\GMFilter.sys -- (GMFilter)
DRV - [2004-12-16 12:20:44 | 000,010,880 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SKBusEnum.sys -- (skbusenum)
DRV - [2004-12-15 15:18:30 | 000,200,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWATI.sys -- (HSFHWATI)
DRV - [2004-12-15 15:18:28 | 000,703,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004-12-15 15:18:26 | 001,038,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004-12-02 16:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004-09-14 02:40:56 | 000,146,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004-04-19 07:01:00 | 000,006,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gflmouhid.sys -- (genmcmnUSB)
DRV - [2004-03-08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003-11-27 19:48:50 | 000,003,968 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VirtualK.sys -- (VirtualK)
DRV - [2003-04-28 11:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\HOTKEY.sys -- (Hotkey)
DRV - [2002-10-15 22:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2001-08-17 21:46:40 | 000,006,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\enum1394.sys -- (ENUM1394)
DRV - [2000-12-19 18:29:52 | 000,002,343 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Launch Manager\POWERKEY.SYS -- (POWERKEY)
DRV - [2000-11-28 22:47:16 | 000,004,256 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UserPort.sys -- (UserPort)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&crm=1
 
 
IE - HKU\.DEFAULT\..\SearchScopes\{102D08FE-6AE9-4D7E-A8A8-3644DE18941C}: "URL" = http://www.dealio.com/products.html?kwd={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes\{102D08FE-6AE9-4D7E-A8A8-3644DE18941C}: "URL" = http://www.dealio.com/products.html?kwd={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.onet.pl/
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120429&user_guid=EBD3B18855CD460199D400371D843A70&machine_id=6f9ed062996d4bb8d1830d015c127a74&browser=IE&os=win&os_version=5.1-x86-SP3&iesrc={referrer:source}
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=153319d4000000000000000ae4e11e16
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=3FC456FB-EE7B-46F1-8710-E198706F3AD9&apn_sauid=2CF1A091-A3AB-4CA6-ACB9-F3904ECF4DA4
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\SearchScopes\{56A12FA2-6E03-4E1B-9D63-05B7EA4AAB34}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_en
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\SearchScopes\{65894733-3D1C-44EC-9DA5-086953F12485}: "URL" = http://search.yahoo.com/search?ei=utf-8&fr=vmn&type=vdio2&p={searchTerms}
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\SearchScopes\{C60930BD-F52E-4879-8609-32C414A6DD93}: "URL" = http://www.dealio.com/products.html?kwd={searchTerms}
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&crm=1
IE - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2536: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2594: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1698: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{20978f0f-2978-4992-ae97-7d373c44e04e}: C:\Program Files\Techland\English Translator XT\MozillaTranslator [2010-09-15 18:21:34 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2012-01-20 13:47:42 | 000,012,393 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
O1 - Hosts: <html lang='en'>
O1 - Hosts: <head>
O1 - Hosts:             <meta name="description" content="Yahoo! GeoCities offers you a free web site and all the tools you need to build a dynamic site. Features include easy-to-use site building tools, online help, web site statistics, secure and reliable hosting, and an intuitive control panel.">
O1 - Hosts:             <title>Yahoo! GeoCities: Get a web site with easy-to-use site building tools.</title>
O1 - Hosts:             <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/combo?yui/2.5.2/build/reset-fonts-grids/reset-fonts-grids.css&smbiz/css/headfoot_6.css&smbiz/css/ysbs_glossary_1.css"> 
O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/lib/smbiz/css/geocities_84954.css"> 
O1 - Hosts: <style>
O1 - Hosts: h1 { line-height:30px;height:30px; padding-left:15px; font-weight:bold;font-size:1.6em;color:#1f296a;}
O1 - Hosts: .services li { margin-left:1.0em; padding-left:0.5em; background:url("http://l.yimg.com/a/lib/smbiz/i/geo_bullet_3x3_1.gif") no-repeat 0 0.5em; margin-bottom:0.5em;margin-left:1.5em;margin-right:0.5em;width:6em}
O1 - Hosts: .services li {float:left; width:17em; font-size:116%;margin-top:0.8em}
O1 - Hosts:  .services {  font-size:116%; padding-bottom:20px }
O1 - Hosts: .learnmore a {color:#2882DE;font-size:16px}
O1 - Hosts: .image_web  {float:right; margin:15px 0 0 15px}
O1 - Hosts: p {margin:20px;font-size:1em;}
O1 - Hosts: h2 {margin:20px 0 0 20px;color:#1F296;font-weight:bold;font-size:1.25em;color:#1f296a;}
O1 - Hosts: h3 {margin:20px;color:#1F296;font-weight:bold;font-size:1.15em;color:#1f296a;}
O1 - Hosts: li.rule {border-top:solid 1px #DBE1E6;}
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
O1 - Hosts:  <div class="ez-mw" style ="height:900px;width:905px">
O1 - Hosts:     <div class="ez-wri ez-oh" style="width:900px">
O1 - Hosts: 90 more lines...
