[code] OTS logfile created on: 2011-04-21 05:17:48 - Run 1 OTS by OldTimer - Version 3.1.42.0 Folder = C:\Documents and Settings\Cap\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): F:\pagefile.sys 3072 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 20,50 Gb Total Space | 2,69 Gb Free Space | 13,11% Space Free | Partition Type: FAT32 Drive D: | 20,50 Gb Total Space | 5,22 Gb Free Space | 25,46% Space Free | Partition Type: FAT32 Drive E: | 30,27 Gb Total Space | 0,29 Gb Free Space | 0,95% Space Free | Partition Type: NTFS Drive F: | 3,23 Gb Total Space | 0,23 Gb Free Space | 7,23% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded Drive I: | 10,25 Gb Total Space | 0,17 Gb Free Space | 1,68% Space Free | Partition Type: FAT32 Drive J: | 10,26 Gb Total Space | 1,79 Gb Free Space | 17,48% Space Free | Partition Type: NTFS Drive K: | 27,15 Gb Total Space | 1,12 Gb Free Space | 4,14% Space Free | Partition Type: NTFS Drive L: | 26,89 Gb Total Space | 0,36 Gb Free Space | 1,33% Space Free | Partition Type: NTFS Computer Name: CAPULLA Current User Name: Cap Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] fk4lhqxt.exe -> C:\Documents and Settings\Cap\Pulpit\fk4lhqxt.exe -> [2011-04-21 04:54:30 | 000,301,568 | ---- | M] () ots.exe -> C:\Documents and Settings\Cap\Pulpit\OTS.exe -> [2011-04-21 03:57:40 | 000,645,632 | ---- | M] (OldTimer Tools) csrs.exe -> C:\Documents and Settings\All Users\csrs.exe -> [2011-04-19 09:31:54 | 000,339,968 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) winloqon.exe -> C:\Documents and Settings\All Users\winloqon.exe -> [2011-04-19 09:31:54 | 000,331,776 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) avgtray.exe -> C:\Program Files\AVG\AVG9\avgtray.exe -> [2011-03-15 08:15:20 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) avgcsrvx.exe -> C:\Program Files\AVG\AVG9\avgcsrvx.exe -> [2010-11-25 09:18:38 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) avgnsx.exe -> C:\Program Files\AVG\AVG9\avgnsx.exe -> [2010-09-23 18:50:14 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) avgchsvx.exe -> C:\Program Files\AVG\AVG9\avgchsvx.exe -> [2010-07-24 18:31:30 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) avgemc.exe -> C:\Program Files\AVG\AVG9\avgemc.exe -> [2010-07-24 18:31:30 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) avgrsx.exe -> C:\Program Files\AVG\AVG9\avgrsx.exe -> [2010-07-24 18:31:30 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) avgwdsvc.exe -> C:\Program Files\AVG\AVG9\avgwdsvc.exe -> [2010-07-24 18:31:30 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) airliveui.exe -> C:\Program Files\Ovislink\Common\AirLiveUI.exe -> [2009-09-09 14:37:04 | 001,748,992 | ---- | M] (Ovislink Corp.) winamp.exe -> C:\Program Files\Winamp\winamp.exe -> [2009-07-01 18:38:40 | 001,481,056 | ---- | M] (Nullsoft) ralinkregistrywriter.exe -> C:\Program Files\Ovislink\Common\RalinkRegistryWriter.exe -> [2008-07-10 09:33:38 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) explorer.exe -> C:\WINDOWS\explorer.exe -> [2008-04-14 22:51:18 | 001,542,144 | ---- | M] (Microsoft Corporation) sview.exe -> C:\Program Files\SensorsView\sview.exe -> [2006-01-07 02:12:20 | 000,965,632 | ---- | M] (STV Software) tablet.exe -> C:\WINDOWS\system32\Tablet.exe -> [2005-12-05 22:00:44 | 000,753,664 | ---- | M] (Wacom Technology, Corp.) tabuserw.exe -> C:\WINDOWS\system32\WTablet\TabUserW.exe -> [2005-12-05 21:59:02 | 000,114,688 | ---- | M] (Wacom Technology, Corp.) hpzipm12.exe -> C:\WINDOWS\system32\HPZipm12.exe -> [2004-09-29 12:14:36 | 000,069,632 | ---- | M] (HP) gg.exe -> I:\Program Files\Gadu-Gadu\gg.exe -> [2004-09-06 13:09:10 | 000,765,952 | ---- | M] (sms-express.com) eebsvc.exe -> C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -> [2003-12-05 16:21:48 | 000,073,728 | ---- | M] () soundman.exe -> C:\WINDOWS\SOUNDMAN.EXE -> [2003-10-08 11:41:10 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) [Modules - Safe List] ots.exe -> C:\Documents and Settings\Cap\Pulpit\OTS.exe -> [2011-04-21 03:57:40 | 000,645,632 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll -> [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) ggwhook.dll -> I:\Program Files\Gadu-Gadu\ggwhook.dll -> [2000-07-07 18:42:56 | 000,032,768 | ---- | M] () [Win32 Services - Safe List] (FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2011-03-30 17:29:14 | 001,045,256 | ---- | M] (Acresso Software Inc.) (KMService) KMService [Auto | Stopped] -> C:\WINDOWS\system32\srvany.exe -> [2011-02-01 19:02:50 | 000,008,192 | ---- | M] () (avg9emc) AVG Free E-mail Scanner [Auto | Running] -> C:\Program Files\AVG\AVG9\avgemc.exe -> [2010-07-24 18:31:30 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) (avg9wd) AVG Free WatchDog [Auto | Running] -> C:\Program Files\AVG\AVG9\avgwdsvc.exe -> [2010-07-24 18:31:30 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) (Microsoft SharePoint Workspace Audit Service) Microsoft SharePoint Workspace Audit Service [On_Demand | Stopped] -> C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -> [2010-03-25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) (SwitchBoard) Adobe SwitchBoard [On_Demand | Stopped] -> C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -> [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) (Autodesk Licensing Service) Autodesk Licensing Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -> [2009-12-14 00:41:08 | 000,085,096 | ---- | M] (Autodesk) (RalinkRegistryWriter) Ralink Registry Writer [Auto | Running] -> C:\Program Files\Ovislink\Common\RalinkRegistryWriter.exe -> [2008-07-10 09:33:38 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) (TabletService) TabletService [Auto | Running] -> C:\WINDOWS\system32\Tablet.exe -> [2005-12-05 22:00:44 | 000,753,664 | ---- | M] (Wacom Technology, Corp.) (Pml Driver HPZ12) Pml Driver HPZ12 [Auto | Running] -> C:\WINDOWS\system32\HPZipm12.exe -> [2004-09-29 12:14:36 | 000,069,632 | ---- | M] (HP) (EpsonBidirectionalService) EpsonBidirectionalService [Auto | Running] -> C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -> [2003-12-05 16:21:48 | 000,073,728 | ---- | M] () [Driver Services - Safe List] (AvgTdiX) AVG Free Network Redirector [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\avgtdix.sys -> [2010-07-24 18:31:44 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgLdx86) AVG Free AVI Loader Driver x86 [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\avgldx86.sys -> [2010-07-24 18:31:34 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgMfx86) AVG Free On-access Scanner Minifilter Driver x86 [File_System | System | Running] -> C:\WINDOWS\system32\drivers\avgmfx86.sys -> [2010-07-24 18:31:34 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) (Haspnt) Haspnt [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\Haspnt.sys -> [2010-05-20 20:52:44 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) (gmer) gmer [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\gmer.sys -> [2010-04-05 14:06:00 | 000,085,969 | ---- | M] (GMER) (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ati2mtag.sys -> [2010-02-11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) (RT61) Ovislink WT-2000PCI Wireless Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\rt61.sys -> [2009-09-07 22:19:10 | 000,504,320 | ---- | M] (Ralink Technology, Corp.) (gameenum) Licznik portów gier [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\gameenum.sys -> [2008-04-14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) (WIBUKEY) WIBU-KEY Kernel Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\WibuKey.sys -> [2007-07-31 11:00:00 | 000,072,704 | ---- | M] (WIBU-SYSTEMS AG) (hardlock) hardlock [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\hardlock.sys -> [2006-11-22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) (SysTool) SysTool Overclocking Utility [Kernel | System | Stopped] -> C:\WINDOWS\system32\drivers\SysTool.sys -> [2006-11-10 15:08:50 | 000,024,064 | ---- | M] () (ATITool) ATITool Overclocking Utility [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\ATITool.sys -> [2006-11-10 14:08:50 | 000,024,064 | ---- | M] () (PenClass) Pen Class [Kernel | Boot | Running] -> C:\WINDOWS\system32\Drivers\PenClass.sys -> [2005-11-29 22:50:42 | 000,008,138 | ---- | M] (Wacom Technology Corporation) (ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ALCXWDM.SYS -> [2003-10-09 12:52:08 | 000,475,788 | ---- | M] (Realtek Semiconductor Corp.) (ALCXSENS) Service for WDM 3D Audio Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ALCXSENS.SYS -> [2003-10-04 06:25:26 | 000,391,552 | ---- | M] (Sensaura Ltd) (NVENET) NVIDIA nForce MCP Networking Controller Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\NVENET.sys -> [2002-11-27 13:52:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) (nvidesm) nvidesm [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\nvidesm.sys -> [2002-11-13 09:10:00 | 000,020,224 | R--- | M] (NVIDIA Corporation) (nv_agp) NVIDIA nForce AGP Bus Filter [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\nv_agp.sys -> [2002-09-06 05:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) (ms_mpu401) Sterownik portu MIDI UART Microsoft MPU-401 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\msmpu401.sys -> [2001-08-17 22:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) (Sentinel) Sentinel [Kernel | Auto | Running] -> C:\WINDOWS\System32\Drivers\SENTINEL.SYS -> [2001-06-21 21:39:02 | 000,073,728 | ---- | M] (Rainbow Technologies, Inc.) (Sntnlusb) Rainbow USB SuperPro [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -> [2001-06-21 21:39:02 | 000,020,032 | R--- | M] (Rainbow Technologies Inc.) (DS1410D) DS1410D [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\ds1410d.sys -> [1998-07-10 04:31:00 | 000,007,328 | ---- | M] () (giveio) giveio [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\giveio.sys -> [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\] > -> -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\: Main\\"Start Page" -> http://www.qooqlle.com/ -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\: SearchURL\\"provider" -> -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\: "ProxyOverride" -> *.local -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\extensions -> -> < FireFox Extensions [User Folders] > -> < HOSTS File > ([2011-04-17 19:42:10 | 000,007,548 | ---- | M] - 246 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> First 25 entries... Reset Hosts 0.0.0.0 kropka.onet.pl reklama.onet.pl 0.0.0.0 onet.hit.gemius.pl 0.0.0.0 onet.hit.stat.pl 0.0.0.0 googleads.g.doubleclick.net 0.0.0.0 domains.googlesyndication.com 0.0.0.0 pagead.googlesyndication.com 0.0.0.0 pagead2.googlesyndication.com 0.0.0.0 google-analytics.com www.google-analytics.com 0.0.0.0 adservices.google.com 0.0.0.0 video-stats.video.google.com 0.0.0.0 4.afs.googleadservices.com 0.0.0.0 feedads.googleadservices.com 0.0.0.0 imageads.googleadservices.com 0.0.0.0 pagead2.googleadservices.com 0.0.0.0 partner.googleadservices.com 0.0.0.0 www.googleadservices.com 0.0.0.0 apps5.oingo.com 0.0.0.0 www.appliedsemantics.com 0.0.0.0 service.urchin.com 0.0.0.0 pajacyk.pl www.pajacyk.pl 0.0.0.0 adstat.4u.pl ad.stat.4u.pl stat.4u.pl 4u.pl 0.0.0.0 adsearch.adkontekst.pl 0.0.0.0 ads.businessclick.pl 0.0.0.0 crv.clickad.pl < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG9\avgssie.dll [AVG Safe Search] -> [2010-11-25 09:19:36 | 001,623,392 | ---- | M] (AVG Technologies CZ, s.r.o.) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove GFS Browser Helper] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) {B4F3A835-0E21-4959-BA22-42B3008E02FF} [HKLM] -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [Office Document Cache Handler] -> [2010-02-28 02:20:14 | 000,561,552 | ---- | M] (Microsoft Corporation) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "AdobeAAMUpdater-1.0" -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe ["C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"] -> [2010-03-06 03:44:40 | 000,500,208 | ---- | M] (Adobe Systems Incorporated) "AdobeCS5ServiceManager" -> C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe ["C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin] -> [2010-02-22 04:57:06 | 000,406,992 | ---- | M] (Adobe Systems Incorporated) "AVG9_TRAY" -> C:\Program Files\AVG\AVG9\avgtray.exe [C:\PROGRA~1\AVG\AVG9\avgtray.exe] -> [2011-03-15 08:15:20 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) "csrs" -> C:\Documents and Settings\All Users\csrs.exe [%ALLUSERSPROFILE%\csrs.exe] -> [2011-04-19 09:31:54 | 000,339,968 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) "SensorsView" -> C:\Program Files\SensorsView\sview.exe [C:\Program Files\SensorsView\sview.exe] -> [2006-01-07 02:12:20 | 000,965,632 | ---- | M] (STV Software) "SoundMan" -> C:\WINDOWS\SOUNDMAN.EXE [SOUNDMAN.EXE] -> [2003-10-08 11:41:10 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) "StartCCC" -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2010-02-10 23:32:54 | 000,061,440 | ---- | M] (Advanced Micro Devices, Inc.) "svhost" -> C:\Program Files\Common Files\svhost.exe [%COMMONPROGRAMFILES%\svhost.exe] -> [2011-04-19 09:31:54 | 006,855,168 | RHS- | M] () "SwitchBoard" -> C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe] -> [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) "winloqon" -> C:\Documents and Settings\All Users\winloqon.exe [%ALLUSERSPROFILE%\winloqon.exe] -> [2011-04-19 09:31:54 | 000,331,776 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) < Run [HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Gadu-Gadu" -> I:\Program Files\Gadu-Gadu\gg.exe ["I:\Program Files\Gadu-Gadu\gg.exe" /tray] -> [2004-09-06 13:09:10 | 000,765,952 | ---- | M] (sms-express.com) "HDD Observer" -> [C:\Program Files\HDD Observer\HDD Observer.exe] -> File not found "SPECTRAN XControl" -> [C:\Program Files\Aaronia AG\LCS Spectrum Analyzer\xcontrol.exe /defaults] -> File not found < Default User Startup Folder > -> C:\Documents and Settings\Default User\Menu Start\Programy\Autostart -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Start\Programy\Autostart -> C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\AirLive 802.11G Wireless Utility.lnk -> C:\Program Files\Ovislink\Common\AirLiveUI.exe -> [2009-09-09 14:37:04 | 001,748,992 | ---- | M] (Ovislink Corp.) C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TabUserW.exe.lnk -> C:\WINDOWS\system32\WTablet\TabUserW.exe -> [2005-12-05 21:59:02 | 000,114,688 | ---- | M] (Wacom Technology, Corp.) C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\EPSON Status Monitor 3 Environment Check(2).lnk -> C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE -> [2002-06-10 05:01:00 | 000,131,584 | ---- | M] (SEIKO EPSON CORPORATION) < Cap Startup Folder > -> C:\Documents and Settings\Cap\Menu Start\Programy\Autostart -> < Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003] > -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003] > -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\Software\Microsoft\Internet Explorer\MenuExt\ -> E&ksportuj do programu Microsoft Excel -> C:\Program Files\Microsoft Office\Office14\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000] -> [2010-03-13 14:53:52 | 020,753,760 | ---- | M] (Microsoft Corporation) Wyślij &do programu OneNote -> C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll [res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105] -> [2010-02-28 04:41:04 | 000,643,472 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll [Button: Wyślij do programu OneNote] -> [2010-02-28 04:41:04 | 000,643,472 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll [Menu: Wyślij &do programu OneNote] -> [2010-02-28 04:41:04 | 000,643,472 | ---- | M] (Microsoft Corporation) {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}:Exec [HKLM] -> C:\Program Files\PokerStars\PokerStarsUpdate.exe [Button: PokerStars] -> [2011-02-07 01:27:04 | 000,562,968 | ---- | M] (PokerStars) {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}:{FFFDC614-B694-4AE6-AB38-5D6374584B52} [HKLM] -> C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll [Button: &Notatki połączone programu OneNote] -> [2010-02-28 04:41:04 | 000,496,528 | ---- | M] (Microsoft Corporation) {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}:{FFFDC614-B694-4AE6-AB38-5D6374584B52} [HKLM] -> C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll [Menu: &Notatki połączone programu OneNote] -> [2010-02-28 04:41:04 | 000,496,528 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found CmdMapping\\"{2670000A-7350-4f3c-8081-5663EE0C6C49}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll [Wyślij do programu OneNote] -> [2010-02-28 04:41:04 | 000,643,472 | ---- | M] (Microsoft Corporation) CmdMapping\\"{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}" [HKLM] -> C:\Program Files\PokerStars\PokerStarsUpdate.exe [PokerStars] -> [2011-02-07 01:27:04 | 000,562,968 | ---- | M] (PokerStars) CmdMapping\\"{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll [&Notatki połączone programu OneNote] -> [2010-02-28 04:41:04 | 000,496,528 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Galeria Microsoft ActiveX -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {33564D57-0000-0010-8000-00AA00389B71} [HKLM] -> http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB [Reg Error: Key error.] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] -> {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {4366ADA0-8880-4833-B353-C6A24771D1D2}\\NameServer -> 87.204.204.204,62.233.233.233 (AirLive WT-2000PCI) -> {476250FB-2FF2-4AD1-9EAA-89750CC7CA80}\\NameServer -> 62.233.233.233,87.204.204.204 (AirLive WT-2000PCI) -> {7A755E13-1EEE-42A7-8381-4457E8548D86}\\NameServer -> 62.233.233.233,87.204.204.204 (NVIDIA nForce MCP Networking Controller) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\WINDOWS\explorer.exe -> [2008-04-14 22:51:18 | 001,542,144 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> AtiExtEvent -> C:\WINDOWS\System32\ati2evxx.dll -> [2010-02-11 05:35:10 | 000,155,648 | ---- | M] (ATI Technologies Inc.) avgrsstarter -> C:\WINDOWS\System32\avgrsstx.dll -> [2010-07-24 18:31:44 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove GFS Stub Execution Hook] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Documents and Settings\Cap\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe" -> C:\Documents and Settings\Cap\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe [C:\Documents and Settings\Cap\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome] -> [2011-04-13 02:51:04 | 001,004,088 | ---- | M] (Google Inc.) "C:\Program Files\AVG\AVG9\avgemc.exe" -> C:\Program Files\AVG\AVG9\avgemc.exe [C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe] -> [2010-07-24 18:31:30 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgnsx.exe" -> C:\Program Files\AVG\AVG9\avgnsx.exe [C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe] -> [2010-09-23 18:50:14 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgupd.exe" -> C:\Program Files\AVG\AVG9\avgupd.exe [C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe] -> [2011-03-15 08:13:04 | 001,053,536 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\Gadu-Gadu 10\gg.exe" -> C:\Program Files\Gadu-Gadu 10\gg.exe [C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10] -> [2010-12-16 06:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) "C:\Program Files\Graphisoft\ArchiCAD 11\ArchiCAD.exe" -> C:\Program Files\Graphisoft\ArchiCAD 11\ArchiCAD.exe [C:\Program Files\Graphisoft\ArchiCAD 11\ArchiCAD.exe:*:Enabled:ArchiCAD 11.0.0 Component] -> [2007-12-25 15:01:52 | 023,007,744 | ---- | M] (Graphisoft R&D) "C:\Program Files\Microsoft Office\Office14\groove.exe" -> C:\Program Files\Microsoft Office\Office14\groove.exe [C:\Program Files\Microsoft Office\Office14\groove.exe:*:Enabled:Microsoft SharePoint Workspace] -> [2010-03-25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" -> C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE [C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote] -> [2010-03-30 08:29:14 | 001,676,128 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" -> C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> [2010-03-23 10:57:48 | 015,889,248 | ---- | M] (Microsoft Corporation) "C:\Program Files\Opera\opera.exe" -> C:\Program Files\Opera\opera.exe [C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser] -> [2011-04-20 17:22:44 | 000,941,936 | ---- | M] (Opera Software) "C:\Program Files\StarCraft II Beta\StarCraft II.exe" -> [C:\Program Files\StarCraft II Beta\StarCraft II.exe:*:Enabled:Blizzard Launcher] -> File not found "C:\Program Files\StarCraft II Beta\Versions\Base13891\SC2.exe" -> [C:\Program Files\StarCraft II Beta\Versions\Base13891\SC2.exe:*:Enabled:StarCraft II] -> File not found "C:\Program Files\StarCraft II Beta\Versions\Base14593\SC2.exe" -> [C:\Program Files\StarCraft II Beta\Versions\Base14593\SC2.exe:*:Enabled:StarCraft II] -> File not found "C:\Program Files\StarCraft II Beta\Versions\Base14621\SC2.exe" -> [C:\Program Files\StarCraft II Beta\Versions\Base14621\SC2.exe:*:Enabled:StarCraft II] -> File not found "C:\Program Files\uTorrent\uTorrent.exe" -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> [2011-03-30 15:18:34 | 000,399,736 | ---- | M] (BitTorrent, Inc.) "C:\WINDOWS\System32\mmc.exe" -> C:\WINDOWS\System32\mmc.exe [C:\WINDOWS\System32\mmc.exe:*:Enabled:Microsoft Management Console] -> [2008-04-14 22:51:26 | 001,463,808 | ---- | M] (Microsoft Corporation) "D:\Gry\Warcraft III\Frozen Throne.exe" -> D:\Gry\Warcraft III\Frozen Throne.exe [D:\Gry\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne] -> [2010-08-13 16:12:54 | 000,274,432 | ---- | M] (Blizzard