OTL logfile created on: 2013-02-27 12:00:31 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\OM\Pulpit\naprawa Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,97 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 77,96% Memory free 3,81 Gb Paging File | 3,52 Gb Available in Paging File | 92,29% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,90 Gb Total Space | 88,16 Gb Free Space | 90,05% Space Free | Partition Type: NTFS Drive F: | 3,73 Gb Total Space | 3,61 Gb Free Space | 96,81% Space Free | Partition Type: FAT32 Computer Name: OM-0E17B8093C19 | User Name: OM | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-02-27 10:49:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\OM\Pulpit\naprawa\OTL.exe PRC - [2011-09-04 19:46:28 | 000,055,296 | RHS- | M] () -- C:\Documents and Settings\OM\luiqii.scr PRC - [2011-08-20 17:59:53 | 000,151,552 | ---- | M] () -- C:\WINDOWS\KMService.exe PRC - [2011-08-20 17:59:53 | 000,008,192 | ---- | M] () -- C:\WINDOWS\system32\srvany.exe PRC - [2011-06-02 18:52:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2010-10-27 10:00:02 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe PRC - [2010-03-16 01:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE PRC - [2010-03-09 03:47:02 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\system32\LGScsiCommandService.exe PRC - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-07-27 21:51:56 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL MOD - [2011-09-04 19:46:28 | 000,055,296 | RHS- | M] () -- C:\Documents and Settings\OM\luiqii.scr MOD - [2011-08-20 17:59:53 | 000,151,552 | ---- | M] () -- C:\WINDOWS\KMService.exe MOD - [2011-08-20 17:59:53 | 000,008,192 | ---- | M] () -- C:\WINDOWS\system32\srvany.exe MOD - [2011-06-02 18:52:18 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe MOD - [2010-01-30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2013-02-19 20:37:13 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011-08-20 17:59:53 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\srvany.exe -- (KMService) SRV - [2010-03-25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2010-03-09 03:47:02 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) [Auto | Running] -- C:\WINDOWS\system32\LGScsiCommandService.exe -- (LGScsiCommandService) SRV - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2011-08-19 01:03:21 | 000,012,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon) DRV - [2010-01-21 00:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010-01-21 00:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010-01-21 00:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus) DRV - [2009-11-12 13:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009-06-03 21:05:26 | 001,570,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416) DRV - [2009-05-20 13:00:48 | 000,038,400 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e) DRV - [2009-03-20 13:21:28 | 001,057,280 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2008-02-14 13:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={B12A6A27-9C52-4DE6-8E2D-748763205E96} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-796845957-838170752-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-796845957-838170752-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-796845957-838170752-1417001333-1003\..\SearchScopes,DefaultScope = {C3BDC7D1-1863-46FF-8C25-C942C502DEB8} IE - HKU\S-1-5-21-796845957-838170752-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-796845957-838170752-1417001333-1003\..\SearchScopes\{C3BDC7D1-1863-46FF-8C25-C942C502DEB8}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms} IE - HKU\S-1-5-21-796845957-838170752-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultthis.engineName: "SFT_Polska Customized Web Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-02-19 20:37:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-08-19 21:25:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\OM\Dane aplikacji\Mozilla\Extensions [2013-02-27 11:53:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\OM\Dane aplikacji\Mozilla\Firefox\Profiles\55lnayny.default\extensions [2012-12-13 21:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Documents and Settings\OM\Dane aplikacji\Mozilla\Firefox\Profiles\55lnayny.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2013-02-19 20:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013-02-19 20:37:00 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-02-19 20:37:14 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2013-02-19 20:37:12 | 000,002,980 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-02 10:26:38 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2013-02-19 20:37:12 | 000,001,619 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2013-02-19 20:37:12 | 000,001,130 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2013-02-19 20:37:12 | 000,001,071 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2013-02-19 20:37:12 | 000,001,396 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2013-02-19 20:37:12 | 000,001,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Babylon ToolBar (Enabled) = C:\Documents and Settings\OM\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\OM\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - Extension: Movie2kDownloader = C:\Documents and Settings\OM\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf\1.0_0\ CHR - Extension: Click to call with Skype = C:\Documents and Settings\OM\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\ CHR - Extension: Movie2kDownloader = C:\Documents and Settings\OM\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf\1.0_0\ CHR - Extension: Click to call with Skype = C:\Documents and Settings\OM\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\ O1 HOSTS File: ([2011-06-02 18:52:18 | 000,000,775 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No CLSID value found. O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKU\S-1-5-21-796845957-838170752-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {09900DE8-1DCA-443F-9243-26FF581438AF} - No CLSID value found. O3 - HKU\S-1-5-21-796845957-838170752-1417001333-1003\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-21-796845957-838170752-1417001333-1003..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKU\S-1-5-21-796845957-838170752-1417001333-1003..\Run: [EPSON SX100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-21-796845957-838170752-1417001333-1003..\Run: [luiqii] C:\Documents and Settings\OM\luiqii.scr () O4 - HKU\S-1-5-21-796845957-838170752-1417001333-1003..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-796845957-838170752-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{163D6B35-183C-466E-939F-DA2A3942C6C4}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BAA1118-3317-42A5-AA33-E4E1127E24C0}: DhcpNameServer = 8.8.8.8 8.8.4.4 O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\OM\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\OM\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-08-19 00:21:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - Unable to obtain root file information for disk F:\ O33 - MountPoints2\{5da26ac6-c83c-11e1-8155-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{5da26ac6-c83c-11e1-8155-806d6172696f}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /L:"1045" /KBD:2 /dir:"C:\Program Files\AVAST Software\Avast") O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-02-27 10:52:40 | 000,000,000 | ---D | C] -- C:\totalcmd [2013-02-27 10:52:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OM\Menu Start\Programy\Total Commander [2013-02-27 10:52:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OM\Dane aplikacji\GHISLER [2013-02-27 10:47:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OM\Pulpit\naprawa [2013-02-19 20:36:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013-02-03 18:54:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OM\Pulpit\mama [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-02-27 11:56:20 | 000,001,024 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-02-27 11:56:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-02-27 11:22:00 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-02-27 10:52:42 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\OM\Pulpit\Total Commander.lnk [2013-02-26 21:15:58 | 004,583,801 | ---- | M] () -- C:\Documents and Settings\OM\Pulpit\Follow_Your_Instinct-My_City_Bodybangers_Remix_Club_Mix(mp3plate.com).mp3 [2013-02-26 20:24:15 | 010,025,839 | ---- | M] () -- C:\Documents and Settings\OM\Pulpit\Follow_Your_Instinct_vs_Dave_Ramone-MY_CITY(mp3plate.com).mp3 [2013-02-26 16:15:18 | 000,002,499 | ---- | M] () -- C:\Documents and Settings\OM\Pulpit\Microsoft Word 2010.lnk [2013-02-25 17:47:30 | 000,012,288 | -H-- | M] () -- C:\Documents and Settings\OM\Pulpit\photothumb.db [2013-02-23 21:26:30 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2013-02-19 13:25:24 | 000,451,590 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-02-19 13:25:24 | 000,395,398 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-02-19 13:25:24 | 000,075,684 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-02-19 13:25:24 | 000,059,638 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013-02-18 20:47:52 | 009,510,928 | ---- | M] () -- C:\Documents and Settings\OM\Pulpit\WEEKEND - Ona Tanczy Dla Mnie.mp3 [2013-02-11 20:13:49 | 002,869,241 | ---- | M] () -- C:\Documents and Settings\OM\Pulpit\Arash feat. Sean Paul - She Makes Me Go.mp3 [2013-01-30 21:04:26 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\OM\Pulpit\Microsoft Office PowerPoint 2007.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-02-27 10:52:42 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\OM\Pulpit\Total Commander.lnk [2013-02-27 10:52:40 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF [2013-02-27 10:52:40 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF [2013-02-27 10:52:40 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF [2013-02-27 10:52:40 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF [2013-02-27 10:52:40 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF [2013-02-27 10:52:40 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF [2013-02-26 19:32:10 | 010,025,839 | ---- | C] () -- C:\Documents and Settings\OM\Pulpit\Follow_Your_Instinct_vs_Dave_Ramone-MY_CITY(mp3plate.com).mp3 [2013-02-26 19:31:46 | 004,583,801 | ---- | C] () -- C:\Documents and Settings\OM\Pulpit\Follow_Your_Instinct-My_City_Bodybangers_Remix_Club_Mix(mp3plate.com).mp3 [2013-02-18 20:47:24 | 009,510,928 | ---- | C] () -- C:\Documents and Settings\OM\Pulpit\WEEKEND - Ona Tanczy Dla Mnie.mp3 [2013-02-11 19:55:50 | 002,869,241 | ---- | C] () -- C:\Documents and Settings\OM\Pulpit\Arash feat. Sean Paul - She Makes Me Go.mp3 [2012-10-13 14:38:04 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\GG dysk.lnk [2012-08-28 18:51:01 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC06287.JPG [2012-08-26 00:20:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\25.08.jpg [2012-07-08 11:55:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\IMG_3975.JPG [2012-04-27 21:31:59 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\20120427_183324.jpg [2012-04-27 21:31:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\20120427_182133.jpg [2012-04-27 21:31:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\20120427_182037.jpg [2012-04-27 21:31:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\20120404_081904.jpg [2012-04-25 12:23:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\Tantra_Totem_01.pps [2012-04-25 12:21:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\IMG_2647.JPG [2012-04-25 12:21:41 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\IMG_2646.JPG [2012-04-25 12:21:34 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\IMG_2638.JPG [2012-04-25 12:21:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\IMG_2633.JPG [2012-04-25 12:21:12 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\IMG_2625.JPG [2012-04-25 12:21:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\IMG_2624.JPG [2012-04-25 12:21:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\IMG_2623.JPG [2012-04-25 12:20:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\IMG_2622.JPG [2012-04-22 14:38:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\Scooter - Weekend (Funkwell _ Daan_D Remix).mp3 [2012-04-13 15:19:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\foto_8503ee6281a40b0716cd90a0cdffca2d.jpg [2012-04-13 15:12:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\IMGP3713.JPG [2012-04-13 15:11:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\IMGP3706.JPG [2012-04-07 17:04:12 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-03-13 20:59:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09835.JPG [2012-03-13 20:59:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09834.JPG [2012-03-13 20:59:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09833.JPG [2012-03-13 20:58:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09832.JPG [2012-03-13 20:55:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09831.JPG [2012-03-13 20:54:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09830.JPG [2012-03-13 20:54:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09829.JPG [2012-03-13 20:54:41 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09828.JPG [2012-03-13 20:54:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09827.JPG [2012-03-13 20:54:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09826.JPG [2012-03-13 20:54:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09825.JPG [2012-03-13 20:53:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09824.JPG [2012-03-13 20:53:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09823.JPG [2012-03-13 20:53:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09822.JPG [2012-03-13 20:53:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\DSC09820.JPG [2012-02-21 09:24:46 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2012-02-21 09:24:46 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat [2012-02-21 09:24:46 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat [2012-02-21 09:24:46 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2012-02-21 09:24:46 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2012-02-21 09:24:46 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2012-02-21 09:24:46 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2012-02-21 09:24:46 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2012-02-21 09:24:46 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2012-02-21 09:24:46 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2012-02-21 09:24:46 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2012-02-21 09:24:46 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2012-02-21 09:24:46 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2012-02-21 09:24:46 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2012-02-21 09:24:46 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2012-02-21 09:24:46 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2012-02-21 09:24:46 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2012-02-21 09:24:46 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2012-02-21 09:24:46 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2012-02-21 09:23:58 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDESX100DEFGIPS.ini [2012-02-19 20:08:36 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\6.gif [2012-02-19 17:36:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\blueman.zip [2012-02-12 20:45:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\IMG_0483.JPG [2012-01-18 17:23:32 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\.gstreamer-0.10.lnk [2011-12-24 10:58:39 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\OM\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-11-29 16:49:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\hihi.jpg [2011-11-29 16:47:59 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\qt_temp.bT4308.png [2011-10-23 19:58:20 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\Madziulaa [2011-10-02 20:04:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\03 - tough lover.mp3 [2011-09-26 19:20:30 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\Buziak.dcf [2011-09-25 08:52:55 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Ustawienia lokalne.lnk [2011-09-25 08:52:55 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Ulubione.lnk [2011-09-25 08:52:55 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Szablony.lnk [2011-09-25 08:52:55 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\SendTo.lnk [2011-09-25 08:52:55 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Recent.lnk [2011-09-25 08:52:55 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Pulpit.lnk [2011-09-25 08:52:55 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\PrivacIE.lnk [2011-09-25 08:52:55 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\PrintHood.lnk [2011-09-25 08:52:55 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\NetHood.lnk [2011-09-25 08:52:55 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Moje dokumenty.lnk [2011-09-25 08:52:55 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Menu Start.lnk [2011-09-25 08:52:55 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\IETldCache.lnk [2011-09-25 08:52:54 | 000,055,296 | RHS- | C] () -- C:\Documents and Settings\OM\luiqii.scr [2011-09-25 08:52:54 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Video.lnk [2011-09-25 08:52:54 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Pictures.lnk [2011-09-25 08:52:54 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Passwords.lnk [2011-09-25 08:52:54 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\New Folder.lnk [2011-09-25 08:52:54 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Music.lnk [2011-09-25 08:52:54 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Documents.lnk [2011-09-25 08:52:54 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Dane aplikacji.lnk [2011-09-25 08:52:54 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\Cookies.lnk [2011-09-25 08:52:54 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\..lnk [2011-09-25 08:52:54 | 000,000,411 | ---- | C] () -- C:\Documents and Settings\OM\...lnk [2011-09-25 08:52:54 | 000,000,135 | RHS- | C] () -- C:\Documents and Settings\OM\autorun.inf [2011-09-13 19:33:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\this is war(2).mp3 [2011-09-05 15:40:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\10-katy b-easy please me.mp3 [2011-09-05 15:38:20 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\sylwia grzeszczak - sen o przyszłości pobrano z ulub_pl(2).mp3 [2011-09-04 19:46:28 | 000,055,296 | RHS- | C] () -- C:\Documents and Settings\OM\luiqii.exe [2011-09-01 20:46:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\alexandra stan - get back (asap)(2).mp3 [2011-09-01 20:42:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\rebbeca black - my moment.mp3 [2011-09-01 20:42:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\cher lloyd - swagger jagger.mp3 [2011-09-01 20:40:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\sylwia grzeszczak - sen o przyszłości (hity na czasie ).mp3 [2011-09-01 20:39:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\21-pink-heartbreak_down-caheso(2).mp3 [2011-09-01 20:39:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\sugababes_-_get_sexy(2).mp3 [2011-09-01 20:36:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\OM\candy girl - jesteś jak sen36.mp3 [2011-08-20 18:00:16 | 000,151,552 | ---- | C] () -- C:\WINDOWS\KMService.exe [2011-08-20 18:00:16 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\srvany.exe [2011-08-20 12:33:24 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2011-08-19 02:10:28 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-08-19 02:09:04 | 000,271,784 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-08-19 01:03:21 | 000,012,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys [2011-08-19 00:47:35 | 000,982,196 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin [2011-08-19 00:47:34 | 000,417,344 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin [2011-08-19 00:23:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-08-19 00:17:44 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-06-02 18:52:18 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2011-06-02 18:52:18 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2011-06-02 18:52:18 | 000,451,590 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2011-06-02 18:52:18 | 000,395,398 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2011-06-02 18:52:18 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2011-06-02 18:52:18 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2011-06-02 18:52:18 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2011-06-02 18:52:18 | 000,075,684 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2011-06-02 18:52:18 | 000,059,638 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2011-06-02 18:52:18 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2011-06-02 18:52:18 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2011-06-02 18:52:18 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2011-06-02 18:52:18 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2011-06-02 18:52:18 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2011-06-02 18:52:18 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2011-06-02 18:52:18 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2011-08-20 12:30:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2011-06-02 18:52:18 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2011-06-02 18:52:18 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2011-06-02 18:52:18 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-07-26 16:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2012-06-02 10:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon [2011-08-20 12:33:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited [2012-02-21 09:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON [2011-08-21 19:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2012-09-22 13:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [2012-04-08 20:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2012-07-26 16:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RoboForm [2013-02-27 11:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tarma Installer [2013-02-27 11:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2012-02-21 09:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL [2011-08-19 00:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\{DCD48218-E972-4d0c-9E5F-43462BC13E3B} [2012-06-02 10:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\Babylon [2011-08-20 12:33:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\Canneverbe Limited [2011-08-19 00:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\DRPSu [2012-02-21 09:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\EPSON [2013-02-01 15:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\Funmoods [2012-07-02 11:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\Gadu-Gadu 10 [2013-02-26 18:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\GG [2013-02-27 10:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\GHISLER [2011-08-31 18:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\GoD [2011-12-03 23:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\OpenFM [2011-11-20 19:48:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\PhotoScape [2013-02-27 11:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\PriceGong [2012-07-26 16:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\RoboForm [2013-01-27 22:48:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OM\Dane aplikacji\Systweak [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D1B5B4F1 < End of report >