OTL logfile created on: 2013-09-16 22:24:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = F:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1022,48 Mb Total Physical Memory | 470,28 Mb Available Physical Memory | 45,99% Memory free
1,66 Gb Paging File | 1,26 Gb Available in Paging File | 76,30% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 60,87 Gb Free Space | 54,45% Space Free | Partition Type: NTFS
Drive D: | 584,88 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 3,74 Gb Total Space | 3,42 Gb Free Space | 91,59% Space Free | Partition Type: FAT32
 
Computer Name: VOBIS-2E202252E | User Name: Klient Vobis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-09-16 20:14:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2013-04-04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2011-01-24 03:08:55 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
PRC - [2011-01-24 03:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010-04-14 22:45:21 | 000,598,696 | ---- | M] ( ) -- C:\WINDOWS\system32\lxeacoms.exe
PRC - [2009-07-22 18:54:14 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2009-07-22 18:53:44 | 002,736,128 | ---- | M] (Firebird Project) -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2009-03-08 04:31:54 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msfeedssync.exe
PRC - [2008-09-03 10:11:01 | 001,023,488 | ---- | M] (COMODO) -- C:\Program Files\Comodo\BackUp\CmdBkSvc.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-09-14 05:01:56 | 000,492,600 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
PRC - [2007-09-14 04:02:34 | 000,905,056 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2007-09-14 03:55:30 | 000,140,568 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2007-09-14 03:55:26 | 000,427,288 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2007-09-14 03:52:46 | 002,595,480 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2007-08-09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2007-01-05 00:13:54 | 000,240,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2006-12-06 01:38:57 | 000,707,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2005-09-22 10:42:24 | 000,090,112 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2004-10-11 08:54:06 | 000,589,824 | R--- | M] (VIA Technologies) -- C:\Program Files\VIA\RAID\raid_tool.exe
PRC - [2004-08-03 04:33:14 | 000,036,864 | ---- | M] (Panasonic Communications Co., Ltd.) -- C:\Program Files\Panasonic\LocalCom\LMSRVNT.EXE
PRC - [2004-02-24 15:15:58 | 000,069,632 | ---- | M] (Panasonic) -- C:\Program Files\Panasonic\TrapMonitor\Trapmnnt.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-09-03 15:54:22 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL
MOD - [2011-01-24 03:08:55 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
MOD - [2011-01-24 03:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
MOD - [2010-04-05 12:56:07 | 000,716,954 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epwizard.dll
MOD - [2010-04-05 12:55:15 | 000,159,890 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\customui.dll
MOD - [2010-04-05 12:55:04 | 000,061,604 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epfunct.dll
MOD - [2010-04-05 12:54:59 | 000,123,033 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\eputil.dll
MOD - [2010-04-05 12:54:52 | 000,143,502 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\imagutil.dll
MOD - [2010-04-01 19:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeadrs.dll
MOD - [2010-04-01 19:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeascw.dll
MOD - [2009-12-31 08:16:47 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\LXEAPMON.DLL
MOD - [2009-11-04 15:14:38 | 000,165,376 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeadrui.dll
MOD - [2009-11-04 15:14:19 | 000,157,696 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxeadrpp.dll
MOD - [2009-11-04 15:14:06 | 000,236,032 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeadr.dll
MOD - [2009-06-23 13:11:11 | 000,094,208 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epoemdll.dll
MOD - [2009-06-23 13:10:44 | 000,049,152 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epstring.dll
MOD - [2009-06-23 13:09:46 | 002,203,648 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epwizres.dll
MOD - [2009-06-08 02:44:02 | 000,167,936 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeaprpr.dll
MOD - [2009-05-27 14:16:50 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeadatr.dll
MOD - [2009-05-18 15:29:08 | 000,819,200 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeaptpc.dll
MOD - [2009-04-28 09:56:40 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\LXEAsmr.dll
MOD - [2009-04-07 21:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\iptk.dll
MOD - [2009-03-10 07:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeacaps.dll
MOD - [2009-03-02 16:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeaptp.dll
MOD - [2009-02-20 10:48:03 | 000,299,008 | ---- | M] () -- C:\WINDOWS\system32\LXEAsm.dll
MOD - [2009-01-13 15:15:12 | 004,485,120 | ---- | M] () -- C:\WINDOWS\system32\LXEAoem.dll
MOD - [2008-04-14 19:20:37 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007-09-14 05:01:56 | 000,492,600 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
MOD - [2007-09-14 02:45:10 | 001,328,408 | ---- | M] () -- C:\Program Files\Acronis\TrueImageHome\fox.dll
MOD - [2001-10-28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Desktop\Install\{b5b3daa6-ed1e-5b12-9e5b-930217642a30}\   \   \‮ﯹ๛\{b5b3daa6-ed1e-5b12-9e5b-930217642a30}\GoogleUpdate.exe < [WARNING: C:\Program Files\Google\Desktop\Install\{b5b3daa6-ed1e-5b12-9e5b-930217642a30}\   \   \???\{b5b3daa6-ed1e-5b12-9e5b-930217642a30}\GoogleUpdate.exe <] -- (‮etadpug)
SRV - [2013-06-20 18:05:14 | 000,022,208 | ---- | M] () [Auto | Stopped] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-07-13 14:01:18 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010-04-14 22:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxeacoms.exe -- (lxea_device)
SRV - [2010-04-14 22:45:14 | 000,193,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV - [2009-10-27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009-07-22 18:54:14 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2009-07-22 18:53:44 | 002,736,128 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2008-09-03 10:11:01 | 001,023,488 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\Comodo\BackUp\CmdBkSvc.exe -- (ComodoBackupService)
SRV - [2007-09-14 05:01:56 | 000,492,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2007-09-14 03:55:26 | 000,427,288 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007-08-09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007-01-05 00:13:54 | 000,240,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2004-08-03 04:33:14 | 000,036,864 | ---- | M] (Panasonic Communications Co., Ltd.) [Auto | Running] -- C:\Program Files\Panasonic\LocalCom\LMSRVNT.EXE -- (Panasonic Local Printer Service)
SRV - [2004-02-24 15:15:58 | 000,069,632 | ---- | M] (Panasonic) [Auto | Running] -- C:\Program Files\Panasonic\TrapMonitor\Trapmnnt.exe -- (Panasonic Trap Monitor Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\jetwe.sys -- (eqlqe)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2013-09-16 22:06:41 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013-09-15 00:13:12 | 000,022,056 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\EEK\Run\a2ddax86.sys -- (A2DDA)
DRV - [2013-09-15 00:13:06 | 000,050,200 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\EEK\Run\cleanhlp32.sys -- (cleanhlp)
DRV - [2013-02-18 13:59:44 | 000,452,816 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2013-02-18 13:59:44 | 000,283,600 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_Vim.sys -- (Uim_Vim)
DRV - [2013-02-18 13:59:44 | 000,081,232 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2011-08-17 10:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011-08-17 10:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011-08-17 10:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011-08-17 10:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008-12-15 12:15:44 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2008-12-15 12:15:44 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008-12-15 12:15:40 | 000,129,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2008-12-15 12:15:36 | 000,368,736 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006-12-06 01:39:11 | 001,963,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2006-03-24 19:14:00 | 000,033,536 | R--- | M] (Advanced Card Systems Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a38usb.sys -- (ACSSCR)
DRV - [2005-09-22 10:34:18 | 003,727,680 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004-05-17 22:04:16 | 000,041,984 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2004-04-13 14:14:12 | 000,070,144 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2003-06-02 21:10:42 | 000,101,884 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kmm4xusb.sys -- (KMM4xUSB)
DRV - [2000-11-25 09:38:48 | 000,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\KMM4XNT.SYS -- (Kmm4xNT)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-57989841-1532298954-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-57989841-1532298954-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-57989841-1532298954-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.wp.pl/?homepage&bv=1 [binary data]
IE - HKU\S-1-5-21-57989841-1532298954-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-57989841-1532298954-682003330-1003\..\SearchScopes,DefaultScope = {7F4CE310-7DB0-41D6-AA7C-A3C54819379E}
IE - HKU\S-1-5-21-57989841-1532298954-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-57989841-1532298954-682003330-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-57989841-1532298954-682003330-1003\..\SearchScopes\{7F4CE310-7DB0-41D6-AA7C-A3C54819379E}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNA_en
IE - HKU\S-1-5-21-57989841-1532298954-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
[2011-01-23 12:45:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Klient Vobis\Dane aplikacji\Mozilla\Extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U35 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Klient Vobis\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Klient Vobis\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Klient Vobis\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Klient Vobis\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Klient Vobis\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2004-08-04 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-21-57989841-1532298954-682003330-1003\..\Toolbar\WebBrowser: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()
O4 - HKLM..\Run: [Lexmark S300-S400 Series Fax Server] C:\Program Files\Lexmark S300-S400 Series\fm3032.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [lxeamon.exe] C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe (VIA Technologies)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-57989841-1532298954-682003330-1003..\Run: [Google Update] Reg Error: Value error. File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 6885 = C:\Documents and Settings\All Users\Local Settings\Temp\msfwdxj.scr
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-57989841-1532298954-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-57989841-1532298954-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-57989841-1532298954-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-57989841-1532298954-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O15 - HKU\S-1-5-21-57989841-1532298954-682003330-1003\..Trusted Domains: onet.pl ([bezpieczenstwo] http in Trusted sites)
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} http://67.15.101.33/g_bin/pl/cards_2_0_0_77.cab (GameDesire Card Games)
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab (DLM Control)
O16 - DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} http://static.s2g.gate5.de/ovi_maps/OviMaps_4.0.12.12.cab (Ovi maps browser plugin)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://www.mapa.lodz.pl/VIEWERS/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} http://67.15.101.33/g_bin/pl/poker_2_0_0_49.cab (GameDesire Poker Games)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A41} https://www.pekaobiznes24.pl/components/1,3,0,82/SignActivXPEKAO.cab (SignActivX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} http://67.15.101.3/g_bin/pl/billard8_2_0_0_34.cab (GameDesire Pool 8)
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} http://67.15.101.3/g_bin/pl/snooker_2_0_0_30.cab (GameDesire Snooker)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.63.133.4 194.63.132.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F7DD4F1-008E-44E8-A17E-52E0AD4AD631}: DhcpNameServer = 194.63.133.4 194.63.132.4
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-06-13 16:20:43 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006-03-10 12:59:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008-04-14 17:50:36 | 000,000,000 | ---D | M] - C:\Automap -- [ NTFS ]
O32 - AutoRun File - [2004-08-04 14:00:00 | 000,000,112 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{b0df063d-b028-11da-a534-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{b0df063d-b028-11da-a534-806d6172696f}\Shell\AutoRun\command - "" = D:\SETUP.EXE -- [2004-08-04 14:00:00 | 002,584,576 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-09-16 22:06:41 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013-09-16 17:33:31 | 000,000,000 | ---D | C] -- C:\Avenger
[2013-09-15 21:00:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2013-09-15 19:23:24 | 000,000,000 | ---D | C] -- C:\EEK
[2013-09-15 19:22:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\HitmanPro
[2013-09-15 19:22:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klient Vobis\Ustawienia lokalne\Dane aplikacji\NPE
[2013-09-15 19:22:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton
[2013-09-15 18:56:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klient Vobis\Doctor Web
[2013-09-15 10:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Macromedia
[2013-09-15 10:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe
[2013-09-15 10:02:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Local Settings
[3 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-09-16 22:25:03 | 000,000,476 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{95F7CFC2-7F8E-4410-817A-653CFB723D68}.job
[2013-09-16 22:06:41 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013-09-16 22:06:18 | 000,017,145 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013-09-16 22:06:13 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-09-16 22:06:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-09-16 22:05:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-09-16 22:05:37 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2013-09-16 18:33:51 | 000,001,926 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013-09-16 18:25:12 | 000,275,181 | ---- | M] () -- C:\Documents and Settings\Klient Vobis\Moje dokumenty\WindowsUpdateDiagnostic.diagcab
[2013-09-16 18:01:01 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-09-15 11:03:11 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013-09-14 19:28:22 | 000,000,406 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013-09-12 13:46:22 | 000,351,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-09-12 11:19:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013-09-03 10:03:54 | 000,001,684 | ---- | M] () -- C:\Documents and Settings\Klient Vobis\Moje dokumenty\fundament prasa - blok 3 - układ zbrojenia + technologia 29.08.dsd
[3 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-09-16 18:25:10 | 000,275,181 | ---- | C] () -- C:\Documents and Settings\Klient Vobis\Moje dokumenty\WindowsUpdateDiagnostic.diagcab
[2013-09-16 17:35:01 | 1072,222,208 | -HS- | C] () -- C:\hiberfil.sys
[2013-09-15 10:37:15 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013-09-03 10:03:54 | 000,001,684 | ---- | C] () -- C:\Documents and Settings\Klient Vobis\Moje dokumenty\fundament prasa - blok 3 - układ zbrojenia + technologia 29.08.dsd
[2013-04-22 08:32:48 | 000,000,020 | ---- | C] () -- C:\WINDOWS\groupwar.ini
[2013-01-05 18:14:34 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Klient Vobis\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2012-11-29 14:04:31 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Klient Vobis\intlname.ols
[2011-12-29 09:20:42 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxeavs.dll
[2011-12-29 09:20:32 | 000,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacoin.dll
[2011-12-29 09:20:15 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxeagcfg.dll
[2011-12-29 09:20:13 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxeacuir.dll
[2011-12-29 09:20:12 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxeacui.dll
[2011-12-29 09:18:29 | 004,485,120 | ---- | C] () -- C:\WINDOWS\System32\LXEAoem.dll
[2011-12-29 09:18:29 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\LXEAPMON.DLL
[2011-12-29 09:18:29 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXEAFXPU.DLL
[2011-12-29 09:16:13 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\System32\lxearwrd.ini
[2011-12-29 09:16:02 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\LXEAinst.dll
[2011-12-29 09:16:01 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeainpa.dll
[2011-12-29 09:16:01 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\LXEAhcp.dll
[2011-12-29 09:16:00 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeausb1.dll
[2011-12-29 09:16:00 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaiesc.dll
[2011-12-29 09:15:59 | 001,048,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaserv.dll
[2011-12-29 09:15:58 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeapmui.dll
[2011-12-29 09:15:58 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxealmpm.dll
[2011-12-29 09:15:57 | 000,324,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaih.exe
[2011-12-29 09:15:57 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\lxeains.dll
[2011-12-29 09:15:57 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lxeainsb.dll
[2011-12-29 09:15:57 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxeainsr.dll
[2011-12-29 09:15:57 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\lxeajswr.dll
[2011-12-29 09:15:56 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeahbn3.dll
[2011-12-29 09:15:55 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\lxeacu.dll
[2011-12-29 09:15:55 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxeagrd.dll
[2011-12-29 09:15:55 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\lxeacub.dll
[2011-12-29 09:15:55 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxeacur.dll
[2011-12-29 09:15:54 | 000,598,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacoms.exe
[2011-12-29 09:15:53 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacomm.dll
[2011-12-29 09:15:52 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacomc.dll
[2011-12-29 09:15:51 | 000,373,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacfg.exe
[2011-12-29 09:14:22 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\LXEAsmr.dll
[2011-12-29 09:14:21 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LXEAsm.dll
[2011-02-22 19:19:31 | 000,035,528 | ---- | C] () -- C:\Documents and Settings\Klient Vobis\Menu Start.rar
[2009-02-22 13:28:26 | 006,634,799 | ---- | C] () -- C:\Documents and Settings\Klient Vobis\Grzegorz -sytuacja.tif
[2008-12-12 10:14:54 | 000,000,546 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2008-04-21 09:12:40 | 000,000,546 | RHS- | C] () -- C:\Documents and Settings\Klient Vobis\ntuser.pol
[2008-04-07 15:08:26 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Klient Vobis\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-10-26 16:16:47 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Klient Vobis\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2006-10-26 16:14:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-10-16 03:02:54 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 19:20:57 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2008-12-15 12:15:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Acronis
[2012-03-26 11:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk
[2013-04-07 19:23:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\backup
[2013-04-07 19:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\explauncher
[2008-06-11 17:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\G DATA
[2013-09-15 19:22:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\HitmanPro
[2013-04-07 19:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\launcher
[2012-02-29 10:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Lexmark S300-S400 Series
[2012-03-20 16:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MSScanAppDataDir
[2011-11-11 13:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2011-11-11 13:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache
[2011-11-11 13:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-01-07 17:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Puzzle
[2011-12-29 09:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\S300-S400 Series
[2012-04-15 20:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SSScanAppDataDir
[2010-04-05 16:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2012-03-26 11:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klient Vobis\Dane aplikacji\Autodesk
[2007-03-16 16:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klient Vobis\Dane aplikacji\GanymedeNet
[2011-04-09 13:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klient Vobis\Dane aplikacji\GHISLER
[2006-10-03 21:05:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klient Vobis\Dane aplikacji\Image Zone Express
[2011-11-11 13:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klient Vobis\Dane aplikacji\Nokia
[2011-11-11 13:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klient Vobis\Dane aplikacji\Nokia Ovi Suite
[2008-08-14 13:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klient Vobis\Dane aplikacji\Panasonic
[2011-11-11 14:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klient Vobis\Dane aplikacji\PC Suite
[2011-12-29 10:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klient Vobis\Dane aplikacji\S300-S400 Series
[2009-01-12 09:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klient Vobis\Dane aplikacji\System2000
[2007-12-06 16:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klient Vobis\Dane aplikacji\Tlen.pl
[2008-12-15 12:17:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Acronis
[2008-08-14 13:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Panasonic
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:7E95B6FD

< End of report >