Entertainment) "D:\Gry\Warcraft III\Warcraft III.exe" -> D:\Gry\Warcraft III\Warcraft III.exe [D:\Gry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III] -> [2010-08-13 16:12:54 | 000,274,432 | ---- | M] (Blizzard Entertainment) "D:\programy\Autodesk Maya 2008\bin\maya.exe" -> [D:\programy\Autodesk Maya 2008\bin\maya.exe:*:Enabled:Maya] -> File not found "E:\programy\Autodesk\Backburner\manager.exe" -> E:\programy\Autodesk\Backburner\manager.exe [E:\programy\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager] -> [2010-03-03 11:02:36 | 000,851,968 | ---- | M] (Autodesk, Inc.) "E:\programy\Autodesk\Backburner\monitor.exe" -> E:\programy\Autodesk\Backburner\monitor.exe [E:\programy\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor] -> [2010-03-03 11:02:36 | 000,581,632 | ---- | M] (Autodesk, Inc.) "E:\programy\Autodesk\Backburner\server.exe" -> E:\programy\Autodesk\Backburner\server.exe [E:\programy\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server] -> [2010-03-03 11:02:36 | 000,282,624 | ---- | M] (Autodesk, Inc.) "I:\Program Files\Gadu-Gadu\gg.exe" -> I:\Program Files\Gadu-Gadu\gg.exe [I:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny] -> [2004-09-06 13:09:10 | 000,765,952 | ---- | M] (sms-express.com) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Sterownik stacji dysków CD-ROM -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ FAT32 ] -> [2009-08-30 15:01:56 | 000,000,000 | ---- | M] () I:\AUTOEXEC.BAT [] -> I:\AUTOEXEC.BAT [ FAT32 ] -> [2004-07-29 04:16:18 | 000,000,000 | ---- | M] () K:\Autorun.exe [MZ | ] -> K:\Autorun.exe [ NTFS ] -> [2009-09-17 10:27:34 | 000,365,920 | ---- | M] (Diskeeper Corporation) < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{2b3daf58-2134-11e0-936f-004f6a080c1f} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b3daf58-2134-11e0-936f-004f6a080c1f}\Shell\AutoRun\command \{2b3daf58-2134-11e0-936f-004f6a080c1f}\Shell\AutoRun\command\\"" -> [N:\shakalito\\\pepehoseluis.exe] -> File not found \{2b3daf58-2134-11e0-936f-004f6a080c1f} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b3daf58-2134-11e0-936f-004f6a080c1f}\Shell\explore\command \{2b3daf58-2134-11e0-936f-004f6a080c1f}\Shell\explore\command\\"" -> [N:\shakalito\\\pepehoseluis.exe] -> File not found \{2b3daf58-2134-11e0-936f-004f6a080c1f} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b3daf58-2134-11e0-936f-004f6a080c1f}\Shell\Install\command \{2b3daf58-2134-11e0-936f-004f6a080c1f}\Shell\Install\command\\"" -> [N:\shakalito\\\pepehoseluis.exe] -> File not found \{2b3daf58-2134-11e0-936f-004f6a080c1f} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b3daf58-2134-11e0-936f-004f6a080c1f}\Shell\open\command \{2b3daf58-2134-11e0-936f-004f6a080c1f}\Shell\open\command\\"" -> [N:\shakalito\\\pepehoseluis.exe] -> File not found \{dd1e9eec-956e-11de-964e-806d6172696f} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd1e9eec-956e-11de-964e-806d6172696f}\Shell \{dd1e9eec-956e-11de-964e-806d6172696f}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd1e9eec-956e-11de-964e-806d6172696f}\Shell\AutoRun\command \{dd1e9eec-956e-11de-964e-806d6172696f}\Shell\AutoRun\command\\"" -> [H:\AUTORUN\AUTORUN.EXE] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {0819317B-2050-3C86-2570-4B18E63AA9FB} [HKLM] -> Reg Error: Key error. [(default): Renderowanie grafiki wektorowej (VML); IsInstalled: 1] -> File not found {0BD467DA-DC57-939E-35DB-C79B0E81C537} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer; IsInstalled: 1] -> File not found {10072CEC-8CC1-11D1-986E-00A0C955B42F} [HKLM] -> Reg Error: Key error. [(default): Renderowanie grafiki wektorowej (VML); IsInstalled: 01 00 00 00 [binary data]] -> File not found {1C471AE2-5579-8AB6-FA66-18AF1BC74631} [HKLM] -> Reg Error: Key error. [(default): Dostosowywanie przeglądarki; IsInstalled: 1] -> File not found {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} [StubPath] -> [ComponentID: NetShow; IsInstalled: 1] -> {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> [(default): Microsoft Windows Media Player 6.4; IsInstalled: 1] -> {283807B5-2C60-11D0-A31D-00AA00B92C03} [HKLM] -> C:\WINDOWS\system32\danim.dll [(default): DirectAnimation; IsInstalled: 1] -> [2008-04-14 22:50:22 | 001,055,744 | ---- | M] (Microsoft Corporation) {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [StubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {36f8ec70-c29a-11d1-b5c7-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Powiązania danych dynamicznego HTML dla języka Java; IsInstalled: 1] -> File not found {3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Pakiet przeglądania w trybie offline; IsInstalled: 1] -> File not found {3bf42070-b3b1-11d1-b5c5-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Uniscribe; IsInstalled: 1] -> File not found {3DAB6E3B-641E-F798-C9F5-8D5B3574ED65} [HKLM] -> Reg Error: Key error. [ComponentID: NetShow; IsInstalled: 1] -> File not found {4278c270-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Autorstwo zaawansowane; IsInstalled: 1] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [StubPath] -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [(default): Microsoft Outlook Express 6; IsInstalled: 1] -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [(default): NetMeeting 3.01; IsInstalled: 01 00 00 00 [binary data]] -> {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(default): DirectShow; IsInstalled: 1] -> File not found {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Pomoc programu Internet Explorer; IsInstalled: 1] -> File not found {4f216970-c90c-11d1-b5c7-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Klasy Java DirectAnimation; IsInstalled: 1] -> File not found {4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found {5945c046-1e7d-11d1-bc44-00c04fd912be} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [(default): Windows Messenger 4.7; IsInstalled: 1] -> {5A8D6EE0-3E18-11D0-821E-444553540000} [HKLM] -> Reg Error: Key error. [ComponentID: ICW; IsInstalled: 1] -> File not found {5AF71003-1797-4D93-9F37-4F2125CBF539} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Narzędzia Instalatora programu Internet Explorer; IsInstalled: 1] -> File not found {6B9285F6-30B7-8C32-DD26-500B5DDDEED4} [HKLM] -> Reg Error: Key error. [(default): Renderowanie grafiki wektorowej (VML); IsInstalled: 1] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [StubPath] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Dostęp do witryny MSN; IsInstalled: 1] -> File not found {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {73fa19d0-2d75-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Web Folders; IsInstalled: 1] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [StubPath] -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [(default): Książka adresowa 6; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4340} [StubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Aktualizacja pulpitu Windows; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [StubPath] -> %SystemRoot%\system32\ie4uinit.exe [(default): Internet Explorer 6; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [StubPath] -> C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Powiązania danych dynamicznego HTML; IsInstalled: 1] -> File not found {B70B2638-8E6C-20F9-465F-0138DEF0B416} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Media Player; IsInstalled: 1] -> File not found {BBF310C5-09F6-7161-2DD3-44C423F83C31} [HKLM] -> Reg Error: Key error. [(default): Renderowanie grafiki wektorowej (VML); IsInstalled: 1] -> File not found {C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Podstawowe czcionki programu Internet Explorer; IsInstalled: 1] -> File not found {CC2A9BA0-3BDD-11D0-821E-444553540000} [HKLM] -> Reg Error: Key error. [(default): Harmonogram zadań; IsInstalled: 1] -> File not found {CDD7975E-60F8-41d5-8149-19E51D6F71D0} [HKLM] -> Reg Error: Key error. [ComponentID: Windows Movie Maker v2.1; IsInstalled: 01 00 00 00 [binary data]] -> File not found {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx [(default): Macromedia Shockwave Flash; IsInstalled: 1] -> [2006-06-22 13:44:22 | 002,201,224 | R--- | M] (Adobe Systems, Inc.) {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Pomoc HTML; IsInstalled: 1] -> File not found {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 01 00 00 00 [binary data]] -> File not found >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> C:\WINDOWS\inf\unregmp2.exe /ShowWMP [(default): Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [StubPath] -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS [StubPath] -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [(default): Dostosowywanie przeglądarki; IsInstalled: 1] -> >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} [StubPath] -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [(default): Outlook Express; IsInstalled: 1] -> < ActiveX StubPath [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < ActiveX StubPath [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < ActiveX StubPath [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < ActiveX StubPath [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < ActiveX StubPath [HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA842-CC51-11CF-AAFA-00AA00B6015B} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {5945c046-1e7d-11d1-bc44-00c04fd912be} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4383} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{26923b43-4d38-484f-9b9e-de460746276c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found InitiallyClear [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> ACDSee11.exe -> C:\Program Files\ACD Systems\ACDSee\11.0\ACDSee11.exe [C:\Program Files\ACD Systems\ACDSee\11.0\ACDSee11.exe] -> [2008-12-05 17:51:18 | 016,754,000 | ---- | M] (ACD Systems) ACDSeeQV11.exe -> C:\Program Files\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe [C:\Program Files\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe] -> [2008-08-29 00:52:10 | 000,771,408 | ---- | M] (ACD Systems) ACDSeeSR.exe -> C:\Program Files\ACD Systems\ACDSee\11.0\ACDSeeSR.exe [C:\Program Files\ACD Systems\ACDSee\11.0\ACDSeeSR.exe] -> [2008-08-29 15:34:16 | 000,607,568 | ---- | M] (ACD Systems) AcroRd32.exe -> C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe [C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe] -> [2011-01-31 09:44:46 | 000,353,712 | ---- | M] (Adobe Systems Incorporated) AVGSE.DLL -> C:\Program Files\AVG\AVG9\avgse.dll [C:\PROGRA~1\AVG\AVG9\avgse.dll] -> [2010-07-24 18:31:30 | 000,125,280 | ---- | M] (AVG Technologies CZ, s.r.o.) bckgzm.exe -> C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe [C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe] -> [2001-10-26 17:29:48 | 000,042,577 | ---- | M] (Microsoft Corporation) bridge.exe -> C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe [C:\Program Files\Adobe\Adobe Bridge CS5\bridge.exe] -> [2010-05-28 03:06:42 | 011,996,616 | ---- | M] (Adobe Systems, Inc.) chkrzm.exe -> C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe [C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe] -> [2001-10-26 17:29:48 | 000,042,575 | ---- | M] (Microsoft Corporation) chrome.exe -> C:\Documents and Settings\Cap\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe [C:\Documents and Settings\Cap\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe] -> [2011-04-13 02:51:04 | 001,004,088 | ---- | M] (Google Inc.) cmmgr32.exe -> [C:\WINDOWS\system32\cmmgr32.exe] -> File not found combofix.exe -> [C:\Documents and Settings\Cap\Pulpit\ComboFix.exe] -> File not found CONF.EXE -> C:\Program Files\NetMeeting\conf.exe [C:\Program Files\NetMeeting\conf.exe] -> [2008-04-14 22:51:10 | 001,036,288 | ---- | M] (Microsoft Corporation) DevDetect.exe -> C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe [C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe] -> [2008-08-29 14:48:18 | 000,435,536 | ---- | M] (ACD Systems) dialer.exe -> C:\Program Files\Windows NT\dialer.exe [C:\Program Files\Windows NT\dialer.exe] -> [2008-04-14 22:51:12 | 000,545,792 | ---- | M] (Microsoft Corporation) excel.exe -> C:\Program Files\Microsoft Office\Office14\EXCEL.EXE [C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE] -> [2010-03-13 14:53:52 | 020,753,760 | ---- | M] (Microsoft Corporation) findkey.exe -> [findkey.exe] -> File not found GROOVE.EXE -> C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [C:\PROGRA~1\MICROS~2\Office14\GROOVE.EXE] -> [2010-03-25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) gsview32.exe -> C:\Program Files\Ghostgum\gsview\gsview32.exe [C:\Program Files\Ghostgum\gsview\gsview32.exe] -> [2007-11-18 19:00:12 | 000,557,056 | ---- | M] () hrtzzm.exe -> C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe [C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe] -> [2001-10-26 17:29:54 | 000,042,573 | ---- | M] (Microsoft Corporation) HydraVisio -> [C:\Program Files\ATI Technologie\HydraVisio\HydraVisio] -> File not found hypertrm.exe -> C:\Program Files\Windows NT\hypertrm.exe ["C:\Program Files\Windows NT\hypertrm.exe"] -> [2001-10-26 17:29:54 | 000,030,208 | ---- | M] (Hilgraeve, Inc.) Illustrator.exe -> C:\Program Files\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe [C:\Program Files\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe] -> [2010-03-27 05:01:26 | 014,090,688 | ---- | M] (Adobe Systems Inc.) infopath.exe -> C:\Program Files\Microsoft Office\Office14\INFOPATH.EXE [C:\PROGRA~1\MICROS~2\Office14\INFOPATH.EXE] -> [2010-03-30 08:36:04 | 001,734,000 | ---- | M] (Microsoft Corporation) install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found javaws.exe -> C:\Program Files\Java\jre6\bin\javaws.exe [C:\Program Files\Java\jre6\bin\javaws.exe] -> [2011-02-02 21:40:40 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) Mathcad.exe -> C:\Program Files\Mathcad\Mathcad 14\mathcad.exe [C:\Program Files\Mathcad\Mathcad 14\mathcad.exe] -> [2007-03-09 20:18:12 | 001,335,296 | ---- | M] (Parametric Technology Corporation.) mbam.exe -> C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe] -> [2010-12-20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) migwiz.exe -> C:\WINDOWS\system32\usmt\migwiz.exe [%SystemRoot%\system32\usmt\migwiz.exe] -> [2008-04-14 22:51:24 | 000,980,480 | ---- | M] (Microsoft Corporation) moviemk.exe -> C:\Program Files\Movie Maker\moviemk.exe [C:\Program Files\Movie Maker\moviemk.exe] -> [2008-04-14 22:51:28 | 003,558,912 | ---- | M] (Microsoft Corporation) MSACCESS.EXE -> C:\Program Files\Microsoft Office\Office14\MSACCESS.EXE [C:\PROGRA~1\MICROS~2\Office14\MSACCESS.EXE] -> [2010-03-01 05:09:14 | 013,988,704 | ---- | M] (Microsoft Corporation) msimn.exe -> C:\Program Files\Outlook Express\msimn.exe [%ProgramFiles%\Outlook Express\msimn.exe] -> [2008-04-14 22:51:30 | 000,124,928 | ---- | M] (Microsoft Corporation) MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found MSPUB.EXE -> C:\Program Files\Microsoft Office\Office14\MSPUB.EXE [C:\PROGRA~1\MICROS~2\Office14\MSPUB.EXE] -> [2010-03-01 04:56:34 | 010,272,104 | ---- | M] (Microsoft Corporation) ois.exe -> C:\Program Files\Microsoft Office\Office14\OIS.EXE [C:\PROGRA~1\MICROS~2\Office14\OIS.EXE] -> [2010-02-28 02:21:28 | 000,274,280 | ---- | M] (Microsoft Corporation) OneNote.exe -> C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE [C:\PROGRA~1\MICROS~2\Office14\ONENOTE.EXE] -> [2010-03-30 08:29:14 | 001,676,128 | ---- | M] (Microsoft Corporation) OUTLOOK.EXE -> C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE [C:\PROGRA~1\MICROS~2\Office14\OUTLOOK.EXE] -> [2010-03-23 10:57:48 | 015,889,248 | ---- | M] (Microsoft Corporation) pbrush.exe -> C:\WINDOWS\system32\mspaint.exe [%SystemRoot%\system32\mspaint.exe] -> [2008-04-14 22:51:32 | 000,431,616 | ---- | M] (Microsoft Corporation) Photoshop.exe -> C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe [C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe] -> [2010-06-25 19:36:14 | 035,492,816 | ---- | M] (Adobe Systems, Incorporated) PictureViewer.exe -> C:\Program Files\QuickTime\PictureViewer.exe [C:\Program Files\QuickTime\PictureViewer.exe] -> [2010-03-18 22:16:06 | 000,557,056 | ---- | M] (Apple Inc.) pinball.exe -> C:\Program Files\Windows NT\Pinball\pinball.exe [C:\Program Files\Windows NT\Pinball\pinball.exe] -> [2008-04-14 22:51:36 | 000,283,136 | ---- | M] (Cinematronics) powerpnt.exe -> C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE [C:\PROGRA~1\MICROS~2\Office14\POWERPNT.EXE] -> [2010-03-09 09:57:40 | 002,162,024 | ---- | M] (Microsoft Corporation) QuickTimePlayer.exe -> C:\Program Files\QuickTime\QuickTimePlayer.exe [C:\Program Files\QuickTime\QuickTimePlayer.exe] -> [2010-03-18 23:50:08 | 001,230,128 | ---- | M] (Apple Inc.) rvsezm.exe -> C:\Program Files\MSN Gaming Zone\Windows\Rvsezm.exe [C:\Program Files\MSN Gaming Zone\Windows\rvsezm.exe] -> [2001-10-26 17:30:02 | 000,042,574 | ---- | M] (Microsoft Corporation) setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found shvlzm.exe -> C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe [C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe] -> [2001-10-26 17:30:02 | 000,042,573 | ---- | M] (Microsoft Corporation) soundman.exe -> C:\WINDOWS\SOUNDMAN.EXE [C:\WINDOWS\soundman.exe] -> [2003-10-08 11:41:10 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) Sync.exe -> C:\Program Files\Common Files\ACD Systems\EN\Sync.exe [C:\Program Files\Common Files\ACD Systems\EN\Sync.exe] -> [2008-08-20 15:39:02 | 000,374,096 | ---- | M] ( ACD Systems, Ltd.) table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found vsta.exe -> C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\vsta.exe [C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\vsta.exe] -> [2009-06-03 21:13:40 | 000,218,440 | ---- | M] (Microsoft Corporation) wab.exe -> C:\Program Files\Outlook Express\wab.exe [%ProgramFiles%\Outlook Express\wab.exe] -> [2008-04-14 22:51:48 | 000,072,192 | ---- | M] (Microsoft Corporation) wabmig.exe -> C:\Program Files\Outlook Express\wabmig.exe [%ProgramFiles%\Outlook Express\wabmig.exe] -> [2008-04-14 22:51:48 | 000,030,208 | ---- | M] (Microsoft Corporation) winamp.exe -> C:\Program Files\Winamp\winamp.exe [C:\Program Files\Winamp\winamp.exe] -> [2009-07-01 18:38:40 | 001,481,056 | ---- | M] (Nullsoft) winnt32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2006-09-17 12:23:34 | 000,923,136 | ---- | M] () Winword.exe -> C:\Program Files\Microsoft Office\Office14\WINWORD.EXE [C:\PROGRA~1\MICROS~2\Office14\WINWORD.EXE] -> [2010-03-27 08:38:44 | 001,422,168 | ---- | M] (Microsoft Corporation) WORDPAD.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2008-04-14 22:51:52 | 000,217,088 | ---- | M] (Microsoft Corporation) WRITE.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2008-04-14 22:51:52 | 000,217,088 | ---- | M] (Microsoft Corporation) yourapp.Exe -> [C:\Program Files\GLOBEtrotter Software Inc.\GLOBEtrotter FLEXid Drivers\yourapp.Exe] -> File not found < Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> "{00020000-0000-1011-8004-0000C06B5161}" [HKLM] -> C:\Program Files\WIBU-SYSTEMS\System\WibuShellExt.dll [WIBU-SYSTEMS Shell Extension] -> [2007-07-31 11:00:00 | 000,532,480 | ---- | M] (WIBU-SYSTEMS AG) "{00020D75-0000-0000-C000-000000000046}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\MLSHEXT.DLL [Microsoft Outlook Desktop Icon Handler] -> [2010-03-22 21:30:04 | 000,020,864 | ---- | M] (Microsoft Corporation) "{0006F045-0000-0000-C000-000000000046}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL [Microsoft Outlook Custom Icon Handler] -> [2010-03-22 21:29:56 | 000,254,848 | ---- | M] (Microsoft Corporation) "{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL [Microsoft OneNote Namespace Extension for Windows Desktop Search] -> [2010-03-30 08:29:14 | 001,177,968 | ---- | M] (Microsoft Corporation) "{0DF44EAA-FF21-4412-828E-260A8728E7F1}" [HKLM] -> [Pasek zadań i menu Start] -> File not found "{16F3DD56-1AF5-4347-846D-7C10C4192619}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove Explorer Icon Overlay 3 (GFS Folder)] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}" [HKLM] -> C:\Program Files\Common Files\System\Ole DB\oledb32.dll [Microsoft Data Link] -> [2008-04-14 22:50:46 | 000,487,424 | ---- | M] (Microsoft Corporation) "{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove GFS Explorer Bar] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) "{32714800-2E5F-11d0-8B85-00AA0044F941}" [HKLM] -> C:\Program Files\Outlook Express\wabfind.dll [&Do osób...] -> [2008-04-14 22:50:58 | 000,035,328 | ---- | M] (Microsoft Corporation) "{36A21736-36C2-4C11-8ACB-D4136F2B57BD}" [HKLM] -> C:\WINDOWS\system32\AcSignIcon.dll [Uchwyt nakładania ikony podpisu cyfrowego] -> [2007-02-12 07:12:30 | 000,044,648 | ---- | M] (Autodesk, Inc.) "{387E725D-DC16-4D76-B310-2C93ED4752A0}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove XML Icon Handler] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) "{3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove Namespace Extension] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) "{42042206-2D85-11D3-8CFF-005004838597}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL [Microsoft Office HTML Icon Handler] -> [2010-01-09 21:21:18 | 000,061,824 | ---- | M] (Microsoft Corporation) "{42071714-76d4-11d1-8b24-00a0c9068ff3}" [HKLM] -> [Rozszerzenie CPL kadrowania wyświetlania] -> File not found "{506F4668-F13E-4AA1-BB04-B43203AB3CC0}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\VISSHE.DLL [{506F4668-F13E-4AA1-BB04-B43203AB3CC0}] -> [2010-03-13 00:04:04 | 000,900,464 | ---- | M] (Microsoft Corporation) "{5800AD5B-72C1-477B-9A08-CA112DF06D97}" [HKLM] -> C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [AutoCAD DWG InfoTip Handler] -> [2007-02-12 07:06:42 | 000,103,016 | ---- | M] (Autodesk) "{5E2121EE-0300-11D4-8D3B-444553540000}" [HKLM] -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [Catalyst Context Menu extension] -> [2010-02-10 23:34:22 | 000,704,512 | ---- | M] (Advanced Micro Devices, Inc.) "{68A8A9F3-874D-4483-9DFB-55EC4740D48D}" [HKLM] -> C:\Program Files\ifu Hamburg\e!Sankey 2.5\ifuShellExtender.dll [SxExtractImageUMF] -> [2010-02-26 11:10:00 | 000,748,032 | ---- | M] (ifu Hamburg GmbH, Germany) "{6C467336-8281-4E60-8204-430CED96822D}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove GFS Context Menu Handler] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove GFS Browser Helper] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) "{764BF0E1-F219-11ce-972D-00AA00A14F56}" [HKLM] -> Reg Error: Key error. [Rozszerzenia powłoki dla kompresji plików] -> File not found "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}" [HKLM] -> Reg Error: Key error. [Menu kontekstowe szyfrowania] -> File not found "{88895560-9AA2-1069-930E-00AA0030EBC8}" [HKLM] -> C:\WINDOWS\system32\hticons.dll [Rozszerzenie ikony HyperTerminalu] -> [2001-10-26 17:29:30 | 000,046,592 | ---- | M] (Hilgraeve, Inc.) "{8A0BC933-7552-42E2-A228-3BE055777227}" [HKLM] -> C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [AutoCAD DWG Column Handler] -> [2007-02-12 07:06:42 | 000,103,016 | ---- | M] (Autodesk) "{920E6DB1-9907-4370-B3A0-BAFC03D81399}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) "{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}" [HKLM] -> Reg Error: Key error. [PowerISO] -> File not found "{99FD978C-D287-4F50-827F-B2C658EDA8E7}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" [HKLM] -> C:\Program Files\AVG\AVG9\avgse.dll [AVG Shell Extension] -> [2010-07-24 18:31:30 | 000,125,280 | ---- | M] (AVG Technologies CZ, s.r.o.) "{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" [HKLM] -> Reg Error: Key error. [AVG Find Extension] -> File not found "{A449600E-1DC6-4232-B948-9BD794D62056}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove GFS Stub Icon Handler] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) "{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove Explorer Icon Overlay 2 (GFS Stub)] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) "{AC1DB655-4F9A-4c39-8AD2-A65324A4C446}" [HKLM] -> C:\Program Files\Common Files\Autodesk Shared\Thumbnail\AcThumbnail16.dll [Autodesk Drawing Preview] -> [2007-02-12 07:12:44 | 000,020,072 | ---- | M] (Autodesk, Inc.) "{ADC46291-D8A1-4486-A24C-86FFB392AEFA}" [HKLM] -> C:\Program Files\Common Files\Autodesk Shared\AcDgnCOM17.dll [Autodesk Dgn File Preview] -> [2007-02-12 07:13:10 | 000,019,560 | ---- | M] (Autodesk) "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" [HKLM] -> C:\Program Files\WinRAR\RarExt.dll [WinRAR shell extension] -> [2006-09-14 00:20:24 | 000,126,464 | ---- | M] () "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove GFS Stub Execution Hook] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) "{D66DC78C-4F61-447F-942B-3FB6980118CF}" [HKLM] -> C:\Program Files\Microsoft Office\Office14\VISSHE.DLL [{D66DC78C-4F61-447F-942B-3FB6980118CF}] -> [2010-03-13 00:04:04 | 000,900,464 | ---- | M] (Microsoft Corporation) "{D96D6ED6-84C0-4886-953A-A0D208EB5A31}" [HKLM] -> C:\Program Files\ifu Hamburg\e!Sankey 2.5\ifuShellExtender.dll [SxExtractImageSankey] -> [2010-02-26 11:10:00 | 000,748,032 | ---- | M] (ifu Hamburg GmbH, Germany) < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ -> 0 -> [Key] -> 0 -> FriendlyName = Moja bieżąca strona główna -> 0 -> Source = About:Home -> 0 -> SubscribedURL = About:Home -> < Desktop WallPaper > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General -> WallPaper -> C:\Documents and Settings\Cap\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp -> BackupWallPaper -> C:\Documents and Settings\Cap\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp -> < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "msacm.ac3acm" -> C:\WINDOWS\System32\ac3acm.acm [ac3acm.acm] -> [2007-09-21 02:52:46 | 000,118,784 | ---- | M] (fccHandler) "msacm.iac2" -> C:\WINDOWS\system32\iac25_32.ax [C:\WINDOWS\system32\iac25_32.ax] -> [2008-04-14 22:51:54 | 000,199,680 | ---- | M] (Intel Corporation) "msacm.l3acm" -> C:\WINDOWS\system32\l3codeca.acm [C:\WINDOWS\system32\l3codeca.acm] -> [2002-04-03 14:37:40 | 000,290,816 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.lameacm" -> C:\WINDOWS\System32\lameACM.acm [lameACM.acm] -> [2008-09-24 20:41:12 | 000,839,680 | ---- | M] (http://www.mp3dev.org/) "msacm.sl_anet" -> C:\WINDOWS\System32\sl_anet.acm [sl_anet.acm] -> [2008-04-14 22:47:58 | 000,086,016 | ---- | M] (Sipro Lab Telecom Inc.) "msacm.trspch" -> C:\WINDOWS\System32\tssoft32.acm [tssoft32.acm] -> [2001-10-26 15:29:12 | 000,008,192 | ---- | M] (DSP GROUP, INC.) "SENTINEL" -> C:\WINDOWS\System32\SNTI386.DLL [snti386.dll] -> [2001-06-21 21:39:02 | 000,049,664 | ---- | M] (Rainbow Technologies, Inc.) "VIDC.ACDV" -> [ACDV.dll] -> File not found "vidc.cvid" -> C:\WINDOWS\System32\iccvid.dll [iccvid.dll] -> [2008-04-14 22:50:34 | 000,080,384 | ---- | M] (Radius Inc.) "vidc.iv31" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2001-10-26 15:29:32 | 000,199,168 | ---- | M] () "vidc.iv32" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2001-10-26 15:29:32 | 000,199,168 | ---- | M] () "vidc.iv41" -> C:\WINDOWS\System32\ir41_32.ax [ir41_32.ax] -> [2008-04-14 22:51:54 | 000,848,384 | ---- | M] (Intel Corporation) "vidc.iv50" -> C:\WINDOWS\System32\ir50_32.dll [ir50_32.dll] -> [2008-04-14 22:50:34 | 000,755,200 | ---- | M] (Intel Corporation) "VIDC.WMV3" -> C:\WINDOWS\System32\wmv9vcm.dll [wmv9vcm.dll] -> [2003-06-23 02:44:36 | 001,415,680 | ---- | M] (Microsoft Corporation) "VIDC.XVID" -> C:\WINDOWS\System32\xvidvfw.dll [xvidvfw.dll] -> [2009-05-29 23:37:40 | 000,205,824 | ---- | M] () "VIDC.YV12" -> C:\WINDOWS\System32\yv12vfw.dll [yv12vfw.dll] -> [2004-01-25 18:18:44 | 000,217,088 | ---- | M] (www.helixcommunity.org) < Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\Program Files\Microsoft Office\Office14\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2010-01-09 21:35:46 | 000,195,936 | ---- | M] () {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010-03-18 23:50:08 | 000,800,048 | ---- | M] (Apple Inc.) {0D012ABD-CEED-11D2-9C76-00105AA73033} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3760D689-C63B-4422-9A1D-31CA856CD5C1} [HKLM] -> C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.4.dll [GGClass Class] -> [2010-12-16 06:19:28 | 000,406,112 | ---- | M] (GG Network S.A.) {3FD37ABB-F90A-4DE5-AA38-179629E64C2F} [HKLM] -> C:\Program Files\Microsoft Office\Office14\OWSSUPP.DLL [SharePoint Spreadsheet Launcher] -> [2010-03-24 20:22:38 | 000,134,536 | ---- | M] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010-03-18 23:50:08 | 000,800,048 | ---- | M] (Apple Inc.) {56A58823-AE99-11D5-B90B-0050DACD1F75} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2011-02-02 21:40:28 | 000,108,320 | ---- | M] (Sun Microsystems, Inc.) {62B4D041-4667-40B6-BB50-4BC0A5043A73} [HKLM] -> C:\Program Files\Microsoft Office\Office14\OWSSUPP.DLL [SharePoint Export Database Launcher] -> [2010-03-24 20:22:38 | 000,134,536 | ---- | M] (Microsoft Corporation) {65BCBEE4-7728-41A0-97BE-14E1CAE36AAE} [HKLM] -> C:\Program Files\Microsoft Office\Office14\STSLIST.DLL [Microsoft Office List 14.0] -> [2010-03-01 05:07:08 | 002,831,768 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8075731E-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\Program Files\Microsoft Office\Office14\INLAUNCH.DLL [SharepointOpenXMLDocuments] -> [2010-02-28 02:13:36 | 000,403,832 | ---- | M] (Microsoft Corporation) {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_24.dll [Java Plug-in 1.6.0_24] -> [2011-02-02 21:40:34 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.) {9203C2CB-1DC1-482D-967E-597AFF270F0D} [HKLM] -> C:\Program Files\Microsoft Office\Office14\OWSSUPP.DLL [SharePoint OpenDocuments Class] -> [2010-03-24 20:22:38 | 000,134,536 | ---- | M] (Microsoft Corporation) {9F9C4924-C3F3-4459-A396-9E9E0D8B83D1} [HKLM] -> Reg Error: Key error. [SharePoint OpenDocuments Class] -> File not found {BDEADE98-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office14\OWSCLT.DLL [OWS Post Data] -> [2010-03-24 20:22:38 | 000,519,552 | ---- | M] (Microsoft Corporation) {BDEADE9E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office14\OWSCLT.DLL [SharePoint Spreadsheet Launcher] -> [2010-03-24 20:22:38 | 000,519,552 | ---- | M] (Microsoft Corporation) {BDEADEDE-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office14\OWSCLT.DLL [OSE Global Class] -> [2010-03-24 20:22:38 | 000,519,552 | ---- | M] (Microsoft Corporation) {BDEADEF2-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [SharePoint OpenDocuments Class] -> File not found {BDEADEF4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [SharePoint Stssync Handler] -> File not found {BDEADEF5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office14\OWSSUPP.DLL [SharePoint Stssync Handler] -> [2010-03-24 20:22:38 | 000,134,536 | ---- | M] (Microsoft Corporation) {C514A18E-862A-45d3-8A5E-62CF54D912B6} [HKLM] -> C:\Program Files\Microsoft Office\Office14\AUTHZAX.DLL [Microsoft Office 14 Authorization Control] -> [2010-01-09 21:41:04 | 000,054,152 | ---- | M] (Microsoft Corporation) {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_24.dll [Java Plug-in 1.6.0_24] -> [2011-02-02 21:40:34 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_24.dll [Java Plug-in 1.6.0_24] -> [2011-02-02 21:40:34 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_24.dll [Java Plug-in 1.6.0_24] -> [2011-02-02 21:40:34 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deployJava1.dll [Deployment Toolkit] -> [2011-02-02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deployJava1.dll [Deployment Toolkit] -> [2011-02-02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [Behavior Object] -> [2010-03-18 23:50:08 | 000,800,048 | ---- | M] (Apple Inc.) {CDEC13B2-0B3C-400E-B909-E27EE89C6799} [HKLM] -> C:\Program Files\Microsoft Office\Office14\STSCOPY.DLL [STSUpld CopyCtl Class] -> [2010-03-24 20:22:38 | 000,094,080 | ---- | M] (Microsoft Corporation) {D9806E4E-82CE-4a75-83D0-A062EC605349} [HKLM] -> C:\Program Files\Microsoft Office\Office14\SOCIALCONNECTOR.DLL [AFContextMenuCtrl Class] -> [2010-03-25 10:23:38 | 001,707,904 | ---- | M] (Microsoft Corporation) {E01D1C6A-4F40-11D3-8958-00105A272DCF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {E18FEC31-2EA1-49A2-A7A6-902DC0D1FF05} [HKLM] -> C:\Program Files\Microsoft Office\Office14\NAME.DLL [NameCtrl Class] -> [2010-03-02 09:51:56 | 000,085,352 | ---- | M] (Microsoft Corporation) {E543A17A-F212-49C0-B63D-BF09B460250E} [HKLM] -> C:\Program Files\Microsoft Office\Office14\oisctrl.dll [OISClientLauncher Class] -> [2010-02-28 02:21:26 | 000,022,920 | ---- | M] (Microsoft Corporation) < Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> {BDD307C3-7BC0-4542-9F8F-A9611FE6C1BF} [HKLM] -> C:\WINDOWS\system32\proctexe.ocx [Additive Surface] -> [2008-04-14 22:47:20 | 000,081,920 | ---- | M] (Intel Corporation) < Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found {2670000A-7350-4F3C-8081-5663EE0C6C49} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3760D689-C63B-4422-9A1D-31CA856CD5C1} [HKLM] -> C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.4.dll [GGClass Class] -> [2010-12-16 06:19:28 | 000,406,112 | ---- | M] (GG Network S.A.) {3AD14F0C-ED16-4E43-B6D8-661B03F6A1EF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG9\avgssie.dll [AVG Safe Search] -> [2010-11-25 09:19:36 | 001,623,392 | ---- | M] (AVG Technologies CZ, s.r.o.) {4536918A-95A8-498F-B542-CB906C561A43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [Groove GFS Browser Helper] -> [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {B4F3A835-0E21-4959-BA22-42B3008E02FF} [HKLM] -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [Office Document Cache Handler] -> [2010-02-28 02:20:14 | 000,561,552 | ---- | M] (Microsoft Corporation) {CC59E0F9-7E43-44FA-9FAA-8377850BF205} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx [Shockwave Flash Object] -> [2006-06-22 13:44:22 | 002,201,224 | R--- | M] (Adobe Systems, Inc.) {E2E2DD38-D088-4134-82B7-F2BA38496583} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {FB5F1910-F110-11D2-BB9E-00C04F795683} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .cpl [@ = cplfile] -> rundll32.exe shell32.dll,Control_RunDLL "%1",%* -> .exe [@ = exefile] -> "%1" %* -> .html [@ = Opera.HTML] -> C:\Program Files\Opera\Opera.exe -> [2011-04-20 17:22:44 | 000,941,936 | ---- | M] (Opera Software) .url [@ = InternetShortcut] -> rundll32.exe shdocvw.dll,OpenURL %l -> .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\SOFTWARE\Classes\\ -> .html [@ = ChromeHTML] -> Reg Error: Key error. -> File not found < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> 6to4 -> -> File not found Ias -> -> File not found Iprip -> -> File not found Irmon -> -> File not found NWCWorkstation -> -> File not found Nwsapagent -> -> File not found WmdmPmSp -> -> File not found *MultiFile Done* -> -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKLM] -> C:\Program Files\AVG\AVG9\avgpp.dll[XPLPPFilter Class] -> [2010-07-24 18:31:32 | 000,091,488 | ---- | M] (AVG Technologies CZ, s.r.o.) < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group PCI Configuration -> Driver Group PEVSystemStart -> Service PNP Filter -> Driver Group Primary disk -> Driver Group procexp90.Sys -> Driver SCSI Class -> Driver Group sermouse.sys -> Driver System Bus Extender -> Driver Group vds -> Service vga.sys -> Driver < SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group NDIS Wrapper -> Driver Group NetBIOSGroup -> Driver Group NetDDEGroup -> Driver Group Network -> Driver Group NetworkProvider -> Driver Group PCI Configuration -> Driver Group PEVSystemStart -> Service PNP Filter -> Driver Group PNP_TDI -> Driver Group Primary disk -> Driver Group procexp90.Sys -> Driver SCSI Class -> Driver Group sermouse.sys -> Driver Streams Drivers -> Driver Group System Bus Extender -> Driver Group TDI -> Driver Group vga.sys -> Driver < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center \\"FirstRunDisabled" -> [1] -> File not found \\"AntiVirusDisableNotify" -> [0] -> File not found \\"FirewallDisableNotify" -> [0] -> File not found \\"UpdatesDisableNotify" -> [0] -> File not found \\"AntiVirusOverride" -> [1] -> File not found \\"FirewallOverride" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> < System Restore User Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore -> "DisableSR" -> 0 -> < System Restore File Filter Service > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr -> "Start" -> 0 -> < System Restore Service > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService -> "Start" -> 2 -> < Windows DomainProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> -> < Windows DomainProfile GloballyOpenPorts Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List \\"139:TCP" -> [139:TCP:*:Enabled:@xpsp2res.dll,-22004] -> File not found \\"445:TCP" -> [445:TCP:*:Enabled:@xpsp2res.dll,-22005] -> File not found \\"137:UDP" -> [137:UDP:*:Enabled:@xpsp2res.dll,-22001] -> File not found \\"138:UDP" -> [138:UDP:*:Enabled:@xpsp2res.dll,-22002] -> File not found \\"1900:UDP" -> [1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007] -> File not found \\"2869:TCP" -> [2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008] -> File not found < Windows StandardProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile \\"EnableFirewall" -> [1] -> File not found \\"DoNotAllowExceptions" -> [0] -> File not found \\"DisableNotifications" -> [0] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> < Windows StandardProfile GloballyOpenPorts Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List \\"1900:UDP" -> [1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007] -> File not found \\"2869:TCP" -> [2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008] -> File not found \\"139:TCP" -> [139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004] -> File not found \\"445:TCP" -> [445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005] -> File not found \\"137:UDP" -> [137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001] -> File not found \\"138:UDP" -> [138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002] -> File not found < Session Manager Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager -> *BootExecute* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\BootExecute -> autocheck autochk * -> -> File not found *MultiFile Done* -> -> "ExcludeFromKnownDlls" -> [binary data] -> *ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> \Windows -> \Windows -> [2009-08-30 14:45:38 | 000,000,000 | ---D | M] \RPC Control -> -> File not found *MultiFile Done* -> -> < Session Manager Environment Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment -> "ComSpec" -> C:\WINDOWS\system32\cmd.exe -> [2008-04-14 22:51:10 | 000,397,824 | ---- | M] (Microsoft Corporation) "TEMP" -> C:\WINDOWS\Temp -> [2009-08-30 14:45:38 | 000,000,000 | ---D | M] "TMP" -> C:\WINDOWS\Temp -> [2009-08-30 14:45:38 | 000,000,000 | ---D | M] "windir" -> C:\WINDOWS -> [2009-08-30 14:45:38 | 000,000,000 | ---D | M] *Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32 -> C:\WINDOWS\system32 -> [2009-08-30 14:45:38 | 000,000,000 | ---D | M] %SystemRoot% -> C:\WINDOWS -> [2009-08-30 14:45:38 | 000,000,000 | ---D | M] %SystemRoot%\System32\Wbem -> C:\WINDOWS\system32\wbem -> [2009-08-30 14:45:38 | 000,000,000 | ---D | M] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static -> [2010-03-11 22:23:58 | 000,000,000 | ---D | M] C:\Program Files\QuickTime\QTSystem\ -> C:\Program Files\QuickTime\QTSystem\ -> [2010-08-16 22:30:44 | 000,000,000 | ---D | M] E:\programy\Autodesk\Backburner\ -> E:\programy\Autodesk\Backburner\ -> [2011-03-30 17:48:03 | 000,000,000 | ---D | M] *MultiFile Done* -> -> *PATHEXT* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\PATHEXT -> .COM -> -> File not found .EXE -> -> File not found .BAT -> -> File not found .CMD -> -> File not found .VBS -> -> File not found .VBE -> -> File not found .JS -> -> File not found .JSE -> -> File not found .WSF -> -> File not found .WSH -> -> File not found *MultiFile Done* -> -> < Session Manager FileRenameOperations Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations -> < Session Manager KnownDlls Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls -> "advapi32" -> C:\WINDOWS\System32\advapi32.dll -> [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) "comdlg32" -> C:\WINDOWS\System32\comdlg32.dll -> [2008-04-14 22:50:14 | 000,333,824 | ---- | M] (Microsoft Corporation) "DllDirectory" -> C:\WINDOWS\system32 -> [2009-08-30 14:45:38 | 000,000,000 | ---D | M] "gdi32" -> C:\WINDOWS\System32\gdi32.dll -> [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) "imagehlp" -> C:\WINDOWS\System32\imagehlp.dll -> [2008-04-14 22:50:34 | 000,144,384 | ---- | M] (Microsoft Corporation) "kernel32" -> C:\WINDOWS\System32\kernel32.dll -> [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) "lz32" -> C:\WINDOWS\System32\lz32.dll -> [2001-10-26 15:27:00 | 000,002,560 | ---- | M] (Microsoft Corporation) "ole32" -> C:\WINDOWS\System32\ole32.dll -> [2008-04-14 22:50:46 | 001,312,256 | ---- | M] (Microsoft Corporation) "oleaut32" -> C:\WINDOWS\System32\oleaut32.dll -> [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) "olecli32" -> C:\WINDOWS\System32\olecli32.dll -> [2008-04-14 22:50:46 | 000,075,264 | ---- | M] (Microsoft Corporation) "olecnv32" -> C:\WINDOWS\System32\olecnv32.dll -> [2008-04-14 22:50:46 | 000,037,376 | ---- | M] (Microsoft Corporation) "olesvr32" -> C:\WINDOWS\System32\olesvr32.dll -> [2001-10-26 15:29:40 | 000,022,016 | ---- | M] (Microsoft Corporation) "olethk32" -> C:\WINDOWS\System32\olethk32.dll -> [2001-10-26 15:29:40 | 000,069,120 | ---- | M] (Microsoft Corporation) "rpcrt4" -> C:\WINDOWS\System32\rpcrt4.dll -> [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) "shell32" -> C:\WINDOWS\System32\shell32.dll -> [2008-04-14 22:50:48 | 015,087,104 | ---- | M] (Microsoft Corporation) "url" -> C:\WINDOWS\System32\url.dll -> [2008-04-14 22:50:58 | 000,071,680 | ---- | M] (Microsoft Corporation) "urlmon" -> C:\WINDOWS\System32\urlmon.dll -> [2008-04-14 22:50:58 | 000,640,512 | ---- | M] (Microsoft Corporation) "user32" -> C:\WINDOWS\System32\user32.dll -> [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) "version" -> C:\WINDOWS\System32\version.dll -> [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) "wininet" -> C:\WINDOWS\System32\wininet.dll -> [2008-04-14 22:50:58 | 000,778,752 | ---- | M] (Microsoft Corporation) "wldap32" -> C:\WINDOWS\System32\wldap32.dll -> [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) < Session Manager SFC Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SFC -> "CommonFilesDir" -> -> File not found "ProgramFilesDir" -> C:\Program Files -> [2009-08-30 15:00:54 | 000,000,000 | R--D | M] < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> cplfile [cplopen] -> rundll32.exe shell32.dll,Control_RunDLL "%1",%* -> exefile [open] -> "%1" %* -> http [open] -> "C:\Program Files\Opera\opera.exe" "%1" -> [2011-04-20 17:22:44 | 000,941,936 | ---- | M] (Opera Software) https [open] -> "C:\Program Files\Opera\opera.exe" "%1" -> [2011-04-20 17:22:44 | 000,941,936 | ---- | M] (Opera Software) InternetShortcut [open] -> rundll32.exe shdocvw.dll,OpenURL %l -> piffile [open] -> "%1" %* -> scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> scrfile [open] -> "%1" /S -> Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [ACDSee 11.0.Browse] -> "C:\Program Files\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" -> [2008-08-29 00:52:10 | 000,771,408 | ---- | M] (ACD Systems) Directory [Bridge] -> C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" -> [2010-05-28 03:06:42 | 011,996,616 | ---- | M] (Adobe Systems, Inc.) Directory [find] -> %SystemRoot%\Explorer.exe -> [2008-04-14 22:51:18 | 001,542,144 | ---- | M] (Microsoft Corporation) Directory [Winamp.Bookmark] -> "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" -> [2009-07-01 18:38:40 | 001,481,056 | ---- | M] (Nullsoft) Directory [Winamp.Enqueue] -> "C:\Program Files\Winamp\winamp.exe" /ADD "%1" -> [2009-07-01 18:38:40 | 001,481,056 | ---- | M] (Nullsoft) Directory [Winamp.Play] -> "C:\Program Files\Winamp\winamp.exe" "%1" -> [2009-07-01 18:38:40 | 001,481,056 | ---- | M] (Nullsoft) Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2008-04-14 22:51:18 | 001,542,144 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2008-04-14 22:51:18 | 001,542,144 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2008-04-14 22:51:18 | 001,542,144 | ---- | M] (Microsoft Corporation) < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> C:\Program Files\Bonjour\mdnsNSP.dll -> [2010-05-18 16:35:14 | 000,152,864 | ---- | M] (Apple Inc.) < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {00060000-0000-1004-8002-0000C06B5161} -> WIBU-KEY Setup (WIBU-KEY Remove) {033E378E-6AD3-4AD5-BDEB-CBD69B31046C} -> Microsoft_VC90_ATL_x86 {03ADC8AB-C130-0C3D-1FF9-2C385DF25689} -> CCC Help Czech {055EE59D-217B-43A7-ABFF-507B966405D8} -> ATI Catalyst Control Center {07021185-008D-ABF9-7716-475AC035F8B3} -> CCC Help Spanish {088B38F9-1102-455B-B139-C0662CD96876}_is1 -> MTG Cropped Card Pics (up to Eventide) {08D2E121-7F6A-43EB-97FD-629B44903403} -> Microsoft_VC90_CRT_x86 {0CB9668D-F979-4F31-B8B8-67FE90F929F8} -> Bonjour {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} -> Adobe Community Help {0DC86BEC-5CE3-413A-BB61-C40A3D186B24} -> Scan {0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25} -> Microsoft_VC80_ATL_x86 {0F8D0406-7755-AC37-6529-73AD649DBE32} -> Catalyst Control Center Graphics Previews Common {15FEDA5F-141C-4127-8D7E-B962D1742728} -> Adobe Photoshop CS5 {1D4AD7F7-943E-4421-B391-826D05516594} -> Grapher 8 {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 {205ACCD7-5342-4694-91F3-3A99E4FD5AA6} -> Mathcad 14 Help {22072CC8-7230-96F8-52F4-05EAF3F906B6} -> CCC Help Polish {2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E} -> CCC Help Chinese Standard {25EF0DC4-B072-2E04-4581-A13C91423CE6} -> CCC Help Portuguese {26A24AE4-039D-4CA4-87B4-2F83216021FF} -> Java(TM) 6 Update 24 {26F7855C-443B-00A6-F7B8-A97A5403F617} -> CCC Help Danish {2CB4A925-48A7-DA65-DCEE-D4DE224B7D84} -> CCC Help English {300578F9-9EFF-4B93-9AB1-C0E5707EF463} -> ACDSee Photo Manager 2009 {306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6} -> Catalyst Control Center Core Implementation {3248F0A8-6813-11D6-A77B-00B0D0160000} -> Java(TM) SE Runtime Environment 6 {32B12FE4-5A51-751A-1FB6-A14E97EBDD5C} -> CCC Help German {350C9415-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP {351512E5-01BD-E878-6F57-AA3E517D9ECE} -> Skins {354A387E-0374-21A3-6832-335674A6D7D1} -> CCC Help French {3C00BEE9-26D0-D9E0-A2D1-62F70D412A12} -> CCC Help Turkish {3D347E6D-5A03-4342-B5BA-6A771885F379} -> Autodesk Backburner 2011.0.0 {3D9892BB-A751-4E48-ADC8-E4289956CE1D} -> QuickTime {3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66} -> HydraVisio {4346F7AA-3D56-0941-424C-4454E04D37F6} -> CCC Help Italian {4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater {4CAE2F2C-75CD-A0DE-7520-449BCBBCC833} -> CCC Help Korean {5469D537-9B44-4c78-BF2D-5F9807564F74} -> HP PSC & OfficeJet 4.7 {5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6} -> VBA (2627.01) {5783F2D7-6001-0415-0002-0060B0CE6BBA} -> AutoCAD 2008 - Polski {57F7F0A5-8F22-8E63-E819-803B5C9CA3A5} -> CCC Help Dutch {5AF71003-1797-4D93-9F37-4F2125CBF539} -> Microsoft .NET Framework 2.0 Language Pack - PLK {5EA437D2-7A57-B60E-E8F2-76BFAC0895A5} -> CCC Help Chinese Traditional {61AF4E75-050E-0304-3417-8BC16417FEB1} -> CCC Help Greek {632005DA-C291-5275-284C-5EE96B05C714} -> Catalyst Control Center HydraVision Full {635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} -> Microsoft_VC90_MFC_x86 {6406E3EA-9777-45B7-A0C0-89741E629352} -> Composite 2011 {655CB07D-C944-40BE-B93F-55957CAC7625} -> AiO_Scan {6C72BE0C-3E25-CACD-0070-2FD9C02ABA14} -> ccc-core-preinstall {702EC1FF-A081-48AE-8363-8D78A0919F86} -> Autodesk DirectConnect 2010 R1 {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} -> Microsoft .NET Framework 2.0 {716E0306-8318-4364-8B8F-0CC4E9376BAC} -> MSXML 4.0 SP2 Parser and SDK {837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable {8777AC6D-89F9-4793-8266-DE406F343E89} -> QFolder {880BB617-914E-17E8-D877-A96BAC5794D2} -> Catalyst Control Center Graphics Full New {8897CF22-DB6C-8248-895C-12BFA2677F51} -> CCC Help Hungarian {8A864555-554E-4DE2-BB36-BC4810355525} -> Autodesk MatchMover 2011 32-bit {8D7133DE-27D2-47E5-B248-4180278D32AA} -> Catalyst Control Center - Branding {90120000-0010-0409-0000-0000000FF1CE} -> Microsoft Software Update for Web Folders (English) 12 {90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007 {90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007 {90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007 {90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007 {90120000-0051-0000-0000-0000000FF1CE} -> Microsoft Office Visio Professional 2007 {90120000-0054-0409-0000-0000000FF1CE} -> Microsoft Office Visio MUI (English) 2007 {90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007 {90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007 {90140000-0010-0415-0000-0000000FF1CE} -> Microsoft Software Update for Web Folders (Polish) 14 {90140000-0011-0000-0000-0000000FF1CE} -> Microsoft Office Professional Plus 2010 {90140000-0015-0415-0000-0000000FF1CE} -> Microsoft Office Access MUI (Polish) 2010 {90140000-0016-0415-0000-0000000FF1CE} -> Microsoft Office Excel MUI (Polish) 2010 {90140000-0018-0415-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (Polish) 2010 {90140000-0019-0415-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (Polish) 2010 {90140000-001A-0415-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (Polish) 2010 {90140000-001B-0415-0000-0000000FF1CE} -> Microsoft Office Word MUI (Polish) 2010 {90140000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2010 {90140000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2010 {90140000-001F-0415-0000-0000000FF1CE} -> Microsoft Office Proof (Polish) 2010 {90140000-002C-0415-0000-0000000FF1CE} -> Microsoft Office Proofing (Polish) 2010 {90140000-0044-0415-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (Polish) 2010 {90140000-006E-0415-0000-0000000FF1CE} -> Microsoft Office Shared MUI (Polish) 2010 {90140000-00A1-0415-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (Polish) 2010 {90140000-00BA-0415-0000-0000000FF1CE} -> Microsoft Office Groove MUI (Polish) 2010 {92D58719-BBC1-4CC3-A08B-56C9E884CC2C} -> Microsoft_VC80_CRT_x86 {95F5A8B5-0E34-45D9-A8DB-C387F71AEF51} -> e!Sankey 2.5 {9A346205-EA92-4406-B1AB-50379DA3F057} -> Autodesk DWF Viewer 7 {9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7} -> Adobe Illustrator CS5 {A2BCA9F1-566C-4805-97D1-7FDC93386723} -> Adobe AIR {A78FE97A-C0C8-49CE-89D0-EDD524A17392} -> PDF Settings CS5 {AC075837-7071-4c07-B9A1-CF5586060FE1} -> Autodesk Maya 2011 English Documentation 32-bit {AC76BA86-7AD7-1033-7B44-A94000000001} -> Adobe Reader 9.4.3 {AE8A1CE1-EFBD-4ED9-9672-A50DB2D944E5} -> Deep Rybka 3 {AEB9948B-4FF2-47C9-990E-47014492A0FE} -> MSXML 6.0 Parser {AF710FDE-2815-8C8D-5281-8004C2654AA6} -> CCC Help Russian {AFF2D965-C6F2-A210-FBF7-532612AA1D23} -> CCC Help Swedish {B21336EE-4AEF-9940-4AC7-EDB89854B8D3} -> CCC Help Thai {BB65C393-C76E-4F06-9B0C-2124AA8AF97B} -> Adobe Flash Player 9 ActiveX {BBA69346-61A1-BD34-E75A-4D81232DB1FE} -> Catalyst Control Center Localization All {BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C} -> CCC Help Japanese {C033BF6E-9D82-4E0B-A46E-ABC746D6F431} -> Autodesk DirectConnect 2.0 {C4609F15-FB3C-D97E-BAA1-4F10815039C2} -> Catalyst Control Center Graphics Full Existing {D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE} -> CCC Help Finnish {D1A19B02-817E-4296-A45B-07853FD74D57} -> Microsoft_VC80_MFC_x86 {D73722C8-3F65-C75B-A631-5D36894DAB92} -> ccc-core-static {D92BBB52-82FF-42ED-8A3C-4E062F944AB7} -> Microsoft_VC80_MFCLOC_x86 {DDAD33B6-8C00-428D-087B-A7088355B9BE} -> Catalyst Control Center Graphics Light {DE3A9DC5-9A5D-6485-9662-347162C7E4CA} -> Adobe Media Player {E333F074-FC7F-596D-3D61-44F0EC28E8C0} -> ccc-utility {E4386119-2C33-4023-9836-783F43A90E3C} -> Autodesk Maya 2011 32-bit {E666A69B-A76D-43D5-AF28-4B2150A6EDE2} -> Mathcad 14 {EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC} -> Mathcad 14 Resource Center {FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A} -> CCC Help Norwegian {FAB1F336-1B7C-4057-A7BC-2922CD82A781} -> AirLive WT-2000PCI {FB08F381-6533-4108-B7DD-039E11FBC27E} -> Realtek AC'97 Audio 001FFFFFFF11FF00FF1801F01F02F000-R1 -> ArchiCAD 11 POL ACDLabs in C__Program_Files_ACDFREE12_ -> ACD/Labs Software in C:\Program Files\ACDFREE12\ Adobe AIR -> Adobe AIR Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin All ATI Software -> Narzędzie Software Uninstall Utility firmy ATI ATI Display Driver -> ATI Display Driver ATITool -> ATITool Overclocking Utility AutoCAD 2008 - Polski -> AutoCAD 2008 - Polski AVG9Uninstall -> AVG Free 9.0 Bullzip PDF Printer_is1 -> Bullzip PDF Printer 7.1.0.1082 CDisplay_is1 -> CDisplay 1.8 chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Adobe Community Help com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Adobe Media Player Digital Editions -> Adobe Digital Editions EPSON Printer and Utilities -> EPSON Printer Software Gadu-Gadu 10 -> Gadu-Gadu 10 GLOBEtrotter FLEXid Drivers -> GLOBEtrotter FLEXid Drivers GPL Ghostscript 8.70 -> GPL Ghostscript 8.70 Grapher 8 -> Grapher 8 GSview 4.9 -> GSview 4.9 HP Photo & Imaging -> HP Image Zone 4.7 KLiteCodecPack_is1 -> K-Lite Codec Pack 5.2.0 (Full) Magic Workstation_is1 -> Magic Workstation 0.94f Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware Microsoft .NET Framework 2.0 -> Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Language Pack - PLK -> Microsoft .NET Framework 2.0 — pakiet języka polskiego MTG GamePack for Magic Workstation_is1 -> MTG GamePack for Magic Workstation MyDefrag v4.2.7_is1 -> MyDefrag v4.2.7 NapiProjekt_is1 -> NapiProjekt 1.0.6.9 NVIDIAnForce -> NVIDIA Windows 2000/XP nForce Drivers Office14.PROPLUS -> Microsoft Office Professional Plus 2010 Opera 11.10.2092 -> Opera 11.10 PokerStars -> PokerStars Rainbow Sentinel Driver -> Sentinel System Driver RAR Password Cracker -> RAR Password Cracker 4.12 RealAlt_is1 -> Real Alternative 2.0.2 RouterStats -Lite_is1 -> RouterStats -Lite version 6.6 SensorsView 1.2 -> SensorsView 1.2 Seven Remix XP -> Seven Remix XP 2.31 Tablet Driver -> Tablet The Sims -> The Sims The Sims Światowe życie -> The Sims Światowe życie uTorrent -> µTorrent VISPRO -> Microsoft Office Visio Professional 2007 Winamp -> Winamp Windows XP Service Pack -> Windows XP Service Pack 3 WinRAR archiver -> Archiwizator WinRAR < Uninstall List [HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1645522239-1979792683-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> Google Chrome -> Google Chrome Warcraft III -> Warcraft III: wszystkie elementy < EventViewer Logs - Last 10 Errors > -> Event Information -> Description OSession [ Error ] 2010-12-11 16:30:12 Computer Name = CAPULLA | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 50 seconds with 0 seconds of active time. This session ended with a crash. OSession [ Error ] 2010-12-17 12:18:57 Computer Name = CAPULLA | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 76 seconds with 60 seconds of active time. This session ended with a crash. OSession [ Error ] 2010-12-20 22:49:03 Computer Name = CAPULLA | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 95 seconds with 60 seconds of active time. This session ended with a crash. OSession [ Error ] 2010-12-20 22:49:48 Computer Name = CAPULLA | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 36 seconds with 0 seconds of active time. This session ended with a crash. System [ Error ] 2011-04-20 21:28:54 Computer Name = CAPULLA | Source = nvidesm | ID = 262153 -> Description = Urządzenie \Device\Scsi\nvidesm1 nie odpowiedziało w ramach ustalonego limitu czasu. System [ Error ] 2011-04-20 21:28:54 Computer Name = CAPULLA | Source = nvidesm | ID = 262153 -> Description = Urządzenie \Device\Scsi\nvidesm1 nie odpowiedziało w ramach ustalonego limitu czasu. [Files/Folders - Created Within 30 Days] FOUND.040 -> C:\FOUND.040 -> [2011-04-21 05:05:30 | 000,000,000 | -HSD | C] OTS.exe -> C:\Documents and Settings\Cap\Pulpit\OTS.exe -> [2011-04-21 03:57:36 | 000,645,632 | ---- | C] (OldTimer Tools) Malwarebytes -> C:\Documents and Settings\Cap\Dane aplikacji\Malwarebytes -> [2011-04-21 03:17:31 | 000,000,000 | ---D | C] mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2011-04-21 03:12:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware -> [2011-04-21 03:12:17 | 000,000,000 | ---D | C] Malwarebytes -> C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes -> [2011-04-21 03:12:16 | 000,000,000 | ---D | C] mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2011-04-21 03:12:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2011-04-21 03:12:13 | 000,000,000 | ---D | C] OTL_3.2.22.3(dobreprogramy.pl).exe -> C:\Documents and Settings\Cap\Pulpit\OTL_3.2.22.3(dobreprogramy.pl).exe -> [2011-04-21 02:08:24 | 000,580,608 | ---- | C] (OldTimer Tools) FOUND.039 -> C:\FOUND.039 -> [2011-04-20 17:18:12 | 000,000,000 | -HSD | C] CF18731.exe -> C:\WINDOWS\System32\CF18731.exe -> [2011-04-20 05:01:47 | 000,397,824 | ---- | C] (Microsoft Corporation) ComboFix -> C:\ComboFix -> [2011-04-20 05:01:47 | 000,000,000 | ---D | C] ERDNT -> C:\WINDOWS\ERDNT -> [2011-04-20 05:00:27 | 000,000,000 | ---D | C] CF18199.exe -> C:\WINDOWS\System32\CF18199.exe -> [2011-04-20 05:00:26 | 000,397,824 | ---- | C] (Microsoft Corporation) Qoobox -> C:\Qoobox -> [2011-04-20 04:59:01 | 000,000,000 | ---D | C] cmd.execf -> C:\WINDOWS\System32\cmd.execf -> [2011-04-20 04:58:54 | 000,397,824 | ---- | C] (Microsoft Corporation) searchplugins -> C:\Documents and Settings\Cap\Ustawienia lokalne\Dane aplikacji\searchplugins -> [2011-04-19 18:35:02 | 000,000,000 | ---D | C] FOUND.038 -> C:\FOUND.038 -> [2011-04-19 18:33:30 | 000,000,000 | -HSD | C] winloqon.exe -> C:\Documents and Settings\All Users\winloqon.exe -> [2011-04-19 09:31:59 | 000,331,776 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) csrs.exe -> C:\Documents and Settings\All Users\csrs.exe -> [2011-04-19 09:31:55 | 000,339,968 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) FOUND.037 -> C:\FOUND.037 -> [2011-04-19 02:57:14 | 000,000,000 | -HSD | C] hjsplit.exe -> C:\Documents and Settings\Cap\Pulpit\hjsplit.exe -> [2011-04-14 23:03:41 | 000,201,728 | ---- | C] (Freebyte.com) FOUND.036 -> C:\FOUND.036 -> [2011-04-13 00:58:06 | 000,000,000 | -HSD | C] FOUND.035 -> C:\FOUND.035 -> [2011-04-11 05:33:40 | 000,000,000 | -HSD | C] FOUND.034 -> C:\FOUND.034 -> [2011-04-09 00:58:16 | 000,000,000 | -HSD | C] FOUND.033 -> C:\FOUND.033 -> [2011-04-02 21:10:26 | 000,000,000 | -HSD | C] wrar393pl.exe -> C:\Documents and Settings\Cap\Pulpit\wrar393pl.exe -> [2011-04-02 16:59:14 | 001,948,841 | ---- | C] ( ) javaws.exe -> C:\WINDOWS\System32\javaws.exe -> [2011-04-01 07:22:37 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) javaw.exe -> C:\WINDOWS\System32\javaw.exe -> [2011-04-01 07:22:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) java.exe -> C:\WINDOWS\System32\java.exe -> [2011-04-01 07:22:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) cab am -> C:\Documents and Settings\Cap\Pulpit\cab am -> [2011-03-31 15:43:11 | 000,000,000 | ---D | C] xf-a2011-32bits -> C:\Documents and Settings\Cap\Pulpit\xf-a2011-32bits -> [2011-03-30 18:21:09 | 000,000,000 | ---D | C] FLEXnet -> C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet -> [2011-03-30 18:16:50 | 000,000,000 | ---D | C] Macrovision Shared -> C:\Program Files\Common Files\Macrovision Shared -> [2011-03-30 17:29:07 | 000,000,000 | ---D | C] en-US -> C:\Program Files\Common Files\en-US -> [2011-03-30 17:28:16 | 000,000,000 | ---D | C] ja-JP -> C:\Program Files\Common Files\ja-JP -> [2011-03-30 17:28:11 | 000,000,000 | ---D | C] historia mody -> C:\Documents and Settings\Cap\Pulpit\historia mody -> [2011-03-24 21:25:15 | 000,000,000 | ---D | C] FOUND.032 -> C:\FOUND.032 -> [2011-03-22 10:58:44 | 000,000,000 | -HSD | C] adlmint_libFNP.dll -> C:\Program Files\Common Files\adlmint_libFNP.dll -> [2009-11-19 21:08:02 | 003,749,224 | ---- | C] (Acresso Software Inc.) adlmint.dll -> C:\Program Files\Common Files\adlmint.dll -> [2009-11-19 21:08:02 | 002,941,288 | ---- | C] (Autodesk, Inc.) 4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> [Files/Folders - Modified Within 30 Days] tablet.dat -> C:\WINDOWS\System32\tablet.dat -> [2011-04-21 05:06:26 | 000,012,925 | ---- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2011-04-21 05:05:40 | 000,002,048 | --S- | M] () fk4lhqxt.exe -> C:\Documents and Settings\Cap\Pulpit\fk4lhqxt.exe -> [2011-04-21 04:54:30 | 000,301,568 | ---- | M] () OTS.exe -> C:\Documents and Settings\Cap\Pulpit\OTS.exe -> [2011-04-21 03:57:40 | 000,645,632 | ---- | M] (OldTimer Tools) Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk -> [2011-04-21 03:12:18 | 000,000,688 | ---- | M] () OTL_3.2.22.3(dobreprogramy.pl).exe -> C:\Documents and Settings\Cap\Pulpit\OTL_3.2.22.3(dobreprogramy.pl).exe -> [2011-04-21 02:08:06 | 000,580,608 | ---- | M] (OldTimer Tools) AdobeAAMUpdater-1.0-CAPULLA-Cap.job -> C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-CAPULLA-Cap.job -> [2011-04-21 02:00:06 | 000,000,338 | ---- | M] () cmd.execf -> C:\WINDOWS\System32\cmd.execf -> [2011-04-20 05:01:38 | 000,397,824 | ---- | M] (Microsoft Corporation) CF18731.exe -> C:\WINDOWS\System32\CF18731.exe -> [2011-04-20 05:01:38 | 000,397,824 | ---- | M] (Microsoft Corporation) CF18199.exe -> C:\WINDOWS\System32\CF18199.exe -> [2011-04-20 04:58:56 | 000,397,824 | ---- | M] (Microsoft Corporation) DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Cap\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011-04-20 03:07:50 | 000,118,784 | ---- | M] () GoogleUpdateTaskUserS-1-5-21-1645522239-1979792683-725345543-1003Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1979792683-725345543-1003Core.job -> [2011-04-19 19:14:02 | 000,001,072 | ---- | M] () Microsoft Word 2010.lnk -> C:\Documents and Settings\Cap\Pulpit\Microsoft Word 2010.lnk -> [2011-04-19 19:05:40 | 000,002,499 | ---- | M] () svhost.exe -> C:\Program Files\Common Files\svhost.exe -> [2011-04-19 09:31:54 | 006,855,168 | RHS- | M] () csrs.exe -> C:\Documents and Settings\All Users\csrs.exe -> [2011-04-19 09:31:54 | 000,339,968 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) winloqon.exe -> C:\Documents and Settings\All Users\winloqon.exe -> [2011-04-19 09:31:54 | 000,331,776 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) grstyles.stl -> C:\Documents and Settings\Cap\Moje dokumenty\grstyles.stl -> [2011-04-19 00:22:12 | 000,000,584 | ---- | M] () LastLab.sk -> C:\Documents and Settings\Cap\Moje dokumenty\LastLab.sk -> [2011-04-19 00:20:40 | 000,000,023 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2011-04-18 17:35:26 | 000,002,206 | ---- | M] () Adobe PNG Format CS5 Prefs -> C:\Documents and Settings\Cap\Dane aplikacji\Adobe PNG Format CS5 Prefs -> [2011-04-12 00:31:20 | 000,000,132 | ---- | M] () settings.dat -> C:\settings.dat -> [2011-04-08 07:35:56 | 000,001,128 | ---- | M] () Lista wniosków ocena formalna_przekazane do merytorycznej_zbiorcze zestawienie.pdf -> C:\Documents and Settings\Cap\Pulpit\Lista wniosków ocena formalna_przekazane do merytorycznej_zbiorcze zestawienie.pdf -> [2011-04-04 00:15:46 | 000,485,469 | ---- | M] () Lista wniosków ocena formalna_odrzucone_zbiorcze zestawienie.pdf -> C:\Documents and Settings\Cap\Pulpit\Lista wniosków ocena formalna_odrzucone_zbiorcze zestawienie.pdf -> [2011-04-04 00:15:46 | 000,294,358 | ---- | M] () wrar393pl.exe -> C:\Documents and Settings\Cap\Pulpit\wrar393pl.exe -> [2011-04-02 16:59:12 | 001,948,841 | ---- | M] ( ) FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2011-03-31 00:56:58 | 004,987,920 | ---- | M] () pd5_a_wozniak_20050415.pdf -> C:\Documents and Settings\Cap\Pulpit\pd5_a_wozniak_20050415.pdf -> [2011-03-30 20:05:24 | 000,117,830 | ---- | M] () Autodesk Maya 2011.lnk -> C:\Documents and Settings\All Users\Pulpit\Autodesk Maya 2011.lnk -> [2011-03-30 17:28:36 | 000,000,694 | ---- | M] () kat102010.pdf -> C:\Documents and Settings\Cap\Pulpit\kat102010.pdf -> [2011-03-29 08:03:42 | 060,281,924 | ---- | M] () Adobe Reader 9.lnk -> C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk -> [2011-03-25 20:13:02 | 000,001,633 | ---- | M] () War3Unin.dat -> C:\WINDOWS\War3Unin.dat -> [2011-03-24 22:17:02 | 000,109,787 | ---- | M] () 4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> [Files - No Company Name] fk4lhqxt.exe -> C:\Documents and Settings\Cap\Pulpit\fk4lhqxt.exe -> [2011-04-21 04:54:28 | 000,301,568 | ---- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk -> [2011-04-21 03:12:17 | 000,000,688 | ---- | C] () svhost.exe -> C:\Program Files\Common Files\svhost.exe -> [2011-04-19 09:31:58 | 006,855,168 | RHS- | C] () Adobe PNG Format CS5 Prefs -> C:\Documents and Settings\Cap\Dane aplikacji\Adobe PNG Format CS5 Prefs -> [2011-04-12 00:27:15 | 000,000,132 | ---- | C] () