OTL logfile created on: 2012-12-10 20:48:23 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = R:\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,75 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 68,07% Memory free 2,60 Gb Paging File | 2,00 Gb Available in Paging File | 76,98% Paging File free Paging file location(s): [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 8,13 Gb Free Space | 27,75% Space Free | Partition Type: NTFS Drive D: | 15,63 Gb Total Space | 6,63 Gb Free Space | 42,44% Space Free | Partition Type: NTFS Drive E: | 29,46 Gb Total Space | 6,72 Gb Free Space | 22,80% Space Free | Partition Type: FAT32 Drive G: | 10,82 Gb Total Space | 10,55 Gb Free Space | 97,54% Space Free | Partition Type: FAT32 Drive H: | 10,83 Gb Total Space | 8,57 Gb Free Space | 79,09% Space Free | Partition Type: NTFS Drive I: | 2,13 Gb Total Space | 0,74 Gb Free Space | 35,05% Space Free | Partition Type: FAT32 Drive J: | 19,52 Gb Total Space | 9,84 Gb Free Space | 50,38% Space Free | Partition Type: FAT32 Drive K: | 10,82 Gb Total Space | 7,85 Gb Free Space | 72,55% Space Free | Partition Type: FAT32 Drive L: | 10,82 Gb Total Space | 10,72 Gb Free Space | 99,11% Space Free | Partition Type: FAT32 Drive M: | 6,02 Gb Total Space | 5,48 Gb Free Space | 91,04% Space Free | Partition Type: FAT32 Drive N: | 15,61 Gb Total Space | 1,70 Gb Free Space | 10,89% Space Free | Partition Type: FAT32 Drive O: | 3,62 Gb Total Space | 3,62 Gb Free Space | 99,97% Space Free | Partition Type: FAT32 Drive Q: | 7,80 Gb Total Space | 2,26 Gb Free Space | 28,95% Space Free | Partition Type: FAT32 Drive R: | 7,80 Gb Total Space | 1,53 Gb Free Space | 19,58% Space Free | Partition Type: FAT32 Drive S: | 7,80 Gb Total Space | 2,64 Gb Free Space | 33,90% Space Free | Partition Type: FAT32 Drive T: | 7,80 Gb Total Space | 5,44 Gb Free Space | 69,81% Space Free | Partition Type: FAT32 Drive U: | 7,80 Gb Total Space | 6,91 Gb Free Space | 88,57% Space Free | Partition Type: FAT32 Drive V: | 7,80 Gb Total Space | 2,13 Gb Free Space | 27,37% Space Free | Partition Type: FAT32 Drive W: | 12,01 Gb Total Space | 6,10 Gb Free Space | 50,78% Space Free | Partition Type: FAT32 Drive Y: | 37,27 Gb Total Space | 12,71 Gb Free Space | 34,09% Space Free | Partition Type: NTFS Computer Name: JTD-9822B9A5A69 | User Name: jtd | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-12-10 18:26:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- R:\Moje dokumenty\Downloads\OTL.exe PRC - [2012-12-06 10:48:21 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-04-13 09:17:10 | 001,529,152 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2012-04-13 09:17:08 | 001,220,928 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2011-07-18 16:25:44 | 000,210,656 | ---- | M] () -- C:\Program Files\Przyspiesz Komputer\PCSUService.exe PRC - [2011-03-28 23:46:36 | 013,807,536 | ---- | M] (Ritlabs S.R.L.) -- C:\Program Files\The Bat!\thebat.exe PRC - [2010-02-01 11:12:48 | 000,673,456 | ---- | M] (EIZO NANAO CORPORATION) -- C:\Program Files\EIZO\ScreenSlicer\ESCSlicer.exe PRC - [2009-04-22 15:14:00 | 001,768,376 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe PRC - [2009-04-22 14:24:00 | 001,803,592 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe PRC - [2009-04-22 14:24:00 | 001,447,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe PRC - [2009-02-12 12:02:32 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe PRC - [2009-02-10 15:30:02 | 000,364,544 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\corecom\CoreCom.exe PRC - [2008-06-20 11:11:04 | 000,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\corecom\OraConfigRecover.exe PRC - [2008-06-20 11:08:24 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe PRC - [2008-06-20 11:08:08 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe PRC - [2008-06-10 10:14:42 | 000,147,456 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Systray\SystrayApp.exe PRC - [2008-06-10 10:14:14 | 000,602,864 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Launcher\Launcher.exe PRC - [2008-06-10 10:11:34 | 000,712,704 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe PRC - [2008-06-10 10:11:04 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe PRC - [2008-04-15 11:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-15 11:00:00 | 000,421,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntvdm.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-12-06 10:48:20 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011-07-18 16:25:44 | 000,210,656 | ---- | M] () -- C:\Program Files\Przyspiesz Komputer\PCSUService.exe MOD - [2008-06-19 20:53:03 | 000,060,416 | ---- | M] () -- C:\WINDOWS\system32\antiwpa.dll MOD - [2008-06-10 10:14:36 | 000,589,824 | ---- | M] () -- C:\Program Files\Livebox\Launcher\Plugins\PluginLnhPromptManager2.dll MOD - [2008-06-10 10:14:30 | 000,237,568 | ---- | M] () -- C:\Program Files\Livebox\Launcher\Plugins\PluginLnhRecovery.dll MOD - [2008-04-15 11:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2006-01-25 14:48:36 | 000,032,768 | ---- | M] () -- C:\Program Files\Livebox\Launcher\WatchClient.dll MOD - [2002-09-10 12:57:56 | 000,257,536 | ---- | M] () -- C:\WINDOWS\system32\BiImg.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-12-06 10:48:21 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-11-11 08:56:38 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-04-13 09:17:10 | 001,529,152 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2011-07-18 16:25:44 | 000,210,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Przyspiesz Komputer\PCSUService.exe -- (PCSUService) SRV - [2011-07-07 18:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011-06-15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate) SRV - [2009-06-26 15:06:48 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-04-22 15:14:00 | 001,768,376 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus) SRV - [2009-04-22 14:24:00 | 001,803,592 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService) SRV - [2009-04-22 02:29:00 | 000,324,936 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC) SRV - [2009-02-13 15:02:20 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate) SRV - [2009-02-12 12:02:32 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2009-02-12 12:02:32 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2008-12-10 00:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- I:\Serwer\Apache\bin\httpd.exe -- (Apache2.2) SRV - [2008-06-20 11:08:08 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ZDPSp50.sys -- (ZDPSp50) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ZDCndis5.SYS -- (ZDCndis5) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\viamraid.sys -- (viamraid) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012-11-14 10:12:44 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20121126.020\NAVEX15.SYS -- (NAVEX15) DRV - [2012-11-14 10:12:44 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2012-11-14 10:12:44 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20121126.020\NAVENG.SYS -- (NAVENG) DRV - [2012-11-06 16:43:20 | 000,174,056 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WpsHelper.sys -- (WpsHelper) DRV - [2012-08-10 09:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2012-03-29 14:55:26 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2009-10-22 10:25:14 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2009-10-11 14:58:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2009-06-26 16:32:16 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2009-04-22 14:26:00 | 000,042,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS) DRV - [2009-01-30 12:52:32 | 000,319,792 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL) DRV - [2009-01-30 12:52:32 | 000,280,112 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP) DRV - [2009-01-30 12:52:32 | 000,043,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX) DRV - [2008-11-18 17:17:08 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon) DRV - [2008-10-14 11:24:00 | 000,049,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2) DRV - [2008-09-09 13:54:42 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2008-08-21 10:13:56 | 000,191,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI) DRV - [2008-08-21 10:13:56 | 000,027,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV) DRV - [2008-04-14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2006-03-01 18:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5) DRV - [2005-07-07 09:14:30 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17) DRV - [2005-05-03 16:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2005-01-10 11:15:30 | 000,106,496 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2005-01-10 11:15:24 | 000,138,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2003-09-23 10:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5) DRV - [2003-07-02 03:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1) DRV - [2001-08-10 07:00:00 | 000,003,252 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.SYS -- (PQNTDrv) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{12995981-2FD6-4BEE-9FB0-B1674E8E5E7E}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDtCtAzz0FtD0Bzz0EyEyE0EtC0E0BtN0D0Tzu0CtAyEtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=2012444401 IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&q={searchTerms} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll () IE - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..\SearchScopes\{12995981-2FD6-4BEE-9FB0-B1674E8E5E7E}: "URL" = http://websearch.4shared.com/results?q={searchTerms} IE - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..\SearchScopes\{29C9E9E3-B955-7876-F5D5-1FCF71F16ABB}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110819&tt=010712_2&babsrc=SP_ss&mntrId=546ee1eb00000000000000138f0b8e44 IE - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..\SearchScopes\{4DC0BB60-B3F2-4510-AD29-CE6DB9AB1D67}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} IE - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&q={searchTerms} IE - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@kontakt.wp.pl/WPMSGPlugin,version=1.0.1: C:\Program Files\Spik\mozilla\npwpk.dll ( ) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-12-06 10:48:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-12-06 10:47:58 | 000,000,000 | ---D | M] [2011-11-13 12:10:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jtd\Dane aplikacji\Mozilla\Extensions [2009-12-31 10:24:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jtd\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012-12-06 10:12:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jtd\Dane aplikacji\Mozilla\Firefox\Profiles\wkwsog3i.default-1354047804671\extensions [2012-12-06 10:11:43 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Documents and Settings\jtd\Dane aplikacji\Mozilla\Firefox\Profiles\wkwsog3i.default-1354047804671\extensions\ffxtlbr@funmoods.com [2012-12-06 10:47:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-12-06 10:47:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-12-06 10:47:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-12-06 10:47:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-12-06 10:48:22 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2007-02-04 23:02:56 | 001,642,496 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll [2012-07-27 08:30:46 | 000,077,824 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npwpk.dll [2012-08-09 08:54:10 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2010-03-28 10:04:34 | 000,002,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml [2012-08-09 08:54:10 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-08-09 08:54:10 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-08-09 08:54:10 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-08-09 08:54:10 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-08-09 08:54:10 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.onet.pl/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www.onet.pl/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\pdf.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Documents and Settings\jtd\Dane aplikacji\Mozilla\plugins\np-mswmp.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: LizardTech DjVu (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Spik support plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwpk.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U37 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll CHR - Extension: Dysk Google = C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: Dysk Google = C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: Funmoods = C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\1.0_0\ CHR - Extension: YouTube = C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Nowa karta = C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\5.1_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Giant Savings = C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndkhncnongaclekkbelchmeafffimifj\1.17.12_0\ CHR - Extension: Giant Savings = C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndkhncnongaclekkbelchmeafffimifj\1.20.44_0\crossrider CHR - Extension: Giant Savings = C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndkhncnongaclekkbelchmeafffimifj\1.20.44_0\ CHR - Extension: Gmail = C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012-07-12 19:32:00 | 000,001,247 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 reklama.onet.pl O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O1 - Hosts: 127.0.0.1 legal@nero.com O1 - Hosts: 127.0.0.1 activation@nero.com O1 - Hosts: 127.0.0.1 www.yamicsoft.com O1 - Hosts: 127.0.0.1 secure.tune-up.com O1 - Hosts: 127.0.0.1 www.order.tune-up.com O1 - Hosts: 127.0.0.1 www.tune-up.com O1 - Hosts: 127.0.0.1 www.tune-up.com/order O1 - Hosts: 127.0.0.1 www.registertuneup.com O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll (TechSmith Corporation) O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. O3 - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Livebox\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s File not found O4 - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003..\Run: [thebat_startup] C:\Program Files\The Bat!\thebat.exe (Ritlabs S.R.L.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\EIZO ScreenSlicer.lnk = C:\WINDOWS\Installer\{292A177D-723F-4537-9985-BC8BFCD8B63D}\NewShortcut1_ECE901F38F8D425291BF1815F96683B4.exe (Macrovision Corporation) F3 - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003 WinNT: Load - (C:\YDPDict\watch.exe) - C:\YDPDICT\WATCH.EXE () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Konwertuj do Adobe PDF - Reg Error: Value error. File not found O8 - Extra context menu item: Konwertuj miejsce docelowe łącza do Adobe PDF - Reg Error: Value error. File not found O8 - Extra context menu item: Konwertuj miejsce docelowe łącza do istniejącego pliku PDF - Reg Error: Value error. File not found O8 - Extra context menu item: Konwertuj wybrane łącza do Adobe PDF - Reg Error: Value error. File not found O8 - Extra context menu item: Konwertuj zaznaczenie do Adobe PDF - Reg Error: Value error. File not found O8 - Extra context menu item: Konwertuj zaznaczenie do istniejącego pliku PDF - Reg Error: Value error. File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O15 - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..Trusted Domains: microsoft.com ([*.update] http in Zaufane witryny) O15 - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..Trusted Domains: microsoft.com ([*.windowsupdate] http in Zaufane witryny) O15 - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..Trusted Domains: microsoft.com ([update] http in Zaufane witryny) O15 - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..Trusted Domains: microsoft.com ([update] https in Zaufane witryny) O15 - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..Trusted Domains: microsoft.com ([www.update] https in Zaufane witryny) O15 - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..Trusted Domains: windowsupdate.com ([download] http in Zaufane witryny) O15 - HKU\S-1-5-21-1085031214-1547161642-1644491937-1003\..Trusted Domains: windowsupdate.com ([download] https in Zaufane witryny) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab (DLM Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1245919170406 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1246019997218 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20A29677-44F2-41AB-8BED-9C96530167CB}: NameServer = 194.204.159.1,194.204.152.34 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wpmsg {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program Files\Spik\url_wpmsg.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\Antiwpa: DllName - (antiwpa.dll) - C:\WINDOWS\System32\antiwpa.dll () O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O27 - HKLM IFEO\discspeed.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\frontpg.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\helplauncher.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\imagedrive.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\infotool.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\mspview.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\nero.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\neroburnrights.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\nerorescueagent.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\setupx.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\vcdmount.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\vcdprefs.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\vcd-uninst.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-11-19 15:53:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-12-10 17:26:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2012-12-10 17:04:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome [2012-12-10 17:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\Deployment [2012-12-06 10:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012-12-06 10:12:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jtd\Dane aplikacji\SumatraPDF [2012-12-06 10:12:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jtd\Dane aplikacji\PDFReaderPackages [2012-12-06 10:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\PDFReader [2012-12-02 21:40:23 | 000,000,000 | -HSD | C] -- C:\found.000 [2012-11-30 19:21:36 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys [2012-11-30 19:21:23 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll [2012-11-30 19:21:11 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys [2012-11-30 19:20:50 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys [2012-11-30 19:20:15 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys [2012-11-27 21:23:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jtd\Pulpit\Stare dane programu Firefox [2012-11-27 14:15:13 | 000,000,000 | ---D | C] -- R:\Moje dokumenty\Akta z Bogdanowa [2012-11-26 17:36:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype [2012-11-26 17:36:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-11-25 10:48:00 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2012-11-11 09:00:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\McAfee [2012-11-11 08:56:41 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [2009-03-16 13:36:16 | 001,691,464 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\jtd\dsetup32.dll [2009-03-16 13:35:46 | 000,525,128 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\jtd\DXSETUP.exe [2009-03-16 13:35:34 | 000,094,024 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\jtd\DSETUP.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-12-10 21:06:27 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-12-10 20:41:46 | 000,002,395 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\EIZO ScreenSlicer.lnk [2012-12-10 20:40:58 | 000,177,909 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012-12-10 20:40:05 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-12-10 20:39:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-12-10 20:11:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-12-10 17:40:37 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-12-10 17:40:29 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2012-12-10 17:27:50 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\jtd\Pulpit\Google Chrome.lnk [2012-12-10 16:35:19 | 000,002,507 | ---- | M] () -- C:\Documents and Settings\jtd\Pulpit\E.lnk [2012-12-08 11:33:43 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-12-06 11:55:55 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\jtd\Pulpit\W.lnk [2012-12-06 10:11:31 | 000,290,500 | ---- | M] () -- C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\funmoods-speeddial_sf.crx [2012-12-06 10:11:31 | 000,031,465 | ---- | M] () -- C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\funmoods.crx [2012-11-16 14:52:10 | 000,154,095 | ---- | M] () -- C:\Documents and Settings\jtd\Pulpit\Metrona 1.jpg [2012-11-16 14:45:29 | 000,158,753 | ---- | M] () -- C:\Documents and Settings\jtd\Pulpit\Metrona 2.jpg [2012-11-16 13:29:31 | 001,562,344 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-11-16 11:26:02 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012-11-16 11:23:59 | 000,523,016 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-11-16 11:23:59 | 000,441,750 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-11-16 11:23:59 | 000,098,270 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-11-16 11:23:59 | 000,071,686 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-11-11 08:56:38 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-11-11 08:56:38 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-12-10 17:04:11 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\jtd\Pulpit\Google Chrome.lnk [2012-12-10 17:01:17 | 000,001,030 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-12-10 17:01:17 | 000,001,026 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-12-06 10:12:02 | 000,290,500 | ---- | C] () -- C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\funmoods-speeddial_sf.crx [2012-12-06 10:11:54 | 000,031,465 | ---- | C] () -- C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\funmoods.crx [2012-11-26 17:36:22 | 000,002,267 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2012-11-17 09:01:34 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\jtd\Pulpit\Outlook Express.lnk [2012-11-16 14:51:50 | 000,154,095 | ---- | C] () -- C:\Documents and Settings\jtd\Pulpit\Metrona 1.jpg [2012-11-16 14:45:11 | 000,158,753 | ---- | C] () -- C:\Documents and Settings\jtd\Pulpit\Metrona 2.jpg [2012-02-19 09:31:28 | 000,707,504 | ---- | C] () -- C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\unins000.exe [2012-02-19 09:31:28 | 000,011,761 | ---- | C] () -- C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\unins000.msg [2012-02-19 09:31:27 | 000,002,167 | ---- | C] () -- C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\unins000.dat [2012-02-15 08:11:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011-07-18 20:32:02 | 000,003,051 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2011-02-23 20:57:05 | 000,000,080 | ---- | C] () -- C:\WINDOWS\BROWSER.INI [2011-02-15 17:24:41 | 000,000,041 | ---- | C] () -- C:\WINDOWS\odbcisam.ini [2011-02-15 17:24:39 | 000,000,247 | ---- | C] () -- C:\WINDOWS\EURO.INI [2011-02-15 17:24:39 | 000,000,170 | ---- | C] () -- C:\WINDOWS\ECONFIG.INI [2011-02-15 17:24:39 | 000,000,036 | ---- | C] () -- C:\WINDOWS\SPELL.INI [2011-02-15 17:24:38 | 000,002,253 | ---- | C] () -- C:\WINDOWS\WORDS.INI [2011-02-15 17:24:37 | 000,002,812 | ---- | C] () -- C:\WINDOWS\MEDIATXT.INI [2011-02-15 17:24:37 | 000,002,713 | ---- | C] () -- C:\WINDOWS\PHOTO.INI [2011-02-15 17:24:37 | 000,002,259 | ---- | C] () -- C:\WINDOWS\TEXT.INI [2011-02-15 17:24:37 | 000,002,258 | ---- | C] () -- C:\WINDOWS\QUEST.INI [2011-02-15 17:24:37 | 000,002,256 | ---- | C] () -- C:\WINDOWS\ORDER.INI [2011-02-15 17:24:37 | 000,002,256 | ---- | C] () -- C:\WINDOWS\DICT.INI [2011-02-15 17:24:37 | 000,002,256 | ---- | C] () -- C:\WINDOWS\CHOICE.INI [2011-02-15 17:24:37 | 000,002,255 | ---- | C] () -- C:\WINDOWS\LABEL.INI [2011-02-15 17:24:37 | 000,002,255 | ---- | C] () -- C:\WINDOWS\JIGSAW.INI [2011-02-15 17:24:37 | 000,002,255 | ---- | C] () -- C:\WINDOWS\CLOZE.INI [2011-02-15 17:24:37 | 000,002,253 | ---- | C] () -- C:\WINDOWS\PHREC.INI [2011-02-15 17:24:37 | 000,002,253 | ---- | C] () -- C:\WINDOWS\PHRASE.INI [2011-02-15 17:24:37 | 000,002,253 | ---- | C] () -- C:\WINDOWS\IDENT.INI [2011-02-15 17:24:37 | 000,002,253 | ---- | C] () -- C:\WINDOWS\DLGREC.INI [2011-02-15 17:24:37 | 000,002,253 | ---- | C] () -- C:\WINDOWS\DLGINS.INI [2011-02-15 17:24:37 | 000,002,253 | ---- | C] () -- C:\WINDOWS\CONNECT.INI [2011-02-15 17:24:37 | 000,002,253 | ---- | C] () -- C:\WINDOWS\CHART.INI [2011-02-15 17:24:37 | 000,002,249 | ---- | C] () -- C:\WINDOWS\DIALOGUE.INI [2011-02-15 17:24:37 | 000,002,248 | ---- | C] () -- C:\WINDOWS\DICTONRY.INI [2011-02-15 17:24:37 | 000,002,243 | ---- | C] () -- C:\WINDOWS\FORMS.INI [2011-02-15 17:24:36 | 000,002,442 | ---- | C] () -- C:\WINDOWS\TAPE.INI [2011-02-15 17:24:29 | 000,000,144 | ---- | C] () -- C:\WINDOWS\INDEO.INI [2011-02-06 14:40:36 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\jtd\Dane aplikacji\default.pls [2011-02-06 14:21:34 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\jtd\.rnd [2011-02-04 16:47:01 | 000,000,420 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2011-02-04 16:46:14 | 000,000,824 | ---- | C] () -- C:\WINDOWS\YDPDICT.INI [2011-02-04 15:02:23 | 000,000,063 | ---- | C] () -- C:\Documents and Settings\jtd\.asadminpass [2010-09-03 23:58:18 | 000,000,017 | ---- | C] () -- C:\Documents and Settings\jtd\.javafx_ping_sent [2010-08-05 08:01:33 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\jtd\Dane aplikacji\winscp.rnd [2010-02-12 22:14:46 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-06-26 19:19:17 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\jtd\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-06-26 15:46:56 | 000,000,121 | ---- | C] () -- C:\Documents and Settings\jtd\default.pls [2009-03-16 13:36:48 | 013,264,160 | ---- | C] () -- C:\Documents and Settings\jtd\dxnt.cab [2009-03-16 13:36:48 | 004,162,622 | ---- | C] () -- C:\Documents and Settings\jtd\Apr2006_MDX1_x86_Archive.cab [2009-03-16 13:36:48 | 001,973,694 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2009_d3dx9_41_x64.cab [2009-03-16 13:36:48 | 001,906,870 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2008_d3dx9_40_x64.cab [2009-03-16 13:36:48 | 001,800,152 | ---- | C] () -- C:\Documents and Settings\jtd\AUG2007_d3dx9_35_x64.cab [2009-03-16 13:36:48 | 001,794,076 | ---- | C] () -- C:\Documents and Settings\jtd\Aug2008_d3dx9_39_x64.cab [2009-03-16 13:36:46 | 001,802,050 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2007_d3dx9_36_x64.cab [2009-03-16 13:36:46 | 001,792,600 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2008_d3dx9_38_x64.cab [2009-03-16 13:36:46 | 001,769,854 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2008_d3dx9_37_x64.cab [2009-03-16 13:36:44 | 001,709,352 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2007_d3dx9_36_x86.cab [2009-03-16 13:36:44 | 001,155,483 | ---- | C] () -- C:\Documents and Settings\jtd\BDANT.cab [2009-03-16 13:36:44 | 001,115,221 | ---- | C] () -- C:\Documents and Settings\jtd\Apr2006_d3dx9_30_x86.cab [2009-03-16 13:36:44 | 001,084,712 | ---- | C] () -- C:\Documents and Settings\jtd\Feb2006_d3dx9_29_x86.cab [2009-03-16 13:36:42 | 001,350,534 | ---- | C] () -- C:\Documents and Settings\jtd\Aug2005_d3dx9_27_x64.cab [2009-03-16 13:36:42 | 001,127,209 | ---- | C] () -- C:\Documents and Settings\jtd\OCT2006_d3dx9_31_x86.cab [2009-03-16 13:36:42 | 001,079,456 | ---- | C] () -- C:\Documents and Settings\jtd\Dec2005_d3dx9_28_x86.cab [2009-03-16 13:36:42 | 001,078,954 | ---- | C] () -- C:\Documents and Settings\jtd\Apr2005_d3dx9_25_x86.cab [2009-03-16 13:36:42 | 001,077,644 | ---- | C] () -- C:\Documents and Settings\jtd\Aug2005_d3dx9_27_x86.cab [2009-03-16 13:36:42 | 001,067,160 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2009_d3dx10_41_x64.cab [2009-03-16 13:36:42 | 001,064,917 | ---- | C] () -- C:\Documents and Settings\jtd\Jun2005_d3dx9_26_x86.cab [2009-03-16 13:36:42 | 001,040,745 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2009_d3dx10_41_x86.cab [2009-03-16 13:36:42 | 001,013,217 | ---- | C] () -- C:\Documents and Settings\jtd\Feb2005_d3dx9_24_x86.cab [2009-03-16 13:36:42 | 000,994,146 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2008_d3dx10_40_x64.cab [2009-03-16 13:36:40 | 001,607,766 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2007_d3dx9_34_x64.cab [2009-03-16 13:36:40 | 001,607,286 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2007_d3dx9_34_x86.cab [2009-03-16 13:36:40 | 001,347,346 | ---- | C] () -- C:\Documents and Settings\jtd\Apr2005_d3dx9_25_x64.cab [2009-03-16 13:36:38 | 001,708,144 | ---- | C] () -- C:\Documents and Settings\jtd\AUG2007_d3dx9_35_x86.cab [2009-03-16 13:36:38 | 001,612,446 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2009_d3dx9_41_x86.cab [2009-03-16 13:36:38 | 001,607,358 | ---- | C] () -- C:\Documents and Settings\jtd\APR2007_d3dx9_33_x64.cab [2009-03-16 13:36:38 | 001,606,039 | ---- | C] () -- C:\Documents and Settings\jtd\APR2007_d3dx9_33_x86.cab [2009-03-16 13:36:38 | 001,574,376 | ---- | C] () -- C:\Documents and Settings\jtd\DEC2006_d3dx9_32_x86.cab [2009-03-16 13:36:38 | 001,571,154 | ---- | C] () -- C:\Documents and Settings\jtd\DEC2006_d3dx9_32_x64.cab [2009-03-16 13:36:38 | 001,550,796 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2008_d3dx9_40_x86.cab [2009-03-16 13:36:38 | 001,464,664 | ---- | C] () -- C:\Documents and Settings\jtd\Aug2008_d3dx9_39_x86.cab [2009-03-16 13:36:38 | 001,463,878 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2008_d3dx9_38_x86.cab [2009-03-16 13:36:38 | 001,443,282 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2008_d3dx9_37_x86.cab [2009-03-16 13:36:38 | 001,412,894 | ---- | C] () -- C:\Documents and Settings\jtd\OCT2006_d3dx9_31_x64.cab [2009-03-16 13:36:38 | 001,397,830 | ---- | C] () -- C:\Documents and Settings\jtd\Apr2006_d3dx9_30_x64.cab [2009-03-16 13:36:38 | 001,362,788 | ---- | C] () -- C:\Documents and Settings\jtd\Feb2006_d3dx9_29_x64.cab [2009-03-16 13:36:38 | 001,357,976 | ---- | C] () -- C:\Documents and Settings\jtd\Dec2005_d3dx9_28_x64.cab [2009-03-16 13:36:38 | 001,335,994 | ---- | C] () -- C:\Documents and Settings\jtd\Jun2005_d3dx9_26_x64.cab [2009-03-16 13:36:38 | 001,247,499 | ---- | C] () -- C:\Documents and Settings\jtd\Feb2005_d3dx9_24_x64.cab [2009-03-16 13:36:38 | 000,975,148 | ---- | C] () -- C:\Documents and Settings\jtd\BDAXP.cab [2009-03-16 13:36:38 | 000,965,413 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2008_d3dx10_40_x86.cab [2009-03-16 13:36:38 | 000,916,422 | ---- | C] () -- C:\Documents and Settings\jtd\Apr2006_MDX1_x86.cab [2009-03-16 13:36:38 | 000,867,828 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2008_d3dx10_38_x64.cab [2009-03-16 13:36:38 | 000,867,604 | ---- | C] () -- C:\Documents and Settings\jtd\Aug2008_d3dx10_39_x64.cab [2009-03-16 13:36:36 | 000,864,592 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2007_d3dx10_36_x64.cab [2009-03-16 13:36:36 | 000,852,278 | ---- | C] () -- C:\Documents and Settings\jtd\AUG2007_d3dx10_35_x64.cab [2009-03-16 13:36:36 | 000,849,919 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2008_d3dx10_38_x86.cab [2009-03-16 13:36:36 | 000,849,159 | ---- | C] () -- C:\Documents and Settings\jtd\Aug2008_d3dx10_39_x86.cab [2009-03-16 13:36:34 | 000,844,884 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2008_d3dx10_37_x64.cab [2009-03-16 13:36:34 | 000,818,252 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2008_d3dx10_37_x86.cab [2009-03-16 13:36:34 | 000,803,884 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2007_d3dx10_36_x86.cab [2009-03-16 13:36:34 | 000,796,859 | ---- | C] () -- C:\Documents and Settings\jtd\AUG2007_d3dx10_35_x86.cab [2009-03-16 13:36:34 | 000,698,612 | ---- | C] () -- C:\Documents and Settings\jtd\APR2007_d3dx10_33_x64.cab [2009-03-16 13:36:34 | 000,698,472 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2007_d3dx10_34_x86.cab [2009-03-16 13:36:34 | 000,273,990 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2008_XAudio_x64.cab [2009-03-16 13:36:32 | 000,699,036 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2007_d3dx10_34_x64.cab [2009-03-16 13:36:32 | 000,695,857 | ---- | C] () -- C:\Documents and Settings\jtd\APR2007_d3dx10_33_x86.cab [2009-03-16 13:36:32 | 000,273,203 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2008_XAudio_x86.cab [2009-03-16 13:36:32 | 000,271,360 | ---- | C] () -- C:\Documents and Settings\jtd\Aug2008_XAudio_x64.cab [2009-03-16 13:36:32 | 000,269,842 | ---- | C] () -- C:\Documents and Settings\jtd\Aug2008_XAudio_x86.cab [2009-03-16 13:36:32 | 000,269,620 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2008_XAudio_x64.cab [2009-03-16 13:36:32 | 000,269,016 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2008_XAudio_x86.cab [2009-03-16 13:36:30 | 000,275,036 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2009_XAudio_x64.cab [2009-03-16 13:36:30 | 000,273,010 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2009_XAudio_x86.cab [2009-03-16 13:36:30 | 000,251,194 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2008_XAudio_x64.cab [2009-03-16 13:36:30 | 000,226,242 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2008_XAudio_x86.cab [2009-03-16 13:36:30 | 000,212,799 | ---- | C] () -- C:\Documents and Settings\jtd\DEC2006_d3dx10_00_x64.cab [2009-03-16 13:36:30 | 000,191,720 | ---- | C] () -- C:\Documents and Settings\jtd\DEC2006_d3dx10_00_x86.cab [2009-03-16 13:36:28 | 000,198,088 | ---- | C] () -- C:\Documents and Settings\jtd\AUG2007_XACT_x64.cab [2009-03-16 13:36:28 | 000,197,122 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2007_XACT_x64.cab [2009-03-16 13:36:28 | 000,196,754 | ---- | C] () -- C:\Documents and Settings\jtd\NOV2007_XACT_x64.cab [2009-03-16 13:36:28 | 000,182,361 | ---- | C] () -- C:\Documents and Settings\jtd\OCT2006_XACT_x64.cab [2009-03-16 13:36:28 | 000,180,777 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2006_XACT_x64.cab [2009-03-16 13:36:28 | 000,179,125 | ---- | C] () -- C:\Documents and Settings\jtd\Apr2006_XACT_x64.cab [2009-03-16 13:36:28 | 000,178,351 | ---- | C] () -- C:\Documents and Settings\jtd\Feb2006_XACT_x64.cab [2009-03-16 13:36:26 | 000,195,758 | ---- | C] () -- C:\Documents and Settings\jtd\APR2007_XACT_x64.cab [2009-03-16 13:36:26 | 000,194,675 | ---- | C] () -- C:\Documents and Settings\jtd\FEB2007_XACT_x64.cab [2009-03-16 13:36:26 | 000,192,475 | ---- | C] () -- C:\Documents and Settings\jtd\DEC2006_XACT_x64.cab [2009-03-16 13:36:26 | 000,182,895 | ---- | C] () -- C:\Documents and Settings\jtd\AUG2006_XACT_x64.cab [2009-03-16 13:36:26 | 000,151,225 | ---- | C] () -- C:\Documents and Settings\jtd\APR2007_XACT_x86.cab [2009-03-16 13:36:24 | 000,153,004 | ---- | C] () -- C:\Documents and Settings\jtd\AUG2007_XACT_x86.cab [2009-03-16 13:36:24 | 000,152,909 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2007_XACT_x86.cab [2009-03-16 13:36:24 | 000,147,975 | ---- | C] () -- C:\Documents and Settings\jtd\FEB2007_XACT_x86.cab [2009-03-16 13:36:22 | 000,148,264 | ---- | C] () -- C:\Documents and Settings\jtd\NOV2007_XACT_x86.cab [2009-03-16 13:36:22 | 000,145,591 | ---- | C] () -- C:\Documents and Settings\jtd\DEC2006_XACT_x86.cab [2009-03-16 13:36:22 | 000,138,017 | ---- | C] () -- C:\Documents and Settings\jtd\OCT2006_XACT_x86.cab [2009-03-16 13:36:22 | 000,137,227 | ---- | C] () -- C:\Documents and Settings\jtd\AUG2006_XACT_x86.cab [2009-03-16 13:36:20 | 000,133,663 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2006_XACT_x86.cab [2009-03-16 13:36:20 | 000,133,095 | ---- | C] () -- C:\Documents and Settings\jtd\Apr2006_XACT_x86.cab [2009-03-16 13:36:20 | 000,132,409 | ---- | C] () -- C:\Documents and Settings\jtd\Feb2006_XACT_x86.cab [2009-03-16 13:36:20 | 000,122,328 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2008_XACT_x64.cab [2009-03-16 13:36:20 | 000,121,824 | ---- | C] () -- C:\Documents and Settings\jtd\Aug2008_XACT_x64.cab [2009-03-16 13:36:20 | 000,121,746 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2008_XACT_x64.cab [2009-03-16 13:36:20 | 000,121,498 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2009_XACT_x64.cab [2009-03-16 13:36:20 | 000,121,046 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2008_XACT_x64.cab [2009-03-16 13:36:20 | 000,096,817 | ---- | C] () -- C:\Documents and Settings\jtd\APR2007_xinput_x64.cab [2009-03-16 13:36:20 | 000,093,726 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2008_XACT_x86.cab [2009-03-16 13:36:20 | 000,093,120 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2008_XACT_x86.cab [2009-03-16 13:36:20 | 000,093,004 | ---- | C] () -- C:\Documents and Settings\jtd\Aug2008_XACT_x86.cab [2009-03-16 13:36:18 | 000,095,296 | ---- | C] () -- C:\Documents and Settings\jtd\dxupdate.cab [2009-03-16 13:36:18 | 000,092,688 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2008_XACT_x86.cab [2009-03-16 13:36:16 | 000,092,732 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2009_XACT_x86.cab [2009-03-16 13:36:16 | 000,087,134 | ---- | C] () -- C:\Documents and Settings\jtd\AUG2006_xinput_x64.cab [2009-03-16 13:36:16 | 000,087,093 | ---- | C] () -- C:\Documents and Settings\jtd\Apr2006_xinput_x64.cab [2009-03-16 13:36:16 | 000,086,029 | ---- | C] () -- C:\Documents and Settings\jtd\Oct2005_xinput_x64.cab [2009-03-16 13:36:14 | 000,055,154 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2008_X3DAudio_x64.cab [2009-03-16 13:36:14 | 000,055,058 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2008_X3DAudio_x64.cab [2009-03-16 13:36:14 | 000,053,302 | ---- | C] () -- C:\Documents and Settings\jtd\APR2007_xinput_x86.cab [2009-03-16 13:36:12 | 000,055,110 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2008_X3DAudio_x64.cab [2009-03-16 13:36:12 | 000,054,592 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2009_X3DAudio_x64.cab [2009-03-16 13:36:12 | 000,046,144 | ---- | C] () -- C:\Documents and Settings\jtd\NOV2007_X3DAudio_x64.cab [2009-03-16 13:36:12 | 000,046,050 | ---- | C] () -- C:\Documents and Settings\jtd\AUG2006_xinput_x86.cab [2009-03-16 13:36:12 | 000,046,002 | ---- | C] () -- C:\Documents and Settings\jtd\Apr2006_xinput_x86.cab [2009-03-16 13:36:12 | 000,045,359 | ---- | C] () -- C:\Documents and Settings\jtd\Oct2005_xinput_x86.cab [2009-03-16 13:36:12 | 000,044,444 | ---- | C] () -- C:\Documents and Settings\jtd\dxdllreg_x86.cab [2009-03-16 13:36:12 | 000,021,897 | ---- | C] () -- C:\Documents and Settings\jtd\JUN2008_X3DAudio_x86.cab [2009-03-16 13:36:12 | 000,021,867 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2008_X3DAudio_x86.cab [2009-03-16 13:36:12 | 000,021,836 | ---- | C] () -- C:\Documents and Settings\jtd\Nov2008_X3DAudio_x86.cab [2009-03-16 13:36:12 | 000,018,488 | ---- | C] () -- C:\Documents and Settings\jtd\NOV2007_X3DAudio_x86.cab [2009-03-16 13:36:10 | 000,021,298 | ---- | C] () -- C:\Documents and Settings\jtd\Mar2009_X3DAudio_x86.cab [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-06-25 13:18:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009-04-29 05:35:21 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 11:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2011-12-15 18:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\4Sync [2010-03-26 22:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems [2012-05-12 11:41:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2010-11-17 16:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-07-19 07:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Mistrz Klawiatury II Data [2012-12-10 20:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2012-05-12 11:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2012-05-11 11:29:36 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2009-06-26 16:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\ACD Systems [2010-09-14 16:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\ActiveState [2012-02-10 11:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\calibre [2011-02-04 15:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\Dev-Cpp [2011-09-20 08:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\EIZO [2009-06-26 17:11:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\Folder przesyłania Share-to-Web [2011-02-04 14:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\ipla [2010-03-08 17:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\Opera [2012-12-06 10:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\PDFReaderPackages [2010-11-17 16:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\RDRM [2009-06-25 21:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\Spik [2012-12-06 10:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\SumatraPDF [2012-12-10 20:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\The Bat! [2012-05-11 11:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\TuneUp Software [2010-03-26 22:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\URSoft [2009-06-25 13:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\Windows Desktop Search [2009-06-25 21:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\Windows Search [2010-08-25 20:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\YouTube Downloader [2010-05-10 20:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jtd\Dane aplikacji\Youtube Downloader HD [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 176 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1CE11B51 @Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:B3D74A13 @Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C4252FE0 < End of report >