OTL logfile created on: 2012-10-31 21:12:17 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = F:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
510,99 Mb Total Physical Memory | 112,28 Mb Available Physical Memory | 21,97% Memory free
1,22 Gb Paging File | 0,76 Gb Available in Paging File | 62,58% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 12,12 Gb Total Space | 2,73 Gb Free Space | 22,50% Space Free | Partition Type: NTFS
Drive D: | 1,70 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 14,88 Gb Total Space | 14,26 Gb Free Space | 95,82% Space Free | Partition Type: FAT32
 
Computer Name: MX8PC | User Name: Jaro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 90 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-10-30 13:16:08 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-10-30 11:36:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2012-10-29 08:56:08 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-08-16 17:26:38 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009-06-27 16:16:26 | 003,642,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009-04-20 15:56:20 | 009,818,728 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe
PRC - [2009-04-20 15:08:38 | 000,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2009-01-29 23:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
PRC - [2003-12-15 19:42:24 | 000,720,896 | ---- | M] () -- C:\Program Files\PLANET\WL-8303\RtlWake.exe
PRC - [2002-09-24 22:03:31 | 000,830,048 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe
PRC - [2002-09-24 19:55:30 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2002-09-24 19:55:27 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2002-09-24 19:55:27 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2002-09-24 19:55:27 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-10-30 13:16:04 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-07-30 17:33:17 | 000,043,520 | ---- | M] () -- C:\WINDOWS\system32\CmdLineExt03.dll
MOD - [2009-04-20 15:08:38 | 000,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
MOD - [2009-04-20 15:05:08 | 000,225,280 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\ggipcradioproxy.dll
MOD - [2009-04-20 15:05:08 | 000,221,184 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\gglog.dll
MOD - [2009-04-20 15:05:08 | 000,017,920 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\ggipc.dll
MOD - [2009-03-06 00:59:46 | 000,978,944 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\QtNetwork4.dll
MOD - [2009-03-06 00:59:44 | 002,289,664 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\QtCore4.dll
MOD - [2009-03-06 00:59:42 | 008,241,152 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\QtGui4.dll
MOD - [2009-03-06 00:59:42 | 000,372,736 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\QtXml4.dll
MOD - [2009-03-06 00:59:42 | 000,299,008 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\QtSvg4.dll
MOD - [2009-02-26 12:45:58 | 000,282,624 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\imageformats\qtiff4.dll
MOD - [2009-02-26 12:45:58 | 000,233,472 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\imageformats\qmng4.dll
MOD - [2009-02-26 12:45:58 | 000,135,168 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\imageformats\qjpeg4.dll
MOD - [2009-02-26 12:45:58 | 000,022,016 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\imageformats\qgif4.dll
MOD - [2009-02-26 12:45:58 | 000,016,384 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\imageformats\qsvg4.dll
MOD - [2009-02-26 12:45:50 | 000,059,904 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\zlib1.dll
MOD - [2009-02-03 03:15:28 | 003,771,296 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008-03-22 23:01:34 | 000,039,424 | ---- | M] () -- C:\Program Files\Alky for Applications\vshellext.dll
MOD - [2006-10-22 11:22:00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll
MOD - [2004-03-15 17:33:20 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\WakeResDll.dll
MOD - [2003-12-15 19:42:24 | 000,720,896 | ---- | M] () -- C:\Program Files\PLANET\WL-8303\RtlWake.exe
MOD - [2002-09-24 22:03:31 | 000,830,048 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe
MOD - [2002-09-24 19:55:30 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2012-10-30 13:16:04 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-10-29 08:56:08 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-10-28 19:26:21 | 001,737,728 | ---- | M] (Lavasoft Limited                                                  ) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2002-09-24 22:03:31 | 000,830,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe -- (vToolbarUpdater12.1.5)
SRV - [2002-09-24 19:55:30 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2002-09-24 19:55:27 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2002-09-24 19:55:27 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | Disabled | Stopped] -- System32\Drivers\sptd.sys -- (sptd)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012-08-16 18:07:08 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2012-08-16 18:06:46 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2011-09-16 15:09:17 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010-06-17 13:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-07-05 01:19:05 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2007-02-16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004-02-04 06:17:16 | 000,184,576 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8180.sys -- (rtl8180)
DRV - [2002-09-24 22:03:39 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2002-09-24 19:55:31 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2002-09-24 19:55:31 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1606980848-527237240-1644491937-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
IE - HKU\S-1-5-21-1606980848-527237240-1644491937-1004\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1606980848-527237240-1644491937-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1606980848-527237240-1644491937-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=113480&tt=130812_ppcs1_3312_5&babsrc=KW_ss&mntrId=d06e32fa00000000000000304f369713&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-10-30 13:16:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012-07-30 17:19:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jaro\Dane aplikacji\Mozilla\Extensions
[2012-10-30 18:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jaro\Dane aplikacji\Mozilla\Firefox\Profiles\gwyycsr8.default\extensions
[2012-10-30 13:14:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-10-30 13:16:14 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-10-30 13:15:51 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-10-30 13:15:51 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-10-30 13:15:51 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-10-30 13:15:51 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-10-30 13:15:51 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-10-30 13:15:51 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" File not found
O4 - HKU\.DEFAULT..\Run: [TransBar] C:\WINDOWS\TransBar.exe (AKSoftware)
O4 - HKU\S-1-5-18..\Run: [TransBar] C:\WINDOWS\TransBar.exe (AKSoftware)
O4 - HKU\S-1-5-20..\Run: [TransBar] C:\WINDOWS\TransBar.exe (AKSoftware)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\PLANET WL-8303.lnk = C:\Program Files\PLANET\WL-8303\RtlWake.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-1606980848-527237240-1644491937-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1606980848-527237240-1644491937-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-21-1606980848-527237240-1644491937-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-1606980848-527237240-1644491937-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-21-1606980848-527237240-1644491937-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1606980848-527237240-1644491937-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-1606980848-527237240-1644491937-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-1606980848-527237240-1644491937-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3B7369E-FE59-486C-8983-D1C2249B72D9}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jaro\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jaro\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002-09-24 18:26:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002-11-25 02:28:38 | 000,024,576 | R--- | M] () - D:\AutoRunMorrowind.exe -- [ CDFS ]
O32 - AutoRun File - [2005-03-02 23:39:08 | 000,025,600 | R--- | M] (Cezary Noweta) - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2005-03-02 21:47:12 | 000,000,157 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]
 
[2012-10-31 20:50:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Jaro\Recent
[2012-10-30 23:29:07 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2012-10-30 23:29:07 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2012-10-30 23:29:04 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2012-10-30 23:29:03 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2012-10-30 23:29:02 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2012-10-30 23:29:01 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2012-10-30 23:29:01 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2012-10-30 23:29:00 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2012-10-30 23:28:59 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2012-10-30 23:28:59 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2012-10-30 23:28:58 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2012-10-30 23:28:57 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2012-10-30 23:28:56 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2012-10-30 23:28:53 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2012-10-30 23:28:51 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2012-10-30 23:28:50 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2012-10-30 23:28:49 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2012-10-30 23:28:49 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2012-10-30 23:28:48 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2012-10-30 23:28:47 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2012-10-30 23:28:46 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2012-10-30 23:28:45 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2012-10-30 23:28:45 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2012-10-30 23:28:41 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2012-10-30 23:28:41 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2012-10-30 23:28:22 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2012-10-30 23:28:22 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2012-10-30 23:28:15 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2012-10-30 23:25:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2012-10-30 23:21:43 | 000,000,000 | ---D | C] -- C:\Games
[2012-10-30 18:13:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
[2012-10-30 18:07:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2012-10-30 18:05:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2012-10-30 18:05:08 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-10-30 18:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2012-10-30 18:01:33 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012-10-30 13:13:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-10-29 17:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2012-10-29 17:23:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ubisoft
[2012-10-29 08:59:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2012-10-29 08:59:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaro\Ustawienia lokalne\Dane aplikacji\Sun
[2012-10-29 08:57:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2012-10-29 08:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-10-29 08:57:34 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012-10-29 08:57:33 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012-10-29 08:57:32 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-10-29 08:57:09 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-10-29 08:57:09 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-10-29 08:57:09 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012-08-19 19:24:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Games
[2012-08-19 19:23:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2012-08-19 19:21:54 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll
[2012-08-19 19:21:52 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll
[2012-08-19 19:21:52 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2012-08-19 19:21:52 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2012-08-19 19:21:52 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2012-08-19 19:21:50 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2012-08-19 19:21:50 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2012-08-19 19:21:50 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2012-08-19 19:21:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2012-08-19 19:21:50 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2012-08-19 19:21:48 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qedit.dll
[2012-08-19 19:21:47 | 001,962,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll
[2012-08-19 19:21:47 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2012-08-19 19:21:47 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2012-08-19 19:21:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qasf.dll
[2012-08-19 19:21:45 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dramp.dll
[2012-08-19 19:21:45 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim.dll
[2012-08-19 19:21:45 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3drm.dll
[2012-08-19 19:21:45 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdv.dll
[2012-08-19 19:21:45 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qcap.dll
[2012-08-19 19:21:45 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devenum.dll
[2012-08-19 19:21:45 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dxof.dll
[2012-08-19 19:21:45 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dpmesh.dll
[2012-08-19 19:21:45 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxapi.sys
[2012-08-19 19:21:44 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2012-08-19 19:21:44 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2012-08-19 19:21:44 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2012-08-19 19:21:44 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2012-08-19 19:21:44 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2012-08-19 19:21:44 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2012-08-19 19:21:43 | 001,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll
[2012-08-19 19:21:43 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll
[2012-08-19 19:21:43 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2012-08-19 19:21:43 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2012-08-19 19:21:43 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2012-08-19 19:21:42 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2012-08-19 19:21:41 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2012-08-19 19:21:41 | 001,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2012-08-19 19:21:41 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll
[2012-08-19 19:21:41 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2012-08-19 19:21:41 | 000,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll
[2012-08-19 19:21:41 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2012-08-19 19:21:41 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2012-08-19 19:21:41 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diactfrm.dll
[2012-08-19 19:21:41 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll
[2012-08-19 19:21:41 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2012-08-19 19:21:41 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll
[2012-08-19 19:21:41 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll
[2012-08-19 19:21:41 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gcdef.dll
[2012-08-19 19:21:41 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2012-08-19 19:21:41 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2012-08-19 19:21:41 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2012-08-19 19:21:41 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2012-08-19 19:21:41 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2012-08-19 19:21:41 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2012-08-19 19:21:41 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll
[2012-08-19 19:21:41 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2012-08-19 19:21:41 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dimap.dll
[2012-08-19 19:21:41 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2012-08-19 19:21:41 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2012-08-19 19:21:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2012-08-19 19:21:41 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll
[2012-08-19 19:21:41 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2012-08-19 19:21:41 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2012-08-19 19:21:41 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll
[2012-08-19 19:21:41 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2012-08-19 19:21:41 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2012-08-19 19:21:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012-08-16 18:07:32 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2012-08-16 18:07:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2012-08-16 18:07:19 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012-08-16 17:55:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaro\Ustawienia lokalne\Dane aplikacji\Sunbelt Software
[2012-08-16 17:53:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2012-08-16 17:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012-08-16 17:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Lavasoft
[2012-08-16 17:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
[2012-08-15 20:56:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaro\Dane aplikacji\Media Player Classic
[2012-08-15 20:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Real Alternative
[2012-08-15 20:55:49 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2012-08-15 20:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\Real Alternative
[2012-08-15 20:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaro\Ustawienia lokalne\Dane aplikacji\Babylon
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Jaro\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Jaro\Moje dokumenty\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 90 Days ==========[/color]
 
[2012-10-31 21:19:15 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-10-31 20:58:49 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012-10-31 20:58:49 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012-10-31 20:57:41 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012-10-31 20:54:13 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012-10-31 20:53:33 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-10-31 20:53:04 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012-10-31 20:52:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-10-31 20:52:23 | 535,879,680 | -HS- | M] () -- C:\hiberfil.sys
[2012-10-31 20:51:17 | 002,359,296 | -H-- | M] () -- C:\Documents and Settings\Jaro\NTUSER.DAT
[2012-10-31 20:51:05 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Jaro\ntuser.ini
[2012-10-31 20:50:19 | 003,235,422 | -H-- | M] () -- C:\Documents and Settings\Jaro\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2012-10-31 20:17:24 | 000,003,176 | ---- | M] () -- C:\WINDOWS\System32\NOTEPAD.ini
[2012-10-31 16:19:47 | 000,000,048 | ---- | M] () -- C:\WINDOWS\medigraf.INI
[2012-10-30 18:28:27 | 000,100,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-10-30 18:16:39 | 000,029,586 | ---- | M] () -- C:\Documents and Settings\Jaro\Pulpit\cc_20121030_181614.reg
[2012-10-30 18:13:10 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2012-10-30 18:05:37 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2012-10-29 17:30:38 | 000,001,956 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Elder Scrolls III - Morrowind Złota Edycja.lnk
[2012-10-29 08:56:12 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012-10-29 08:56:02 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-10-29 08:56:02 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-10-29 08:56:02 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-10-29 08:56:02 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012-10-29 08:56:01 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012-10-29 08:56:01 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012-10-28 20:04:12 | 001,260,534 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2012-10-28 20:04:12 | 000,556,486 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-10-28 20:04:12 | 000,494,636 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-10-28 20:04:12 | 000,106,540 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-10-28 20:04:12 | 000,085,200 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-10-28 19:59:27 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-08-19 19:24:15 | 000,000,914 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Fable - The Lost Chapters.lnk
[2012-08-19 19:05:55 | 000,000,524 | ---- | M] () -- C:\Documents and Settings\Jaro\Pulpit\Skrót do UbiquitousPlayer.lnk
[2012-08-16 18:07:13 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012-08-16 18:07:09 | 000,016,432 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2012-08-16 18:06:46 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2012-08-16 17:53:50 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Jaro\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Jaro\Moje dokumenty\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-10-31 16:19:47 | 000,000,048 | ---- | C] () -- C:\WINDOWS\medigraf.INI
[2012-10-30 18:16:20 | 000,029,586 | ---- | C] () -- C:\Documents and Settings\Jaro\Pulpit\cc_20121030_181614.reg
[2012-10-30 18:13:10 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2012-10-30 18:05:35 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2012-10-30 18:02:07 | 000,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-10-30 18:02:05 | 000,001,028 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-10-29 17:30:38 | 000,001,956 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Elder Scrolls III - Morrowind Złota Edycja.lnk
[2012-08-19 19:24:15 | 000,000,914 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Fable - The Lost Chapters.lnk
[2012-08-19 19:21:52 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2012-08-19 19:21:52 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2012-08-19 19:21:52 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2012-08-19 19:21:48 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2012-08-19 19:21:47 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2012-08-19 19:21:45 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2012-08-19 19:21:45 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2012-08-19 19:21:45 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2012-08-19 19:05:55 | 000,000,524 | ---- | C] () -- C:\Documents and Settings\Jaro\Pulpit\Skrót do UbiquitousPlayer.lnk
[2012-08-16 22:36:17 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2012-08-16 18:08:44 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2012-08-16 18:08:44 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2012-08-16 18:08:39 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012-08-16 17:53:50 | 000,000,873 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk
[2012-07-30 17:33:52 | 000,003,176 | ---- | C] () -- C:\WINDOWS\System32\NOTEPAD.ini
[2012-07-30 17:33:17 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2002-09-24 19:52:59 | 000,011,712 | ---- | C] () -- C:\Documents and Settings\Jaro\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2002-09-24 18:59:51 | 003,235,422 | -H-- | C] () -- C:\Documents and Settings\Jaro\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2002-09-24 18:52:23 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Jaro\ntuser.ini
[2002-09-24 18:52:02 | 002,359,296 | -H-- | C] () -- C:\Documents and Settings\Jaro\NTUSER.DAT
[2002-09-24 18:40:14 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2002-09-24 01:15:17 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
[2002-09-23 23:34:46 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Jaro\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2002-09-24 18:33:05 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009-06-09 00:53:09 | 003,418,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-07-05 00:06:28 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 23:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2002-09-24 18:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Foxit
[2002-09-24 22:00:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2002-09-24 20:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-07-30 19:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Desura
[2002-09-24 22:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2002-09-24 01:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\YTD Video Downloader
[2012-08-16 17:54:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2002-09-24 18:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\Foxit
[2002-09-24 04:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaro\Dane aplikacji\aliasworlds
[2012-10-30 18:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaro\Dane aplikacji\BitTorrent
[2002-09-25 22:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaro\Dane aplikacji\Braid
[2012-10-30 18:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaro\Dane aplikacji\DAEMON Tools Lite
[2002-09-24 18:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaro\Dane aplikacji\Foxit
[2002-09-23 23:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaro\Dane aplikacji\NapiProjekt
[2002-09-29 19:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaro\Dane aplikacji\Nowe Gadu-Gadu
[2002-09-29 10:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaro\Dane aplikacji\runic games
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:66EBECE17FD740DC

< End of report >