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA2.dll (Conduit Ltd.)
O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Documents and Settings\Cezar\Dane aplikacji\Complitly\Complitly.dll (SimplyGen)
O3 - HKLM\..\Toolbar: (no name) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\prxtbMyA2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [CtrlVol] C:\Program Files\Launch Manager\ctrlvol.exe (Wistron)
O4 - HKLM..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe ()
O4 - HKLM..\Run: [mouseElf] C:\Program Files\Scroll Mouse\MouseElf.exe ()
O4 - HKLM..\Run: [PowerKey] C:\Program Files\Launch Manager\PowerKey.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe ()
O4 - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005..\Run: [IVONA Reader] "C:\Program Files\IVONA\IVONA Reader\IVONA Reader.exe.exe" -t -nosplash File not found
O4 - Startup: C:\Documents and Settings\Cezar\Menu Start\Programy\Autostart\GM_DevUpdate.lnk = C:\Program Files\USB all-in-one game controller\GM_DevUpdate.exe ()
O4 - Startup: C:\Documents and Settings\Cezar\Menu Start\Programy\Autostart\setup_9.0.0.722_19.10.2012_16-14.lnk = C:\Documents and Settings\Cezar\Pulpit\Virus Removal Tool\setup_9.0.0.722_19.10.2012_16-14\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run:  = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\S-1-5-21-2794341004-2308174378-3807644408-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {00000162-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/B/B/0BB06A5C-8611-4840-86B3-54DDDD0344B9/wma9dmo.cab (Reg Error: Key error.)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {3234504D-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/a/0/0/a0043c6c-8cd6-428e-9c9e-01883020f5ce/mpg4dmo.CAB (Reg Error: Key error.)
O16 - DPF: {3253534D-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/3/4/F345356C-453F-439C-8977-81149FBF0980/wms9dmo.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} http://slimak.onet.pl/_m/kamerzysta/OnetInstalator012s.ocx (Instalator oprogramowania Onet.pl)
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file:///C:/Program%20Files/MDT6/AcDcToday.ocx (AcDcToday Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} file:///C:/Program%20Files/MDT6/InstBanr.ocx (NOXLATE-BANR)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game11.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} file:///C:/Program%20Files/MDT6/InstFred.ocx (InstaFred)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Program%20Files/MDT6/AcPreview.ocx (AcPreview Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D58B7B7-390E-492B-9E8D-C66F12C8BC33}: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A75B0B2C-2366-459B-A17D-6AD821FF2179}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O22 - SharedTaskScheduler: cholecyst - {ee2975b6-e8d5-405e-8448-8fe9590f6cfb} - No CLSID value found.
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-10-12 19:40:38 | 000,000,007 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2012-04-29 12:00:39 | 000,000,000 | ---D | M] - D:\autocad -- [ NTFS ]
O33 - MountPoints2\{d3a2bdc2-f067-11e1-9cc6-000ae4e11e16}\Shell - "" = AutoRun
O33 - MountPoints2\{d3a2bdc2-f067-11e1-9cc6-000ae4e11e16}\Shell\AutoRun\command - "" = K:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-10-19 16:17:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cezar\Menu Start\Programy\CyberLink PowerDVD
[2012-10-19 15:51:50 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\9009520.sys
[2012-10-19 15:51:50 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\90095201.sys
[2012-10-19 15:51:50 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\90095202.sys
[2012-10-19 15:51:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cezar\Pulpit\Virus Removal Tool
[2012-10-19 15:51:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cezar\Pulpit\naprawa
[2012-10-06 15:21:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012-10-06 15:09:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CADSTAR 13.0
[2012-10-06 15:08:16 | 000,000,000 | ---D | C] -- C:\Program Files\Zuken
[2012-10-06 15:05:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
[2012-10-06 14:42:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tina 8 - Industrial
[2008-12-31 12:50:23 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Cezar\Dane aplikacji\pcouffin.sys
[2006-08-07 00:02:17 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2 C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-10-19 16:19:14 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-10-19 16:17:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-10-19 16:11:22 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\Cezar\defogger_reenable
[2012-10-19 15:53:12 | 000,002,119 | ---- | M] () -- C:\Documents and Settings\Cezar\Menu Start\Programy\Autostart\setup_9.0.0.722_19.10.2012_16-14.lnk
[2012-10-12 20:11:40 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012-10-12 20:08:46 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-10-12 19:51:34 | 000,012,393 | ---- | M] () -- C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\Bron.tok.A12.em.bin
[2012-10-12 19:40:38 | 000,000,007 | -HS- | M] () -- C:\AUTOEXEC.BAT
[2012-10-08 20:17:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-10-06 15:26:02 | 000,002,377 | ---- | M] () -- C:\Documents and Settings\Cezar\Pulpit\CADSTAR Design Editor.lnk
[2012-10-06 15:24:42 | 000,258,248 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-10-06 14:42:16 | 000,001,668 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tina.lnk
[2012-10-06 14:40:18 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Cezar\Dane aplikacji\chrtmp
[2012-10-05 17:49:44 | 000,000,162 | ---- | M] () -- C:\WINDOWS\LOGOSOFT.INI
[2012-10-04 15:48:10 | 000,001,614 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tina-TI_2.lnk
[2012-10-02 19:04:42 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2012-09-28 09:12:00 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-09-28 09:10:26 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2012-09-27 09:03:34 | 000,000,073 | ---- | M] () -- C:\Documents and Settings\Cezar\default.pls
[2012-09-24 08:26:30 | 000,044,544 | ---- | M] () -- C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-10-19 16:10:49 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Cezar\defogger_reenable
[2012-10-19 15:53:10 | 000,002,119 | ---- | C] () -- C:\Documents and Settings\Cezar\Menu Start\Programy\Autostart\setup_9.0.0.722_19.10.2012_16-14.lnk
[2012-10-12 19:51:33 | 000,012,393 | ---- | C] () -- C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\Bron.tok.A12.em.bin
[2012-10-06 16:18:36 | 000,000,056 | ---- | C] () -- C:\WINDOWS\TiojCk.dat
[2012-10-06 15:09:37 | 000,002,377 | ---- | C] () -- C:\Documents and Settings\Cezar\Pulpit\CADSTAR Design Editor.lnk
[2012-10-06 14:42:15 | 000,001,668 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tina.lnk
[2012-10-06 14:40:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cezar\Dane aplikacji\chrtmp
[2012-10-04 15:48:08 | 000,001,614 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tina-TI_2.lnk
[2012-04-29 12:35:22 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-04-11 21:18:38 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012-02-29 15:21:59 | 000,000,382 | ---- | C] () -- C:\Documents and Settings\Cezar\Dane aplikacji\burnaware.ini
[2012-02-25 19:34:11 | 000,392,075 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-2794341004-2308174378-3807644408-1005-0.dat
[2012-02-25 19:34:09 | 000,161,434 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2012-02-16 09:56:28 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-02-15 15:10:32 | 000,005,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\io.sys
[2011-09-22 12:56:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\{91602D09-C922-4061-BF7E-FE8DE278D175}
[2011-09-22 12:56:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\{29E6E20D-7CBF-43C9-8B13-90DBAAD209FD}
[2011-08-26 16:27:00 | 000,042,687 | ---- | C] () -- C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\winlogon.exe
[2011-08-26 16:27:00 | 000,042,687 | ---- | C] () -- C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\services.exe
[2011-08-26 16:27:00 | 000,042,687 | ---- | C] () -- C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\lsass.exe
[2011-08-26 16:27:00 | 000,042,687 | ---- | C] () -- C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\inetinfo.exe
[2011-04-26 17:17:05 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-04-23 16:20:21 | 000,000,168 | ---- | C] () -- C:\WINDOWS\Config.ini
[2011-01-12 18:22:14 | 000,000,995 | ---- | C] () -- C:\WINDOWS\EnglishTranslator.INI
[2010-09-15 18:24:52 | 000,000,090 | ---- | C] () -- C:\Documents and Settings\Cezar\Dane aplikacji\XTDocSettings_et.ini
[2009-01-07 00:35:17 | 000,029,894 | ---- | C] () -- C:\Documents and Settings\Cezar\ExpressivoDictionary.xml
[2008-12-31 12:50:23 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Cezar\Dane aplikacji\inst.exe
[2008-12-31 12:50:23 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Cezar\Dane aplikacji\pcouffin.cat
[2008-12-31 12:50:23 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Cezar\Dane aplikacji\pcouffin.inf
[2008-09-14 23:34:02 | 000,000,197 | -HS- | C] () -- C:\Program Files\Common Files\maxtreme.dat
[2008-02-22 10:08:18 | 001,433,218 | ---- | C] () -- C:\Documents and Settings\Cezar\Wydruk fotografii na całej stronie.pdf
[2007-06-29 22:09:53 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\LocalService\Dane aplikacji\$_hpcst$.hpc
[2007-01-15 19:57:04 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2006-10-19 17:38:54 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\Cezar\default.pls
[2006-09-21 22:37:47 | 009,175,040 | ---- | C] () -- C:\Documents and Settings\Cezar\NTUSER.rbt
[2006-07-10 00:15:05 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Cezar\Dane aplikacji\$_hpcst$.hpc
[2006-07-08 23:15:51 | 000,044,544 | ---- | C] () -- C:\Documents and Settings\Cezar\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2007-01-15 19:55:38 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 19:20:48 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 19:20:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2006-07-15 23:02:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle
[2007-01-15 19:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle Studio
[2008-01-27 22:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Zylom
[2008-11-27 20:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sigillum
[2008-11-28 17:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MumboJumbo
[2009-02-12 00:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Azureus
[2010-11-20 16:46:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2012-01-20 13:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ask
[2012-02-04 15:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2012-02-25 12:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VOWSoft
[2012-02-29 15:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2012-04-04 18:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Schematica
[2012-08-27 18:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService
[2012-08-27 18:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE
[2012-02-25 12:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Softland
[2009-02-23 14:11:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\BESTplayer
[2006-10-02 00:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Pegasys Inc
[2006-10-24 23:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\uTorrent
[2007-01-15 20:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Pinnacle Systems
[2007-05-04 22:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Camfrog
[2007-05-10 21:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Gadu-Gadu
[2007-08-11 23:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\AutoUpdate
[2007-08-11 23:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Kamerzysta
[2008-08-27 23:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\LuckyTender
[2008-09-14 22:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Webcammax
[2008-12-07 18:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\ACDInTouch
[2008-12-31 12:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Vso
[2011-05-26 17:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\CadSoft
[2009-02-07 20:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Desktopicon
[2008-01-27 00:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\LEAPS
[2008-01-30 23:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Thinstall
[2008-02-04 22:08:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\GetRightToGo
[2010-02-17 14:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Autodesk
[2009-02-12 00:18:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Azureus
[2012-01-20 10:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\IVONA ControlCenter
[2012-02-04 15:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Babylon
[2012-04-05 19:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\EurekaLog
[2012-02-11 18:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Complitly
[2012-02-11 18:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\SumatraPDF
[2012-02-25 11:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Easeware
[2012-02-25 12:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Softland
[2012-02-29 15:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\Ashampoo
[2012-03-13 14:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\PriceGong
[2008-04-27 11:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cezar\Dane aplikacji\iScreensaver
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >