OTL logfile created on: 2012-11-01 21:40:44 - Run 12 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\Kuba i Michał\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,42 Gb Available Physical Memory | 80,59% Memory free 7,69 Gb Paging File | 7,24 Gb Available in Paging File | 94,15% Paging File free Paging file location(s): D:\pagefile.sys 2046 4092H:\pagef [Binary data over 200 bytes] %SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files Drive C: | 63,47 Gb Total Space | 3,25 Gb Free Space | 5,12% Space Free | Partition Type: NTFS Drive D: | 64,52 Gb Total Space | 1,43 Gb Free Space | 2,21% Space Free | Partition Type: NTFS Drive E: | 86,51 Gb Total Space | 2,95 Gb Free Space | 3,41% Space Free | Partition Type: NTFS Drive H: | 18,38 Gb Total Space | 0,34 Gb Free Space | 1,87% Space Free | Partition Type: NTFS Computer Name: KWIATKOW-BS58FY | User Name: Kuba i Michał | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-11-01 21:38:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Kuba i Michał\Pulpit\OTL.exe PRC - [2012-09-19 00:09:16 | 000,212,432 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe PRC - [2012-08-30 22:11:41 | 000,947,808 | ---- | M] () -- D:\Program Files\AVG Secure Search\vprot.exe PRC - [2012-08-29 14:33:38 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2012-07-31 06:07:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG2012\avgtray.exe PRC - [2012-07-03 11:34:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Common Files\Java\Java Update\jucheck.exe PRC - [2010-08-05 11:16:02 | 000,583,640 | ---- | M] (PC Tools) -- D:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe PRC - [2008-04-15 16:30:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe PRC - [2008-04-15 16:30:00 | 000,015,872 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\inetsrv\inetinfo.exe PRC - [2007-09-24 21:41:42 | 000,566,560 | ---- | M] (ABBYY (BIT Software)) -- D:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe PRC - [2007-05-08 20:30:48 | 002,179,072 | ---- | M] (UASSOFT.COM) -- D:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe PRC - [2006-11-10 10:42:28 | 000,099,936 | ---- | M] () -- D:\Program Files\Canon\IJPLM\ijplmsvc.exe PRC - [2005-07-08 19:54:46 | 000,871,424 | ---- | M] (Nero AG) -- D:\Program Files\Ahead\InCD\InCDsrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-08-30 22:11:47 | 000,564,832 | ---- | M] () -- D:\Program Files\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll MOD - [2012-08-30 22:11:46 | 000,132,704 | ---- | M] () -- D:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll MOD - [2012-08-30 22:11:41 | 000,947,808 | ---- | M] () -- D:\Program Files\AVG Secure Search\vprot.exe MOD - [2011-04-17 20:06:02 | 011,800,576 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\d7b7ee04166212533ae21eaeb584fb0d\System.Web.ni.dll MOD - [2011-04-17 20:01:22 | 000,971,264 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d6b4509225efde2a4e3db77205f8a51\System.Configuration.ni.dll MOD - [2011-04-17 19:59:33 | 000,025,600 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\fdf7f1404f4a5c7f5a0463d8e7a442e4\Accessibility.ni.dll MOD - [2011-04-17 17:35:18 | 005,450,752 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\b06e49ed8cbe07dbb90e313fa634b27b\System.Xml.ni.dll MOD - [2011-04-17 17:35:13 | 012,430,848 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ed2bf0d86229128c194a872f70fe15ee\System.Windows.Forms.ni.dll MOD - [2011-04-17 17:35:01 | 001,587,200 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d912066086a59f09424c7c69f95e2c55\System.Drawing.ni.dll MOD - [2011-04-17 17:33:04 | 007,949,824 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\f02cf6430a9fc77908a74ab6925cb73c\System.ni.dll MOD - [2011-04-17 17:32:57 | 011,490,816 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\62d5f089dd51f18472a7caf1593d9f6b\mscorlib.ni.dll MOD - [2011-04-17 17:32:06 | 000,303,104 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2011-01-30 20:15:24 | 000,300,544 | ---- | M] () -- D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL MOD - [2010-06-23 01:37:40 | 000,270,336 | ---- | M] () -- D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2010-04-08 14:53:26 | 000,430,080 | R--- | M] () -- D:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2010-03-16 14:52:12 | 000,014,848 | ---- | M] () -- D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll MOD - [2010-03-09 07:25:56 | 000,010,752 | ---- | M] () -- D:\Program Files\Unlocker\UnlockerCOM.dll MOD - [2010-01-30 05:11:12 | 004,254,560 | ---- | M] () -- D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2009-03-23 18:54:29 | 000,425,984 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_pl_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009-03-23 18:54:27 | 000,311,296 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2006-11-10 10:42:28 | 000,099,936 | ---- | M] () -- D:\Program Files\Canon\IJPLM\ijplmsvc.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- D:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - File not found [On_Demand | Stopped] -- H:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService) SRV - File not found [On_Demand | Stopped] -- H:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService) SRV - File not found [Auto | Stopped] -- H:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service) SRV - File not found [On_Demand | Stopped] -- D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - File not found [Auto | Stopped] -- H:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service) SRV - File not found [Auto | Stopped] -- D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service) SRV - File not found [Disabled | Stopped] -- D:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller) SRV - File not found [Auto | Stopped] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - File not found [Auto | Stopped] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010-08-05 11:16:02 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- D:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2010-02-25 00:31:00 | 003,432,444 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- D:\WINDOWS\system32\GameMon.des -- (npggsvc) SRV - [2008-04-15 16:30:00 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\WINDOWS\system32\iprip.dll -- (Iprip) SRV - [2008-04-15 16:30:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC) SRV - [2008-04-15 16:30:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) SRV - [2008-04-15 16:30:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN) SRV - [2007-09-24 21:41:42 | 000,566,560 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- D:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0) SRV - [2007-05-08 20:30:48 | 002,179,072 | ---- | M] (UASSOFT.COM) [Auto | Running] -- D:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe -- (KMWDSERVICE) SRV - [2006-11-10 10:42:28 | 000,099,936 | ---- | M] () [Auto | Running] -- D:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2005-07-08 19:54:46 | 000,871,424 | ---- | M] (Nero AG) [Auto | Running] -- D:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VcommMgr.sys -- (VcommMgr) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VComm.sys -- (VComm) DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\ssmdrv.sys -- (ssmdrv) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (eeCtrl) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcusb.sys -- (Btcsrusb) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btnetdrv.sys -- (BT) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\blueletaudio.sys -- (BlueletAudio) DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\avipbb.sys -- (avipbb) DRV - File not found [File_System | Auto | Stopped] -- system32\DRIVERS\avgntflt.sys -- (avgntflt) DRV - File not found [Kernel | System | Stopped] -- D:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AmdLLD.sys -- (AmdLLD) DRV - [2012-11-01 18:18:41 | 000,054,016 | ---- | M] () [Kernel | Boot | Unknown] -- D:\WINDOWS\system32\drivers\lbmdv.sys -- (oiwnnpy) DRV - [2010-12-17 19:33:23 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- D:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2010-12-06 22:57:01 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-09-01 00:35:41 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2010-09-01 00:35:41 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-06-23 02:30:04 | 005,068,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010-06-17 19:22:55 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32) DRV - [2010-04-06 21:03:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs) DRV - [2010-04-06 21:02:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs) DRV - [2010-04-06 21:02:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\BtHidBus.sys -- (BtHidBus) DRV - [2010-03-31 02:08:26 | 000,020,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\cpuz133_x32.sys -- (cpuz133) DRV - [2010-03-01 14:13:16 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) DRV - [2010-03-01 14:13:12 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2010-03-01 14:13:12 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) DRV - [2010-03-01 14:13:12 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex) DRV - [2010-03-01 14:13:12 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2010-03-01 14:13:10 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) DRV - [2010-03-01 14:13:10 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) DRV - [2009-09-23 19:40:06 | 000,207,280 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore) DRV - [2009-02-26 10:10:10 | 000,099,856 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009-02-17 19:25:54 | 005,026,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2008-08-05 22:40:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ambfilt.sys -- (Ambfilt) DRV - [2008-05-16 16:03:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) DRV - [2008-05-16 16:03:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) DRV - [2008-05-16 16:03:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl) DRV - [2008-05-16 16:03:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm) DRV - [2008-05-16 16:03:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) DRV - [2008-05-16 16:03:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex) DRV - [2008-05-16 16:03:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) DRV - [2008-04-18 13:14:04 | 000,026,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Mac606.sys -- (Mac606) DRV - [2008-04-18 13:13:54 | 000,018,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\HidNt.sys -- (HidNt) DRV - [2008-01-21 11:26:38 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5) DRV - [2008-01-21 11:26:38 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5) DRV - [2008-01-18 20:11:02 | 000,012,800 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\EIO1.sys -- (EIO1) DRV - [2007-11-14 02:59:23 | 000,051,968 | R--- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\gt72ubus.sys -- (GT72UBUS) DRV - [2007-11-14 02:59:23 | 000,008,064 | R--- | M] (Option N.V.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\gtptser.sys -- (GTPTSER) DRV - [2007-11-14 02:59:22 | 000,095,744 | R--- | M] (Option NV) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Gt51Ip.sys -- (GT72NDISIPXP) DRV - [2006-12-28 08:14:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService) DRV - [2006-12-14 13:14:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006-10-18 13:01:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\nvata.sys -- (nvata) DRV - [2006-06-19 03:21:32 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006-06-14 20:30:34 | 000,059,264 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04) DRV - [2006-06-14 19:40:38 | 000,058,232 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2006-06-14 19:26:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) DRV - [2006-01-04 18:11:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2005-12-06 19:41:18 | 000,035,328 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\sfsync03.sys -- (sfsync03) DRV - [2005-11-03 19:10:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) DRV - [2005-08-29 21:15:34 | 000,853,258 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\btkrnl.sys -- (btkrnl) DRV - [2005-07-08 19:47:56 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- D:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec) DRV - [2005-07-08 19:47:54 | 000,099,584 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- D:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs) DRV - [2005-07-08 19:47:36 | 000,029,696 | ---- | M] (Nero AG) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass) DRV - [2005-07-08 18:47:32 | 000,028,672 | ---- | M] (Nero AG) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm) DRV - [2005-04-30 18:20:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum) DRV - [2005-04-30 18:20:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2004-11-14 15:31:02 | 000,006,852 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\Vcs.sys -- (Vcs) DRV - [2004-10-24 10:41:00 | 000,028,800 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\PPortJoy.sys -- (PPortJoystick) DRV - [2004-10-24 10:41:00 | 000,013,952 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\PPJoyBus.sys -- (PPJoyBus) DRV - [2003-12-05 14:16:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2003-09-17 19:27:22 | 000,008,440 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\LANPkt.sys -- (LANPkt) DRV - [2002-10-04 06:34:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139) DRV - [2001-08-18 01:19:10 | 000,026,624 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\irstusb.sys -- (STIrUsb) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gazeta.pl/0,0.html?p=113 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = {1F02F1AF-75AF-4CC4-889E-A594D10F8DD6} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{1F02F1AF-75AF-4CC4-889E-A594D10F8DD6}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{36F27652-19CF-442E-A97D-8ECDC3B1E3B0}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=2510aea0-de38-11e0-8b60-00e04c100ab8&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 203.160.1.94:80 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 203.160.1.94:80 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1078081533-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Disable Script Debugger Default = IE - HKU\S-1-5-21-1078081533-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,DisableScriptDebuggerIE Default = IE - HKU\S-1-5-21-1078081533-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-1078081533-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1078081533-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=113 IE - HKU\S-1-5-21-1078081533-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1078081533-299502267-839522115-1003\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-1078081533-299502267-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-1078081533-299502267-839522115-1003\..\SearchScopes\{1F02F1AF-75AF-4CC4-889E-A594D10F8DD6}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_en IE - HKU\S-1-5-21-1078081533-299502267-839522115-1003\..\SearchScopes\{36F27652-19CF-442E-A97D-8ECDC3B1E3B0}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_en IE - HKU\S-1-5-21-1078081533-299502267-839522115-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={83E7138C-5CB6-4281-A74F-9A6FB8E69AF9}&mid=e9e8e12cc64447d08430d1a90af4e34b-0d067dae5e7e84af70bb79418a28c71df2b2738c&lang=pl&ds=AVG&pr=fr&d=2012-07-17 20:34:22&v=12.2.5.32&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-1078081533-299502267-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&q=" FF - prefs.js..network.proxy.http: "82.134.72.203" FF - prefs.js..network.proxy.http_port: 3128 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: D:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: D:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: H:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: D:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: D:\Documents and Settings\All Users\Dane aplikacji\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: D:\DOCUME~1\KUBAIM~1\DANEAP~1\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: H:\Program Files\Spyware Doctor\BDT\FireFox\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}: D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\ [2012-05-10 19:39:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: D:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\12.2.5.32\ [2012-08-30 22:11:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012-10-27 21:16:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2012-10-27 21:15:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-03-28 19:31:50 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Extensions [2012-11-01 21:06:42 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions [2012-08-21 18:04:06 | 000,000,000 | ---D | M] (XfireXO Community Toolbar) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} [2012-11-01 21:06:42 | 000,000,000 | ---D | M] (Flash and Video Download) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2012-08-21 18:04:10 | 000,000,000 | ---D | M] (Brothersoft Community Toolbar) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\{e8de9422-3b2c-4243-bf6f-235da84d8ef8} [2011-02-20 15:26:37 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\battlefieldheroespatcher@ea.com [2011-11-10 19:08:56 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\battlefieldplay4free@ea.com [2011-09-13 23:20:02 | 000,000,000 | ---D | M] (IE Tab +) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\coralietab@mozdev.org [2012-10-25 18:48:00 | 000,000,000 | ---D | M] ("NetVideoHunter") -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\netvideohunter@netvideohunter.com [2012-03-22 00:13:46 | 000,000,000 | ---D | M] (Download Youtube Videos +) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\video.downloader.plugin@ffpimp.com [2012-10-18 23:09:55 | 000,221,098 | ---- | M] () (No name found) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\artur.dubovoy@gmail.com.xpi [2012-02-02 17:35:23 | 002,265,909 | ---- | M] () (No name found) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\firefox@tvunetworks.com.xpi [2012-02-02 17:35:13 | 000,020,591 | ---- | M] () (No name found) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-10-23 12:52:50 | 000,012,929 | ---- | M] () (No name found) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2012-08-30 19:33:08 | 000,199,396 | ---- | M] () (No name found) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2012-07-25 01:46:34 | 000,741,958 | ---- | M] () (No name found) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-09-10 18:10:04 | 000,089,388 | ---- | M] () (No name found) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}.xpi [2012-01-23 00:53:59 | 000,002,281 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\searchplugins\s-amazon.xml [2012-02-11 19:41:25 | 000,000,792 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\searchplugins\startsear.xml [2011-08-05 23:14:52 | 000,001,565 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ariz3vd3.default\searchplugins\web-search.xml [2012-10-27 21:15:29 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions [2012-10-27 21:15:28 | 000,000,000 | ---D | M] (BlueSoleil Extension) -- D:\Program Files\Mozilla Firefox\extensions\{231D7D17-4F1B-4933-AB61-E502DB82FD11}(2) [2012-10-27 21:15:29 | 000,000,000 | ---D | M] (BlueSoleil Extension) -- D:\Program Files\Mozilla Firefox\extensions\{231D7D17-4F1B-4933-AB61-E502DB82FD11}(3) [2012-10-27 21:15:29 | 000,000,000 | ---D | M] (flashget3 Extension) -- D:\Program Files\Mozilla Firefox\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} [2012-10-27 21:16:00 | 000,261,600 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll [2010-08-24 14:01:30 | 000,773,120 | ---- | M] (BitComet) -- D:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2009-06-15 13:44:40 | 000,120,296 | ---- | M] ( ) -- D:\Program Files\mozilla firefox\plugins\npganymedenet.dll [2002-09-16 18:02:04 | 000,138,752 | ---- | M] () -- D:\Program Files\mozilla firefox\plugins\npImagine.dll [2009-07-16 20:52:24 | 000,591,352 | ---- | M] (Ganymede Technologies) -- D:\Program Files\mozilla firefox\plugins\NPROULETTE.dll [2011-10-03 13:44:54 | 000,083,456 | ---- | M] (vShare.tv ) -- D:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll [2011-03-22 23:08:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- D:\Program Files\mozilla firefox\plugins\npwachk.dll [2009-07-16 20:53:18 | 000,587,280 | ---- | M] (Ganymede Technologies) -- D:\Program Files\mozilla firefox\plugins\NPWORDSSINGLE.dll [2009-10-23 17:31:34 | 000,102,400 | ---- | M] (Zylom) -- D:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll [2012-09-11 17:39:18 | 000,002,767 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-08-30 22:11:41 | 000,003,769 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012-09-11 17:39:18 | 000,001,406 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-09-11 17:39:18 | 000,000,917 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-09-11 17:39:18 | 000,000,858 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-09-11 17:39:18 | 000,001,183 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-09-11 17:39:18 | 000,001,683 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://startsear.ch/?aff=1&cf=2510aea0-de38-11e0-8b60-00e04c100ab8 CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://startsear.ch/?aff=1&cf=2510aea0-de38-11e0-8b60-00e04c100ab8 CHR - plugin: Shockwave Flash (Enabled) = D:\Documents and Settings\Kuba i Micha\u0142\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.94\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = D:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = D:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = D:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = D:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - plugin: DivX Web Player (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npdivx32.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = D:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = D:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = D:\Documents and Settings\Kuba i Micha\u0142\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Documents and Settings\Kuba i Micha\u0142\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: vShare.tv plug-in (Enabled) = D:\Documents and Settings\Kuba i Micha\u0142\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll CHR - plugin: vShare.tv plug-in (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll CHR - plugin: BitCometAgent (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll CHR - plugin: DivX Player Netscape Plugin (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll CHR - plugin: GanymedeNet.Detector (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll CHR - plugin: Imagine Plugin (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npImagine.dll CHR - plugin: Ganymede Plugin (Enabled) = D:\Program Files\Mozilla Firefox\plugins\NPROULETTE.dll CHR - plugin: Ganymede Plugin (Enabled) = D:\Program Files\Mozilla Firefox\plugins\NPWORDSSINGLE.dll CHR - plugin: Winamp Application Detector (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Zylom Plugin (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Power Challenge Loader (Enabled) = D:\DOCUME~1\KUBAIM~1\DANEAP~1\POWERC~1\nppowerloader.dll CHR - plugin: Nexon Game Controller (Enabled) = D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll CHR - plugin: Google Update (Enabled) = D:\Documents and Settings\Kuba i Micha\u0142\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Google Updater (Enabled) = D:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll CHR - plugin: Unity Player (Enabled) = D:\Documents and Settings\Kuba i Micha\u0142\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: DNA Plug-in (Enabled) = D:\Program Files\DNA\plugins\npbtdna.dll CHR - plugin: Google Earth Plugin (Enabled) = D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Pando Web Plugin (Enabled) = D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Windows Presentation Foundation (Enabled) = D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Battlefield Heroes = D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.127.0_0\ CHR - Extension: IE Tab = D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.10.10.1_0\ CHR - Extension: Facemoods = D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.6.0_0\ CHR - Extension: Facemoods = D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.6.0_0\facemoods\ CHR - Extension: APK Downloader = D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jdpglblnnaocjhfenhockgamhoogihfi\1.3.2_0\ CHR - Extension: APK Downloader = D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\johbbanbdddngnjkcemcdnplpobhccdd\1.2.1_0\ CHR - Extension: vshare plugin = D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ CHR - Extension: AVG Secure Search = D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.2.5.32_0\ CHR - Extension: Gmail = D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012-07-09 01:24:27 | 000,000,908 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 91.203.4.126 pes6gate-ec.winning-eleven.net O1 - Hosts: 94.79.54.208 we9stun.winning-eleven.net O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics) O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - H:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll File not found O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - D:\Program Files\XfireXO\prxtbXfi2.dll (Conduit Ltd.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\program files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - D:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.) O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\FlashGetBHO\FlashGetBHO31.dll (Trend Media Group) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\program files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - D:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - D:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll () O3 - HKU\S-1-5-21-1078081533-299502267-839522115-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4 - HKLM..\Run: [Alcmtr] D:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [amd_dc_opt] D:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [AVG_TRAY] D:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [HF_G_Jul] D:\Program Files\AVG Secure Search\HF_G_Jul.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [ROC_ROC_JULY_P1] D:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe () O4 - HKLM..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [vProt] D:\Program Files\AVG Secure Search\vprot.exe () O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] D:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation) O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] D:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] D:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 [2012-09-07 14:52:45 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2012-09-07 14:52:45 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2012-09-07 14:52:45 | 000,000,000 | ---D | M] O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1078081533-299502267-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1078081533-299502267-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1078081533-299502267-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1078081533-299502267-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O15 - HKU\S-1-5-21-1078081533-299502267-839522115-1003\..Trusted Domains: ([]msn in My Computer) O15 - HKU\S-1-5-21-1078081533-299502267-839522115-1003\..Trusted Domains: kuaiche.com ([software] http in Trusted sites) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.62 62.179.1.63 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{279DFBBF-CBB7-4479-8BCE-1091FD976F32}: DhcpNameServer = 62.179.1.62 62.179.1.63 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - D:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll () O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - D:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\program files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-03-17 00:28:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-11-11 00:29:36 | 000,000,000 | ---D | M] - E:\Automap -- [ NTFS ] O32 - AutoRun File - [2009-06-11 02:12:20 | 000,000,024 | ---- | M] () - H:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (sprestrt) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-11-01 21:38:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Kuba i Michał\Pulpit\OTL.exe [2012-10-29 20:01:26 | 000,104,752 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\drivers\VBoxNetAdp.sys [2012-10-29 20:01:15 | 000,158,512 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\drivers\VBoxDrv.sys [2012-10-29 20:01:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Oracle VM VirtualBox [2012-10-29 20:01:13 | 000,091,952 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\drivers\VBoxUSBMon.sys [2012-10-27 21:15:23 | 000,000,000 | ---D | C] -- D:\Program Files\Mozilla Firefox [2012-10-10 17:05:48 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Kuba i Michał\Recent [2012-10-09 20:27:56 | 010,220,472 | ---- | C] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerInstaller.exe [2012-10-02 23:31:45 | 000,246,760 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\javaws.exe [2012-10-02 23:31:35 | 000,174,056 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\javaw.exe [2012-10-02 23:31:35 | 000,174,056 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\java.exe [2012-10-02 23:31:35 | 000,093,672 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\WindowsAccessBridge.dll [2011-04-04 19:29:49 | 009,752,576 | ---- | C] (Chaos Group Ltd) -- D:\Program Files\vray2009.dll [2011-04-04 19:29:49 | 002,875,392 | ---- | C] (Intel Corporation) -- D:\Program Files\libmmd.dll [2009-03-31 14:04:39 | 000,047,360 | ---- | C] (VSO Software) -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\pcouffin.sys [6 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ] [1 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-11-01 21:44:00 | 000,001,036 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-11-01 21:44:00 | 000,001,032 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-11-01 21:43:00 | 000,001,164 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-299502267-839522115-1003UA.job [2012-11-01 21:38:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Kuba i Michał\Pulpit\OTL.exe [2012-11-01 21:38:13 | 000,302,592 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\wqxx47nn.exe [2012-11-01 20:56:00 | 000,000,930 | ---- | M] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-11-01 20:37:26 | 000,000,796 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2012-11-01 20:26:33 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat [2012-11-01 18:18:41 | 000,054,016 | ---- | M] () -- D:\WINDOWS\System32\drivers\lbmdv.sys [2012-11-01 16:51:44 | 000,002,284 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl [2012-10-31 00:50:55 | 524,288,000 | ---- | M] () -- D:\REMOVE_THIS_FILE.livecd.swap [2012-10-30 02:40:10 | 000,000,815 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\New Star Soccer 3.lnk [2012-10-30 02:40:10 | 000,000,761 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\DSJ4.lnk [2012-10-30 02:40:10 | 000,000,722 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\CCleaner.lnk [2012-10-29 23:18:44 | 001,735,638 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\Michał Kwiatkowski.bmp [2012-10-29 20:13:00 | 000,001,112 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-299502267-839522115-1003Core.job [2012-10-29 20:01:15 | 000,000,855 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Oracle VM VirtualBox.lnk [2012-10-29 19:51:09 | 003,698,134 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\Zbigniew Gniewaszewski i Odyseja - Istny cyrk.mp3 [2012-10-29 19:50:50 | 004,698,729 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\Kobranocka - Kocham Cie jak Irlandie.mp3 [2012-10-29 19:50:43 | 007,061,452 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\Turbo - Dorosłe Dzieci.mp3 [2012-10-29 19:49:45 | 005,040,201 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\Tsa - 51.mp3 [2012-10-29 19:49:25 | 005,742,791 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\Meness - One perfect love.mp3 [2012-10-29 17:09:00 | 000,000,924 | ---- | M] () -- D:\WINDOWS\tasks\Google Software Updater.job [2012-10-29 16:08:58 | 098,882,004 | ---- | M] () -- D:\WINDOWS\System32\drivers\AVG\incavi.avm [2012-10-26 15:35:01 | 000,001,324 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat [2012-10-25 21:09:17 | 000,002,496 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\Google Chrome.lnk [2012-10-22 21:24:15 | 000,209,495 | ---- | M] () -- D:\WINDOWS\System32\drivers\AVG\iavichjg.avm [2012-10-14 19:26:20 | 000,116,736 | ---- | M] () -- D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-10-09 21:28:59 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerApp.exe [2012-10-09 21:28:59 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-10-09 21:28:53 | 010,220,472 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerInstaller.exe [2012-10-02 23:31:20 | 000,093,672 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\WindowsAccessBridge.dll [2012-10-02 23:31:18 | 000,821,736 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\npDeployJava1.dll [2012-10-02 23:31:18 | 000,746,984 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\deployJava1.dll [2012-10-02 23:31:18 | 000,246,760 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\javaws.exe [2012-10-02 23:31:18 | 000,174,056 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\javaw.exe [2012-10-02 23:31:18 | 000,174,056 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\java.exe [2012-10-02 23:31:18 | 000,143,872 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\javacpl.cpl [6 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ] [1 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-11-01 21:38:13 | 000,302,592 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\wqxx47nn.exe [2012-11-01 20:37:26 | 000,000,796 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2012-11-01 18:18:41 | 000,054,016 | ---- | C] () -- D:\WINDOWS\System32\drivers\lbmdv.sys [2012-10-31 00:49:50 | 524,288,000 | ---- | C] () -- D:\REMOVE_THIS_FILE.livecd.swap [2012-10-29 23:18:44 | 001,735,638 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\Michał Kwiatkowski.bmp [2012-10-29 20:01:15 | 000,000,855 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Oracle VM VirtualBox.lnk [2012-10-29 19:50:38 | 003,698,134 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\Zbigniew Gniewaszewski i Odyseja - Istny cyrk.mp3 [2012-10-29 19:50:15 | 004,698,729 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\Kobranocka - Kocham Cie jak Irlandie.mp3 [2012-10-29 19:49:55 | 007,061,452 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\Turbo - Dorosłe Dzieci.mp3 [2012-10-29 19:49:07 | 005,040,201 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\Tsa - 51.mp3 [2012-10-29 19:48:39 | 005,742,791 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\Meness - One perfect love.mp3 [2012-10-02 22:20:01 | 000,019,265 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Pulpit\I.3.2.e-nauczanie.dotx [2012-07-17 21:58:19 | 000,314,880 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\fnsri.exe [2012-07-05 17:12:40 | 000,020,364 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\.recently-used.xbel [2012-04-29 15:56:31 | 000,043,520 | ---- | C] () -- D:\WINDOWS\System32\CmdLineExt03.dll [2012-04-16 20:06:43 | 002,469,760 | ---- | C] () -- D:\WINDOWS\System32\BootMan.exe [2012-04-16 20:06:43 | 000,086,408 | ---- | C] () -- D:\WINDOWS\System32\setupempdrv03.exe [2012-04-16 20:06:43 | 000,019,840 | ---- | C] () -- D:\WINDOWS\System32\EuEpmGdi.dll [2012-04-16 20:06:43 | 000,013,192 | ---- | C] () -- D:\WINDOWS\System32\epmntdrv.sys [2012-04-16 20:06:43 | 000,008,456 | ---- | C] () -- D:\WINDOWS\System32\EuGdiDrv.sys [2012-04-11 21:14:50 | 000,002,168 | ---- | C] () -- D:\WINDOWS\Sandboxie.ini [2012-04-10 21:17:47 | 000,000,056 | ---- | C] () -- D:\WINDOWS\SpeedGear.INI [2012-03-15 20:44:57 | 000,069,383 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Bez nazwy.xcf [2012-03-03 18:29:12 | 000,000,000 | ---- | C] () -- D:\WINDOWS\popcreg.dat [2012-03-03 18:29:12 | 000,000,000 | ---- | C] () -- D:\WINDOWS\popcinfot.dat [2012-01-08 19:31:18 | 000,000,042 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\TheHunterSettings_local.cfg [2011-12-15 09:09:42 | 000,042,392 | ---- | C] () -- D:\WINDOWS\System32\xfcodec.dll [2011-09-02 00:34:44 | 000,000,034 | -H-- | C] () -- D:\WINDOWS\System32\Converter_sysquict.dat [2011-06-04 17:32:42 | 000,258,048 | ---- | C] () -- D:\WINDOWS\System32\libFLAC.dll [2011-04-09 21:25:28 | 000,179,261 | ---- | C] () -- D:\WINDOWS\System32\xlive.dll.cat [2011-04-04 19:29:57 | 000,000,125 | ---- | C] () -- D:\Program Files\plugin.ini [2011-04-04 19:29:55 | 000,159,744 | ---- | C] () -- D:\Program Files\vrayspawner2009.exe [2011-04-04 19:29:55 | 000,139,776 | ---- | C] () -- D:\Program Files\vraydummy2009.max [2011-04-04 19:29:55 | 000,006,213 | ---- | C] () -- D:\Program Files\vraydummy2009.xml [2011-04-04 17:14:52 | 000,057,552 | ---- | C] () -- D:\WINDOWS\System32\WkDos.exe [2011-03-18 20:12:31 | 000,001,250 | ---- | C] () -- D:\WINDOWS\eReg.dat [2011-02-14 23:05:24 | 000,250,824 | ---- | C] () -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2011-02-03 16:39:06 | 000,000,058 | ---- | C] () -- D:\WINDOWS\my.ini [2011-01-28 18:36:53 | 000,000,144 | ---- | C] () -- D:\WINDOWS\hdkctnts.ini [2011-01-28 18:34:47 | 000,000,891 | ---- | C] () -- D:\WINDOWS\Gfact.ini [2011-01-28 18:33:24 | 000,285,696 | ---- | C] () -- D:\WINDOWS\cncs232.dll [2011-01-28 18:33:24 | 000,073,728 | ---- | C] () -- D:\WINDOWS\CCTrans.dll [2010-12-17 20:22:53 | 000,064,048 | ---- | C] () -- D:\WINDOWS\System32\Hidhlp.dll [2010-12-17 20:22:53 | 000,049,152 | ---- | C] () -- D:\WINDOWS\System32\iFT33C2.dll [2010-12-17 20:22:53 | 000,026,672 | ---- | C] () -- D:\WINDOWS\System32\drivers\Mac606.sys [2010-12-07 01:06:14 | 000,058,750 | ---- | C] () -- D:\WINDOWS\System32\w3ctrs.ini [2010-12-07 01:06:14 | 000,014,972 | ---- | C] () -- D:\WINDOWS\System32\axperf.ini [2010-12-07 01:06:09 | 000,018,031 | ---- | C] () -- D:\WINDOWS\System32\infoctrs.ini [2010-12-06 00:27:11 | 000,098,816 | ---- | C] () -- D:\WINDOWS\sed.exe [2010-12-06 00:27:11 | 000,080,412 | ---- | C] () -- D:\WINDOWS\grep.exe [2010-12-06 00:27:11 | 000,068,096 | ---- | C] () -- D:\WINDOWS\zip.exe [2010-12-05 17:17:01 | 000,000,000 | ---- | C] () -- D:\WINDOWS\frontpg.ini [2010-12-05 17:16:33 | 000,023,152 | ---- | C] () -- D:\WINDOWS\System32\smtpctrs.ini [2010-12-05 17:16:33 | 000,001,092 | ---- | C] () -- D:\WINDOWS\System32\ntfsdrct.ini [2010-09-12 15:21:59 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\sys.trdi [2010-08-25 20:59:55 | 017,853,214 | ---- | C] () -- D:\Program Files\Chicken Invaders 3 Xmas.rar [2010-08-15 02:06:16 | 000,000,063 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\bynacam_config.ini [2010-07-19 16:26:36 | 000,002,528 | ---- | C] () -- D:\Documents and Settings\LocalService\Dane aplikacji\$_hpcst$.hpc [2010-07-10 00:28:29 | 002,355,396 | ---- | C] () -- D:\Program Files\ElfBot NG.rar [2010-05-03 23:35:21 | 000,138,056 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\PnkBstrK.sys [2009-12-14 23:46:29 | 000,116,736 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-09 23:11:04 | 003,444,170 | ---- | C] () -- D:\Program Files\TibiaBot NG.rar [2009-07-18 17:28:26 | 003,012,950 | ---- | C] () -- D:\Program Files\Remere's Map Editor.rar [2009-06-13 18:48:15 | 000,002,528 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\$_hpcst$.hpc [2009-04-30 21:07:31 | 000,000,414 | RHS- | C] () -- D:\Documents and Settings\All Users\ntuser.pol [2009-03-31 15:16:24 | 000,040,960 | ---- | C] () -- D:\Program Files\Uninstall_CDS.exe [2009-03-31 14:04:48 | 000,000,671 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\vso_ts_preview.xml [2009-03-31 14:04:39 | 000,087,608 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\inst.exe [2009-03-31 14:04:39 | 000,007,887 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\pcouffin.cat [2009-03-31 14:04:39 | 000,001,144 | ---- | C] () -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\pcouffin.inf [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-03-17 19:04:04 | 000,000,227 | RHS- | M] () -- D:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2010-04-16 20:39:01 | 001,509,888 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = D:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 15:23:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = D:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 16:30:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2009-12-01 22:37:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools [2009-12-01 22:37:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite [2009-12-01 22:37:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Pro [2009-11-06 17:52:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Administrator\Dane aplikacji\Tibia [2009-06-26 22:32:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\2DBoy [2010-04-23 20:57:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2011-03-13 20:44:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2012-08-30 22:11:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search [2012-07-18 15:06:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\AVG2012 [2011-06-13 23:56:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\BioWare [2009-11-03 17:48:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2009-09-29 18:14:09 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\CanonBJ [2009-04-06 14:54:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\CanonIJPLM [2012-01-12 19:40:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2012-07-17 23:02:15 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Common Files [2010-01-15 23:01:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2012-07-01 20:27:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\dingogames [2012-09-16 20:21:33 | 000,000,000 | -HSD | M] -- D:\Documents and Settings\All Users\Dane aplikacji\DSS [2010-11-06 01:57:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\EA Core [2011-11-08 22:22:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2009-11-13 00:25:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\EPSON [2009-08-21 14:50:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-11-11 01:53:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Farm Fishes [2010-01-24 02:11:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-05-07 23:51:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\id Software [2011-08-19 14:35:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-01-03 16:53:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\InterAction studios [2011-02-19 23:52:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\IObit [2012-06-27 15:58:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla [2012-09-20 18:06:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\KONAMI [2012-10-29 21:52:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\MFAData [2011-02-20 00:56:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Nexon [2011-02-20 00:56:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\NexonEU [2010-11-17 18:32:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2012-09-10 20:59:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2011-08-14 17:43:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\RDRM [2010-01-03 19:36:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Recisio [2009-04-06 14:53:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ScanSoft [2010-11-03 23:45:08 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Solidshield [2011-02-07 21:50:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Sony [2010-01-21 23:21:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Sports Interactive [2011-09-18 21:13:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TechSmith [2012-10-29 16:03:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-04-27 20:42:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TrackMania [2009-11-06 23:14:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TrackMania United [2009-11-13 00:29:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\UDL [2011-09-20 02:12:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Zylom [2012-04-16 19:12:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3} [2011-08-21 22:31:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\bot\Dane aplikacji\.minecraft [2012-07-19 22:23:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\bot\Dane aplikacji\AVG2012 [2010-07-03 15:05:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\bot\Dane aplikacji\DAEMON Tools Lite [2011-03-05 20:07:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\bot\Dane aplikacji\facemoods.com [2010-06-08 18:27:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\bot\Dane aplikacji\Gadu-Gadu 10 [2012-02-17 20:39:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\bot\Dane aplikacji\ipla [2010-07-02 22:23:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\bot\Dane aplikacji\Pandion [2011-09-20 22:13:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\bot\Dane aplikacji\Publish Providers [2011-09-20 22:12:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\bot\Dane aplikacji\Sony [2012-03-08 21:15:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\bot\Dane aplikacji\Sports Interactive [2012-09-06 22:36:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\bot\Dane aplikacji\Tibia [2011-08-18 19:59:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\bot\Dane aplikacji\uTorrent [2011-06-15 15:13:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i MichaB\Dane aplikacji\2K Sports [2009-11-11 21:10:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Micha³\Dane aplikacji\sqlitestudio [2011-12-16 21:53:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i MichaĹ‚\Dane aplikacji\IrfanView [2009-06-03 20:18:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i MichaĹ‚\Dane aplikacji\SecondLife [2012-06-17 18:09:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\.minecraft [2011-02-12 11:47:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\AnvSoft [2009-06-14 14:27:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Atari [2011-03-13 20:44:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Autodesk [2012-07-17 23:04:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\AVG Secure Search [2012-07-17 23:05:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\AVG2012 [2010-09-22 19:13:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\BitComet [2010-10-17 17:01:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\BITS [2011-06-09 17:57:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\BlackBean [2012-02-29 00:48:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Blender Foundation [2011-06-13 20:17:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Broad Intelligence [2009-04-07 17:27:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Canon [2011-07-17 19:25:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Chirurgie Simulation [2009-03-17 19:41:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\DAEMON Tools [2012-10-14 20:16:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\DAEMON Tools Lite [2011-07-04 16:34:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\DAEMON Tools Pro [2012-02-10 19:38:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Dev-Cpp [2012-07-01 20:27:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\dingogames [2009-03-27 21:16:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Disney Interactive Studios [2011-04-16 15:44:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\dll-files.com [2011-02-20 16:53:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\DNA [2009-11-17 23:06:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\EPSON [2011-02-12 11:22:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\facemoods.com [2009-05-09 13:09:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\FarmingSimulator2008 [2010-04-23 22:11:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\FlashGet [2010-10-06 20:01:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\FlashGetBHO [2011-06-25 18:06:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Flat Ocean Map [2012-03-24 18:46:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\fltk.org [2009-03-17 00:52:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Gadu-Gadu [2009-11-22 14:43:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Gadu-Gadu 10 [2009-08-15 14:40:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\GanymedeNet [2012-01-26 20:38:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\GetRightToGo [2010-07-08 15:30:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\GHISLER [2012-07-05 17:12:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\gtk-2.0 [2010-05-07 23:54:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\id Software [2009-03-31 15:19:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\InterTrust [2012-10-22 01:49:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\ipla [2009-09-22 16:18:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\K-K-S-N [2009-09-22 16:09:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Kaspersky_Key_Finder_(KKF [2009-03-23 18:38:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Leadertech [2010-12-15 18:18:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\LolClient [2011-11-08 22:40:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Need for Speed World [2009-06-01 00:36:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Nowe Gadu-Gadu [2010-02-01 22:28:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\OpenFM [2010-03-14 01:51:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\OpenOffice.org [2011-06-09 23:10:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Opera [2012-08-19 23:18:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Oracle [2010-12-13 18:36:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Pandion [2011-06-02 22:19:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\PowerChallenge [2011-02-09 01:05:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Publish Providers [2011-02-18 01:20:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\RDRM [2009-05-10 16:29:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Remere's Map Editor [2011-09-14 21:41:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Rovio [2009-04-06 14:54:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\ScanSoft [2009-06-09 14:49:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\SecondLife [2011-02-07 22:13:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Sony [2011-10-23 00:01:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Sports Interactive [2010-07-06 18:46:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\sqlitestudio [2011-11-16 20:42:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\SuperMemo World [2012-03-26 20:31:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Teeworlds [2011-09-19 00:21:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Thinstall [2012-08-29 15:48:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Tibia [2010-04-03 02:07:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Tibiacast [2012-05-16 21:52:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\TibiaME [2012-07-03 18:12:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\TibiaTestserver [2012-07-23 22:06:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\TS3Client [2011-03-29 22:57:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Unity [2012-11-01 20:27:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\uTorrent [2009-03-31 14:14:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Vso [2012-04-05 01:03:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\wargaming.net [2009-07-10 22:37:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba i Michał\Dane aplikacji\WoDBO [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 231 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B @Alternate Data Stream - 103 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 < End of report >