OTL logfile created on: 2012-12-01 09:48:32 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Jes\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,99 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 63,14% Memory free
3,84 Gb Paging File | 3,25 Gb Available in Paging File | 84,61% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69,65 Gb Total Space | 4,58 Gb Free Space | 6,57% Space Free | Partition Type: NTFS
Drive D: | 69,63 Gb Total Space | 3,95 Gb Free Space | 5,68% Space Free | Partition Type: NTFS
Drive F: | 9,77 Gb Total Space | 0,08 Gb Free Space | 0,79% Space Free | Partition Type: NTFS
 
Computer Name: DOM-22A0F136081 | User Name: Jes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-11-16 11:46:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jes\Pulpit\OTL.exe
PRC - [2012-11-14 08:27:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Dane aplikacji\lsass.exe
PRC - [2012-11-12 14:22:38 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012-11-12 14:22:36 | 001,431,472 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012-11-08 14:45:47 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012-11-08 14:45:46 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
PRC - [2012-09-13 14:26:52 | 001,006,448 | ---- | M] () -- C:\WINDOWS\system32\dmwu.exe
PRC - [2012-08-15 18:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2012-05-04 14:43:20 | 001,561,768 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2012-04-04 17:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2011-08-12 08:51:23 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-05-03 08:17:39 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011-01-31 21:48:26 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011-01-25 19:01:13 | 004,771,184 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe
PRC - [2011-01-25 17:11:55 | 003,632,128 | ---- | M] () -- C:\Program Files\Acer\Bio-Protection fingerprint solution\FPLaunch.exe
PRC - [2011-01-25 17:11:53 | 003,805,184 | ---- | M] () -- C:\Program Files\Acer\Bio-Protection fingerprint solution\PdtWzd.exe
PRC - [2011-01-25 13:38:35 | 000,212,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Jes\Ustawienia lokalne\Temp\RtkBtMnt.exe
PRC - [2010-12-16 06:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-05-21 01:16:24 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010-05-21 01:16:22 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010-01-15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-10-16 18:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2007-08-15 08:49:26 | 000,063,040 | ---- | M] () -- D:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
PRC - [2007-03-15 12:54:48 | 000,057,344 | ---- | M] (Cepstral, LLC) -- C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-11-14 08:27:37 | 000,098,304 | ---- | M] () -- C:\Documents and Settings\Jes\Ustawienia lokalne\Temp\wpbt0.dll
MOD - [2012-11-08 14:45:47 | 001,796,552 | ---- | M] () -- C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
MOD - [2012-11-08 14:45:47 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012-11-08 14:45:47 | 000,566,728 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll
MOD - [2012-11-08 14:45:47 | 000,134,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll
MOD - [2012-11-08 14:45:46 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
MOD - [2012-09-13 14:26:52 | 001,006,448 | ---- | M] () -- C:\WINDOWS\system32\dmwu.exe
MOD - [2012-09-13 14:24:48 | 000,028,160 | ---- | M] () -- C:\WINDOWS\system32\ImHttpComm.dll
MOD - [2011-01-25 17:11:55 | 003,632,128 | ---- | M] () -- C:\Program Files\Acer\Bio-Protection fingerprint solution\FPLaunch.exe
MOD - [2011-01-25 17:11:54 | 000,089,600 | ---- | M] () -- C:\Program Files\Acer\Bio-Protection fingerprint solution\PwdFilter.dll
MOD - [2011-01-25 17:11:53 | 003,805,184 | ---- | M] () -- C:\Program Files\Acer\Bio-Protection fingerprint solution\PdtWzd.exe
MOD - [2010-12-16 06:20:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll
MOD - [2010-12-16 06:20:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2010-12-16 06:20:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll
MOD - [2010-12-16 06:20:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll
MOD - [2010-12-16 06:20:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll
MOD - [2010-11-17 13:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010-08-06 20:01:42 | 002,404,352 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll
MOD - [2010-08-06 20:01:42 | 001,515,520 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll
MOD - [2010-08-06 20:01:42 | 001,040,384 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2010-08-06 20:01:42 | 000,389,120 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll
MOD - [2010-08-06 20:01:42 | 000,323,584 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll
MOD - [2010-08-06 20:01:40 | 013,553,664 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2010-08-06 20:01:38 | 008,818,688 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll
MOD - [2010-08-06 20:01:22 | 003,334,144 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXmlPatterns4.dll
MOD - [2010-08-06 20:00:32 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2010-08-06 20:00:32 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2010-08-06 20:00:32 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2010-08-06 20:00:32 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2010-08-06 20:00:32 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2010-05-04 15:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2010-03-19 08:33:38 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll
MOD - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2010-01-28 13:57:58 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010-01-21 00:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010-01-09 19:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009-10-16 18:45:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007-08-15 08:49:26 | 000,063,040 | ---- | M] () -- D:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
MOD - [2007-06-22 14:37:32 | 000,691,200 | ---- | M] () -- C:\Program Files\Acer\Bio-Protection fingerprint solution\CustomRes.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2012-11-12 14:22:36 | 001,431,472 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-11-08 14:45:46 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012-10-30 07:47:57 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-09-13 14:26:52 | 001,006,448 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\dmwu.exe -- (WebOptimizer)
SRV - [2012-04-04 17:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011-08-12 08:51:23 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011-05-03 08:17:39 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010-01-21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010-01-15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008-08-07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007-08-15 08:49:26 | 000,063,040 | ---- | M] () [Auto | Running] -- D:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe -- (PnkBstrA)
SRV - [2007-03-15 12:54:48 | 000,057,344 | ---- | M] (Cepstral, LLC) [Auto | Running] -- C:\Program Files\Cepstral\bin\CepstralLicSrv.exe -- (Cepstral License Server)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012-11-08 14:45:48 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2011-08-12 08:51:25 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011-08-12 08:51:24 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-12-30 11:59:18 | 006,290,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010-02-05 16:15:24 | 001,599,136 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009-11-12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-10-16 18:45:00 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3132r5.sys -- (Si3132r5)
DRV - [2009-10-16 18:45:00 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3531.sys -- (Si3531)
DRV - [2009-10-16 18:45:00 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\Si3114r5.sys -- (Si3114r5)
DRV - [2009-10-16 18:45:00 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3132.sys -- (Si3132)
DRV - [2009-10-16 18:45:00 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3124.sys -- (Si3124)
DRV - [2009-10-16 18:45:00 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2009-05-11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-03-18 15:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-02-16 15:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007-01-26 07:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (Int15)
DRV - [2006-12-22 23:26:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006-12-22 23:26:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006-12-22 23:25:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006-09-14 01:21:54 | 000,002,240 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\LENDIG.sys -- (LENDIG)
DRV - [2002-04-17 19:27:02 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\asapi.sys -- (Asapi)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1346868495_677128
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=18&barid={6A421591-3198-4F87-8B5F-08E1C4C7FDF1}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={6A421591-3198-4F87-8B5F-08E1C4C7FDF1}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1346868495_677128
IE - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={65F74B49-B3B6-4F5A-AC83-1E5CE7609B8C}&mid=&lang=pl&ds=st011&pr=sa&d=2012-06-14 17:14:05&v=12.2.5.32&sap=hp
IE - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={65F74B49-B3B6-4F5A-AC83-1E5CE7609B8C}&mid=&lang=pl&ds=st011&pr=sa&d=2012-06-14 17:14:05&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6PQEIRCuDe&i=26
IE - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={6A421591-3198-4F87-8B5F-08E1C4C7FDF1}
IE - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\FireFoxExt\13.2.0.5 [2012-11-08 14:46:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-10-30 07:48:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-10-30 07:47:18 | 000,000,000 | ---D | M]
 
[2011-01-25 13:57:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jes\Dane aplikacji\Mozilla\Extensions
[2012-10-30 07:46:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-10-30 07:48:01 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-07-12 16:58:39 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-11-08 14:46:12 | 000,003,501 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-07-12 16:58:39 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-07-12 16:58:39 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-07-12 16:58:39 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-09-05 20:32:17 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
[2012-07-12 16:58:39 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-07-12 16:58:39 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: https://isearch.avg.com/?cid={65F74B49-B3B6-4F5A-AC83-1E5CE7609B8C}&mid=&lang=pl&ds=st011&pr=sa&d=2012-06-14%2017:14:05&v=12.2.5.32&sap=hp
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://isearch.avg.com/?cid={65F74B49-B3B6-4F5A-AC83-1E5CE7609B8C}&mid=&lang=pl&ds=st011&pr=sa&d=2012-06-14%2017:14:05&v=12.2.5.32&sap=hp
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: SweetIM GC Helper (Enabled) = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\mgHelperGCFB.dll
CHR - plugin: Perion plugin (Enabled) = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
CHR - Extension: New tab for Chrome\u2122 = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: AVG Secure Search = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\
CHR - Extension: AVG Secure Search = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak
CHR - Extension: DownloadnSave = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\obpahdcghgfonapoppbahnikagejnjbi\1.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: YouTube = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
CHR - Extension: New tab for Chrome\u2122 = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: AVG Secure Search = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\
CHR - Extension: AVG Secure Search = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak
CHR - Extension: DownloadnSave = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\obpahdcghgfonapoppbahnikagejnjbi\1.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009-10-16 18:45:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll File not found
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Alive Text to Speech) - {954F618B-0DEC-4D1A-9317-E0FC96F87865} - C:\Program Files\AliveMedia\Text to Speech\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Bio-Protection fingerprint solution\PdtWzd.exe ()
O4 - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\Jes\Menu Start\Programy\Autostart\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Jes\Menu Start\Programy\Autostart\ctfmon.lnk = C:\Documents and Settings\All Users\Dane aplikacji\lsass.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Jes\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-1770027372-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Bio-Protection fingerprint solution\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Bio-Protection fingerprint solution\PwdBank.exe ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Bio-Protection fingerprint solution\WinNotify.dll) - C:\Program Files\Acer\Bio-Protection fingerprint solution\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-01-24 17:55:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-11-28 21:23:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jes\Menu Start\Programy\Codemasters
[2012-11-26 17:25:40 | 000,744,960 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\IR41_32.DLL
[2012-11-26 12:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\UbiSoft
[2012-11-21 13:37:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jes\Pulpit\Nowy folder
[2012-11-20 10:21:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jes\Pulpit\OTl
[2012-11-20 09:50:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jes\Pulpit\OTL.exe
[2012-11-20 09:30:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012-11-20 09:25:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jes\Pulpit\Stare dane programu Firefox
[2012-11-16 07:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jes\Dane aplikacji\Nomad Factory
[2012-11-16 07:17:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jes\Menu Start\Programy\Nomad Factory
[2012-11-16 07:17:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jes\Moje dokumenty\Nomad Factory
[2012-11-16 07:16:52 | 000,000,000 | ---D | C] -- C:\Program Files\Nomad Factory
[2012-11-14 08:27:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Dane aplikacji\lsass.exe
[2012-11-12 18:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2012-11-12 18:25:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi
[2012-11-11 19:51:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jes\Moje dokumenty\JSP AVA
[2012-11-09 12:03:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jes\Moje dokumenty\Demówki Nieużywalne
[2012-11-07 14:38:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jes\Pulpit\Praktyka 12.XI.2012
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-12-01 09:56:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012-12-01 09:42:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-11-30 17:59:00 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1770027372-1644491937-1003UA.job
[2012-11-29 06:59:00 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1770027372-1644491937-1003Core.job
[2012-11-27 17:46:46 | 000,089,600 | ---- | M] () -- C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-11-26 17:25:40 | 000,744,960 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\IR41_32.DLL
[2012-11-22 22:48:03 | 000,535,370 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-11-22 22:48:03 | 000,475,470 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-11-22 22:48:03 | 000,094,576 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-11-22 22:48:03 | 000,076,504 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-11-20 10:05:13 | 000,000,187 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\Skrót do KINGSTON (I).lnk
[2012-11-18 15:01:13 | 013,488,060 | ---- | M] () -- C:\Documents and Settings\Jes\Moje dokumenty\SNA 66 (Inv Piano)_2.wav
[2012-11-17 16:35:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-11-17 13:51:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-11-16 11:46:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jes\Pulpit\OTL.exe
[2012-11-14 15:19:05 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\0tbpw.pad
[2012-11-14 15:17:50 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-11-14 08:27:52 | 000,001,032 | ---- | M] () -- C:\Documents and Settings\Jes\Menu Start\Programy\Autostart\ctfmon.lnk
[2012-11-14 08:27:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Dane aplikacji\lsass.exe
[2012-11-08 14:45:48 | 000,026,984 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2012-11-07 06:02:44 | 000,002,286 | ---- | M] () -- C:\Documents and Settings\Jes\Pulpit\Google Chrome.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-11-20 10:05:13 | 000,000,187 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\Skrót do KINGSTON (I).lnk
[2012-11-18 15:01:13 | 013,488,060 | ---- | C] () -- C:\Documents and Settings\Jes\Moje dokumenty\SNA 66 (Inv Piano)_2.wav
[2012-11-14 08:27:52 | 000,001,032 | ---- | C] () -- C:\Documents and Settings\Jes\Menu Start\Programy\Autostart\ctfmon.lnk
[2012-11-14 08:27:42 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\0tbpw.pad
[2012-10-05 23:59:03 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2012-09-26 16:39:27 | 000,673,610 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2012-09-26 16:39:27 | 000,010,270 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2012-09-16 10:37:25 | 001,006,448 | ---- | C] () -- C:\WINDOWS\System32\dmwu.exe
[2012-09-16 10:37:25 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ImHttpComm.dll
[2012-04-01 11:15:21 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\Crystal Ambient.fxb
[2012-04-01 11:12:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\crystal-calmness.fst
[2012-03-03 14:04:20 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\Głos001.mp3
[2012-02-22 17:51:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\gdfsgfda2.mid
[2012-02-10 11:14:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\logofinal.jpg
[2012-02-10 11:13:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\logofinal.bmp
[2012-02-04 23:23:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\bell.mp3
[2012-02-03 23:22:36 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\ambient15.mp3
[2012-02-03 21:30:34 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\blue void - fade to black.mp3
[2012-02-01 01:31:20 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\bell2.mp3
[2012-01-28 17:11:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\Mr Hurricane - Milion Dollar Business.mp3
[2012-01-23 14:45:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\Mr Hurricane - Journey to the Underground.mp3
[2011-11-10 18:39:51 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Q3version.ini
[2011-11-10 18:39:29 | 000,000,551 | ---- | C] () -- C:\WINDOWS\Qiii.INI
[2011-10-19 18:17:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\P191011_19.15.JPG
[2011-08-15 14:31:29 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll
[2011-08-15 14:31:29 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-08-15 14:31:29 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-08-05 09:12:08 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-08-02 21:19:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\blue void - alaska underground.mp3
[2011-08-01 10:10:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\untitled2_2.mp3
[2011-07-23 15:31:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\blue void - ectoplasm_2.mp3
[2011-07-19 23:11:45 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\IWUninstall.exe
[2011-06-25 21:30:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\BHH.mp3
[2011-06-24 15:27:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\blue void - ectoplasm.mp3
[2011-06-24 15:24:41 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\blue void - reaching the sun.mp3
[2011-06-20 12:25:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\gdfsgfda.mid
[2011-06-20 11:52:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\gdfsgfda.mp3
[2011-06-15 18:47:41 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\Selected.fst
[2011-06-14 19:26:12 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\18cm_1.pdf
[2011-06-14 18:34:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\untitled26.mp3
[2011-06-14 08:56:40 | 000,000,122 | ---- | C] () -- C:\WINDOWS\msmmdx9.ini
[2011-06-12 08:58:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\untitled24.mp3
[2011-06-08 15:10:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\untitled1.mp3
[2011-06-08 15:10:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\ambient1.mp3
[2011-06-05 09:48:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\untitled5.mp3
[2011-05-30 17:18:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\blue void - expanded universe.mp3
[2011-05-28 16:46:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\untitled23.mp3
[2011-05-25 15:33:21 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\chillout-therapy-ep-4.png
[2011-05-25 15:33:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\chilltherapy666u7542.png
[2011-05-02 19:25:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\ambient2.mp3
[2011-04-20 18:07:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\untitled17.mp3
[2011-04-13 13:23:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\untitled.mp3
[2011-04-08 14:59:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\blue void - freezed in motion.mp3
[2011-04-07 15:15:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\chill1.mp3
[2011-04-05 17:17:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\idm1.mp3
[2011-03-28 16:40:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\untitled12.mp3
[2011-03-26 13:12:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\untitled11.mp3
[2011-03-20 23:17:54 | 000,002,684 | ---- | C] () -- C:\Program Files\Chacal.fxp
[2011-03-15 18:31:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jes\blue void - illuminations.mp3
[2011-03-07 10:11:35 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011-02-14 00:32:38 | 003,809,280 | ---- | C] () -- C:\Program Files\Alchemy.dll
[2011-02-14 00:32:37 | 000,000,504 | ---- | C] () -- C:\Program Files\AlchemyAtmospheric.aky
[2011-02-14 00:32:37 | 000,000,503 | ---- | C] () -- C:\Program Files\AlchemyElectronic.aky
[2011-02-14 00:32:37 | 000,000,493 | ---- | C] () -- C:\Program Files\AlchemyKey.aky
[2011-02-14 00:32:34 | 001,191,735 | ---- | C] () -- C:\Program Files\Alchemy.rar
[2011-02-07 18:19:35 | 001,099,858 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-2025429265-1770027372-1644491937-1003-0.dat
[2011-02-07 18:19:34 | 000,162,154 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2011-02-07 13:55:11 | 000,308,672 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2011-02-04 14:25:30 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011-02-03 14:45:03 | 000,089,600 | ---- | C] () -- C:\Documents and Settings\Jes\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-28 14:52:03 | 000,002,892 | ---- | C] () -- C:\WINDOWS\System32\audcon.sys
[2011-01-28 14:48:41 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\SYNSOPOS.exe
[2011-01-28 14:48:41 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\SYNSOPOS.exe.cfg
[2011-01-28 11:54:50 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI
[2011-01-28 11:45:59 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011-01-25 20:24:43 | 000,002,240 | ---- | C] () -- C:\WINDOWS\LENDIG.sys
[2011-01-25 17:11:53 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AtNav.dll
[2011-01-25 14:44:57 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-01-25 14:44:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011-01-25 13:57:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-01-25 13:41:21 | 001,498,560 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin
[2011-01-24 18:43:49 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-01-24 18:42:10 | 000,338,024 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-01-24 18:39:04 | 000,110,602 | ---- | C] () -- C:\WINDOWS\System32\xcdsfx32.bin
[2011-01-24 17:58:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-01-24 17:52:14 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2011-01-28 14:49:50 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009-10-16 18:45:00 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-10-16 18:45:00 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2009-10-16 18:45:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-10-06 00:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Age of Empires 3
[2012-11-08 14:46:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search
[2011-03-07 10:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2011-02-14 00:24:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-07-27 10:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DownloadnSave
[2011-01-28 14:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\eLicenser
[2011-01-25 18:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-07-27 10:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallMate
[2011-01-28 11:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MAGIX
[2012-09-15 10:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-02-06 23:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sports Interactive
[2012-11-20 09:30:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SweetIM
[2011-01-28 14:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Syncrosoft
[2012-03-11 18:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith
[2012-09-14 16:03:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UZC
[2011-08-04 11:42:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{13A9B825-42CB-4973-913D-2194B5A4CF94}
[2011-01-26 07:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011-06-24 11:40:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{9D92E4DF-0CEE-44D4-A4FE-2B4A438E1607}
[2011-06-14 13:07:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
[2012-11-30 08:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\AIMP
[2012-06-14 16:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\AVG Secure Search
[2012-12-01 09:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\BitTorrent
[2011-03-07 10:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\Canneverbe Limited
[2011-02-14 00:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\DAEMON Tools Lite
[2011-02-20 19:10:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\Daichi
[2011-12-12 15:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\fltk.org
[2012-04-04 16:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\FreeAudioPack
[2011-05-31 11:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\FreeCDRipper
[2011-11-10 12:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\Gadu-Gadu 10
[2012-10-26 05:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\Incredibar.com
[2011-04-12 09:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\iZotope
[2012-09-18 14:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\Leadertech
[2011-01-28 11:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\MAGIX
[2011-03-12 14:39:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\Music Recognition
[2012-11-16 07:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\Nomad Factory
[2011-10-11 19:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\OpenFM
[2011-02-05 10:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\OpenOffice.org
[2011-04-02 15:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\Opera
[2012-05-02 19:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\Oracle
[2011-08-15 15:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\Red Kawa
[2011-02-06 21:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\Sports Interactive
[2011-01-28 15:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jes\Dane aplikacji\Waldorf
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >