OTL logfile created on: 2013-01-17 08:55:41 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\dut\Pulpit\jjj Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 74,02% Memory free 4,84 Gb Paging File | 4,24 Gb Available in Paging File | 87,51% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 465,75 Gb Total Space | 308,32 Gb Free Space | 66,20% Space Free | Partition Type: NTFS Computer Name: TOMEK | User Name: dut | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-01-17 08:54:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dut\Pulpit\jjj\OTL.exe PRC - [2012-11-05 09:50:12 | 000,377,800 | ---- | M] () -- C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe PRC - [2010-04-23 11:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\WINDOWS\system32\ezSharedSvcHost.exe PRC - [2010-04-07 20:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2010-04-07 20:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2009-11-11 16:18:00 | 000,870,400 | ---- | M] () -- C:\Program Files\ALLPlayer\ALLUpdate.exe PRC - [2008-08-24 13:01:56 | 004,067,328 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe PRC - [2008-05-29 21:40:38 | 002,580,480 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.bin PRC - [2008-05-29 21:40:36 | 002,363,392 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.exe PRC - [2007-05-25 08:41:38 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxddcoms.exe PRC - [2006-11-13 14:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\wcescomm.exe PRC - [2006-11-13 14:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\rapimgr.exe PRC - [2006-10-19 19:44:44 | 000,020,480 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe PRC - [2005-10-27 11:00:22 | 000,299,008 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CamTray.exe PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2003-08-19 16:09:30 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe PRC - [2003-08-19 16:00:40 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-11-05 09:50:12 | 000,377,800 | ---- | M] () -- C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe MOD - [2012-08-06 10:54:24 | 009,843,640 | ---- | M] () -- C:\Program Files\VTech\DownloadManager\System\QtWebKit4.dll MOD - [2010-11-11 10:24:31 | 000,028,160 | ---- | M] () -- C:\Program Files\VTech\DownloadManager\System\DACommCenter.dll MOD - [2010-07-13 14:07:23 | 007,826,432 | ---- | M] () -- C:\Program Files\VTech\DownloadManager\System\QtGui4.dll MOD - [2010-07-05 10:19:39 | 000,116,736 | ---- | M] () -- C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll MOD - [2010-06-24 02:16:19 | 002,150,400 | ---- | M] () -- C:\Program Files\VTech\DownloadManager\System\QtCore4.dll MOD - [2010-06-02 06:05:40 | 000,119,808 | ---- | M] () -- C:\Program Files\VTech\DownloadManager\System\imageformats\qjpeg4.dll MOD - [2010-06-02 03:56:04 | 000,232,960 | ---- | M] () -- C:\Program Files\VTech\DownloadManager\System\phonon4.dll MOD - [2010-06-02 03:54:24 | 002,530,816 | ---- | M] () -- C:\Program Files\VTech\DownloadManager\System\QtXmlPatterns4.dll MOD - [2010-06-02 03:29:22 | 000,934,912 | ---- | M] () -- C:\Program Files\VTech\DownloadManager\System\QtNetwork4.dll MOD - [2010-06-02 03:28:00 | 000,335,360 | ---- | M] () -- C:\Program Files\VTech\DownloadManager\System\QtXml4.dll MOD - [2009-11-11 16:18:00 | 000,870,400 | ---- | M] () -- C:\Program Files\ALLPlayer\ALLUpdate.exe MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL MOD - [2008-08-24 13:04:10 | 000,421,888 | ---- | M] () -- C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll MOD - [2008-08-24 13:01:56 | 004,067,328 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe MOD - [2007-12-19 14:04:24 | 000,828,416 | ---- | M] () -- C:\Program Files\OpenOffice.org 2.4\program\libxml2.dll MOD - [2006-11-07 18:26:40 | 000,376,832 | ---- | M] () -- C:\Program Files\Creative\Creative Live! Cam\VideoFX\EyeCatcherEx.dll MOD - [2003-08-03 20:58:08 | 000,065,536 | ---- | M] () -- C:\Program Files\Lexmark X1100 Series\ConvDIB.dll MOD - [2003-07-29 14:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXBKPP5C.DLL [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - [2013-01-09 19:05:32 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2010-04-23 11:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) [Auto | Running] -- C:\WINDOWS\system32\ezSharedSvcHost.exe -- (ezSharedSvc) SRV - [2010-04-07 20:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-04-07 20:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2008-09-22 13:42:06 | 001,079,176 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService) SRV - [2008-06-13 14:29:14 | 000,356,920 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService) SRV - [2007-05-25 08:41:38 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxddcoms.exe -- (lxdd_device) SRV - [2001-10-26 18:30:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (NOD32FiXTemDono) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (azv6gdaw) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati8ywxx.sys -- (ati8ywxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati7wexx.sys -- (ati7wexx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati6agxx.sys -- (ati6agxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati5vcxx.sys -- (ati5vcxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati5grxx.sys -- (ati5grxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati5byxx.sys -- (ati5byxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati4ixxx.sys -- (ati4ixxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati4dbxx.sys -- (ati4dbxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati3psxx.sys -- (ati3psxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati3omxx.sys -- (ati3omxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati3gvxx.sys -- (ati3gvxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati2fdxx.sys -- (ati2fdxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati2crxx.sys -- (ati2crxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati1caxx.sys -- (ati1caxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati1bqxx.sys -- (ati1bqxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati0fuxx.sys -- (ati0fuxx) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati0etxx.sys -- (ati0etxx) DRV - [2010-04-07 20:08:08 | 000,055,232 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2010-04-07 20:08:06 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2010-04-07 20:08:04 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2010-04-07 20:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-04-07 20:03:44 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2008-09-11 12:48:35 | 000,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex) DRV - [2008-09-11 12:48:34 | 000,094,064 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdm.sys -- (k510mdm) DRV - [2008-09-11 12:48:34 | 000,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm) DRV - [2008-09-11 12:48:34 | 000,083,344 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510obex.sys -- (k510obex) DRV - [2008-09-11 12:48:34 | 000,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt) DRV - [2008-09-11 12:48:34 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) DRV - [2008-09-11 12:48:34 | 000,008,336 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdfl.sys -- (k510mdfl) DRV - [2008-09-11 12:48:34 | 000,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl) DRV - [2008-08-25 10:36:30 | 000,081,288 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iksyssec.sys -- (IKSysSec) DRV - [2008-08-25 10:36:28 | 000,066,952 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iksysflt.sys -- (IKSysFlt) DRV - [2008-08-25 10:36:28 | 000,040,840 | ---- | M] (PCTools Research Pty Ltd.) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ikfilesec.sys -- (IKFileSec) DRV - [2008-08-19 20:12:25 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2008-07-24 17:02:44 | 004,749,824 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2007-11-01 09:56:00 | 000,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l151x86.sys -- (AtcL001) DRV - [2006-04-05 10:46:30 | 000,163,840 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0250Dev.sys -- (V0250Dev) DRV - [2006-02-17 20:34:22 | 000,085,408 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mgmt.sys -- (k510mgmt) DRV - [2006-02-17 20:34:10 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510bus.sys -- (k510bus) DRV - [2005-10-21 06:25:32 | 000,013,396 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MTictwl.sys -- (MagicTune) DRV - [2004-08-13 19:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=6&barid={A9DC3F1A-2C97-494D-8FFE-6598A51F91E9} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={A9DC3F1A-2C97-494D-8FFE-6598A51F91E9} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{588DCC24-834A-4F47-A6E6-6161E0032DE6}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBS_pl IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Dane aplikacji\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-06-10 19:31:52 | 000,000,000 | ---D | M] O1 HOSTS File: ([2010-11-05 19:39:06 | 000,424,697 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 14637 more lines... O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found. O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [AgentMonitor] C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe () O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [C:\WINDOWS\system32\V0250Cvw.dll] C:\WINDOWS\system32\V0250Cvw.dll (Creative Technology Ltd.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [Lexmark X1100 Series] C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" File not found O4 - HKCU..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe (Creative Technology Ltd) O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKCU..\Run: [FlashGet] "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" /min File not found O4 - HKCU..\Run: [H/PC Connection Agent] C:\Wcescomm.exe (Microsoft Corporation) O4 - HKCU..\Run: [I&F Viewer toolbar] "C:\Program Files\Photo Toolkit\ivbar\phototoolkitmem.exe" -start File not found O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe () O4 - HKCU..\Run: [SService] C:\Documents and Settings\dut\77992.exe File not found O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SIMBAR={A9DC3F1A-2C97-494D-8FFE-6598A51F91E9}; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.leukespellen.be/spelletjes/body/c2tlaTQwMTlza2Vp.php" File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\dut\Menu Start\Programy\Autostart\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {18506D80-11D4-9B80-82C2-0080C8D7ED4A} http://cached.gamedesire.com/g_bin/pl/roulette_2_0_0_30.cab (GameDesire Roulette) O16 - DPF: {18506D80-9B80-11D4-82C2-0080C8D7ED4A} http://download.gamedesire.com/g_bin/pl/roulette_2_0_0_27.cab (GameDesire Roulette) O16 - DPF: {1A781DED-4153-C22D-3213-A3211E29DF13} http://cached.gamedesire.com/g_bin/pl/cards_2_0_0_81.cab (GameDesire Card Games) O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} http://cached.gamedesire.com/g_bin/pl/cards_2_0_0_77.cab (GameDesire Card Games) O16 - DPF: {41ACD49D-791A-1974-0981-AA9872721044} http://cached.gamedesire.com/g_bin/pl/boards_2_0_0_38.cab (Ganymede Board Games) O16 - DPF: {4539348E-01D7-11D5-9A39-0080C8D85044} http://download.gamedesire.com/g_bin/pl/slots90_2_0_0_35.cab (GameDesire Slots 90th) O16 - DPF: {4B4513E2-43DF-4E57-9496-FCD37E9DFA64} http://cached.gamedesire.com/g_bin/pl/navy_2_0_0_34.cab (GameDesire Sea Battle) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} http://download.gamedesire.com/g_bin/pl/pirate_2_0_0_30.cab (GameDesire Pinball Pirate) O16 - DPF: {A6212120-01D4-11D5-9A39-0080C8D85044} http://cached.gamedesire.com/g_bin/pl/slots70_2_0_0_35.cab (GameDesire Slots 70th) O16 - DPF: {A9ED6AA2-4D71-D9D4-9586-E293E2E3580B} http://cached.gamedesire.com/g_bin/pl/marbles_2_0_0_36.cab (GameDesire Marbles&Diamonds&Runes) O16 - DPF: {A9ED6AA2-D9D4-4D71-9586-E293E2E3580B} http://download.gamedesire.com/g_bin/pl/marbles_2_0_0_32.cab (GameDesire Marbles&Diamonds&Runes) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {ECEAD8AE-01D6-11D5-9A39-0080C8D85044} http://download.gamedesire.com/g_bin/pl/slots80_2_0_0_35.cab (GameDesire Slots 80th) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6FAB549E-BEBE-466D-A2AE-C4403103296C}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\ic32pp {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll () O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-08-07 13:27:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{42b67e6e-9431-11df-9799-001fc630fe3d}\Shell - "" = AutoRun O33 - MountPoints2\{42b67e6e-9431-11df-9799-001fc630fe3d}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{42b67e71-9431-11df-9799-001fc630fe3d}\Shell - "" = AutoRun O33 - MountPoints2\{42b67e71-9431-11df-9799-001fc630fe3d}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f00adabe-94ff-11df-979e-001fc630fe3d}\Shell - "" = AutoRun O33 - MountPoints2\{f00adabe-94ff-11df-979e-001fc630fe3d}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-01-14 20:38:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\23E [2013-01-13 21:32:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013-01-09 19:05:28 | 016,369,160 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2012-12-29 10:44:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dut\Dane aplikacji\LucasArts [2012-12-28 11:07:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dut\Pulpit\kolorowanki [2012-12-27 17:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dut\Ustawienia lokalne\Dane aplikacji\cache [2012-12-27 17:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\VTech [2012-12-27 17:04:57 | 000,000,000 | ---D | C] -- C:\Program Files\VTech [2012-12-27 17:04:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\VTech [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-01-17 08:57:00 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C6978EED-4AE8-48A5-9C46-C7315DC8D31E}.job [2013-01-17 08:46:08 | 000,186,097 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2013-01-17 08:46:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-01-17 08:44:38 | 000,000,210 | -HS- | M] () -- C:\boot.ini [2013-01-17 08:22:44 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad [2013-01-16 20:05:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-01-14 20:36:05 | 001,865,299 | ---- | M] () -- C:\Documents and Settings\dut\Pulpit\Mrozu - 1000m metrĂłw nad ZiemiÄ… (corver).mp3 [2013-01-13 21:33:17 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2013-01-11 20:23:45 | 000,226,816 | ---- | M] () -- C:\Documents and Settings\dut\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-01-09 19:05:31 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-01-09 19:05:31 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-01-09 19:05:28 | 016,369,160 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2013-01-04 18:27:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-12-31 21:28:27 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2012-12-31 10:12:23 | 000,001,020 | ---- | M] () -- C:\Documents and Settings\dut\Pulpit\Skrót do LEGOStarWadfdfdfdswr3rsSaga.exe.lnk [2012-12-27 17:39:28 | 000,000,456 | ---- | M] () -- C:\WINDOWS\lexstat.ini [2012-12-27 17:27:02 | 000,000,580 | ---- | M] () -- C:\Documents and Settings\dut\Ustawienia lokalne\Dane aplikacji\cookies.ini [2012-12-27 17:05:13 | 000,000,848 | ---- | M] () -- C:\Documents and Settings\dut\Pulpit\Learning Lodge Navigator.lnk [2012-12-27 14:57:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-01-17 08:16:02 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad [2013-01-14 20:36:01 | 001,865,299 | ---- | C] () -- C:\Documents and Settings\dut\Pulpit\Mrozu - 1000m metrĂłw nad ZiemiÄ… (corver).mp3 [2012-12-31 10:12:23 | 000,001,020 | ---- | C] () -- C:\Documents and Settings\dut\Pulpit\Skrót do LEGOStarWadfdfdfdswr3rsSaga.exe.lnk [2012-12-27 17:05:42 | 000,000,580 | ---- | C] () -- C:\Documents and Settings\dut\Ustawienia lokalne\Dane aplikacji\cookies.ini [2012-12-27 17:05:13 | 000,000,848 | ---- | C] () -- C:\Documents and Settings\dut\Pulpit\Learning Lodge Navigator.lnk [2012-10-27 07:56:23 | 000,716,813 | ---- | C] () -- C:\WINDOWS\unins000.exe [2012-10-21 11:04:27 | 001,441,708 | ---- | C] () -- C:\WINDOWS\unins000.dat [2012-10-20 14:49:10 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\dut\Dane aplikacji\$_hpcst$.hpc [2012-02-22 20:50:06 | 000,011,761 | ---- | C] () -- C:\Documents and Settings\dut\Ustawienia lokalne\Dane aplikacji\unins000.msg [2012-02-22 20:50:05 | 000,707,504 | ---- | C] () -- C:\Documents and Settings\dut\Ustawienia lokalne\Dane aplikacji\unins000.exe [2012-02-22 20:50:05 | 000,002,164 | ---- | C] () -- C:\Documents and Settings\dut\Ustawienia lokalne\Dane aplikacji\unins000.dat [2011-07-18 20:55:16 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2011-06-26 14:48:43 | 000,000,138 | ---- | C] () -- C:\WINDOWS\parport.ini [2010-01-07 08:31:41 | 000,002,210 | ---- | C] () -- C:\Documents and Settings\dut\.recently-used.xbel [2008-09-26 16:59:28 | 000,226,816 | ---- | C] () -- C:\Documents and Settings\dut\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-08-15 12:06:07 | 000,000,245 | ---- | C] () -- C:\Documents and Settings\dut\default.pls [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-09-10 21:05:49 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-06-23 16:41:37 | 001,494,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:22:07 | 000,473,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-05-12 19:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\0157 [2010-04-23 18:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\01B5 [2009-05-29 21:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\0EA [2010-12-31 15:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\107D [2010-11-28 10:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\121F4 [2012-01-21 17:23:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\123B9 [2008-12-31 10:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\13109 [2008-11-11 16:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\132DE [2008-11-11 17:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\14196 [2010-04-16 21:23:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1438A [2010-02-14 20:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\16119 [2008-12-30 20:48:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\167D [2010-11-28 15:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\17271 [2008-11-11 20:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1929F [2012-06-06 19:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\192CE [2008-11-09 18:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\192DE [2009-05-15 19:11:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\19EA [2010-06-28 16:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\19EB [2009-06-05 18:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1A261 [2010-02-20 17:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1A3A9 [2008-11-10 21:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1AB2 [2010-06-30 15:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1BAB [2011-08-24 07:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1D186 [2010-04-17 11:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1D1F [2010-08-17 18:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1D271 [2009-01-11 09:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1D7D [2012-06-02 19:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1EAB [2010-01-24 14:37:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1EBB [2011-08-18 17:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1F2CE [2011-12-28 13:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\20242 [2010-06-22 15:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\203A9 [2009-02-22 15:52:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\207D [2009-01-24 09:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\22186 [2012-08-05 12:23:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\221D4 [2008-11-16 09:31:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\22261 [2008-11-20 18:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\224E [2009-04-22 19:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\232CE [2013-01-14 20:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\23E [2010-12-12 17:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\24119 [2010-01-10 13:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\250 [2008-11-15 17:35:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\25242 [2011-08-18 17:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\252DE [2009-05-17 16:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\27213 [2009-04-20 18:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2930D [2009-01-04 16:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\29F [2012-06-13 16:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2A2CE [2012-01-13 14:50:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2B0 [2008-11-15 19:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2C3C8 [2009-10-25 17:31:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2CAB [2009-02-14 14:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2D261 [2010-02-27 09:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2DFA [2009-03-10 10:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2E119 [2009-01-01 18:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2E242 [2010-08-29 09:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2FEA [2008-11-11 09:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\30196 [2011-03-25 19:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\321F [2010-06-13 17:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\33138 [2012-01-04 16:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\33148 [2012-02-16 19:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\333D8 [2009-08-30 16:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\337D [2009-09-25 19:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\3432C [2009-03-10 14:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\353C8 [2012-01-20 21:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\373D8 [2012-01-15 17:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\38109 [2010-10-23 13:41:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\3832C [2008-12-29 09:57:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\38FA [2009-04-21 08:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\391A5 [2012-08-22 12:16:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\391D4 [2012-04-02 17:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\396D [2010-06-06 13:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\3B232 [2010-01-25 17:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\3B2CE [2009-02-14 20:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\3B2DE [2009-05-03 09:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\5177 [2009-03-04 12:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\630 [2009-10-25 08:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\64E [2011-08-06 19:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\7128 [2009-10-25 17:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\7251 [2012-10-20 14:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\82EE [2010-02-14 20:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\83C8 [2012-01-08 16:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\9DA [2012-02-01 10:50:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\A1F [2009-02-18 08:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\A5D [2010-09-25 16:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2012-03-11 16:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\B0 [2008-12-30 17:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\B119 [2009-05-05 21:21:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\B242 [2012-04-01 16:40:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\B35B [2012-05-26 09:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\B7D [2008-09-10 09:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2008-12-06 08:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\C3E [2012-03-03 18:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\C5D [2012-10-20 15:28:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2012-01-01 16:36:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\D1F [2010-06-26 15:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\E3D8 [2010-11-26 20:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2010-11-26 20:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2008-08-11 19:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2009-06-03 17:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SolidDocuments [2010-11-26 20:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Solidshield [2012-09-10 07:19:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SweetIM [2012-03-15 18:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tarma Installer [2012-11-25 22:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2012-12-27 17:04:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VTech [2009-12-02 21:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Zylom [2012-07-04 07:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\AcGasSynchro II [2012-08-02 16:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\AncientAqua [2010-04-15 20:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\BITS [2008-08-19 20:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\DAEMON Tools [2010-02-04 21:15:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2009-09-28 19:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\ESET [2013-01-13 16:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\GanymedeNet [2010-01-07 08:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\gtk-2.0 [2012-03-18 15:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\Karate Panda [2008-11-28 19:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\Leadertech [2012-12-29 10:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\LucasArts [2009-03-17 20:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\Nowe Gadu-Gadu [2011-03-17 09:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\Nvu [2012-10-27 10:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\Patcher [2010-01-12 09:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\Softi Software [2009-08-13 19:04:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\SolidDocuments [2010-01-12 21:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\Thinstall [2013-01-11 19:19:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\uTorrent [2009-12-02 21:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\Zylom [2010-09-05 10:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\_MDLogs [2010-06-03 10:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dut\Dane aplikacji\ƒ„ƒuƒTƒ [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 640 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8 < End of report >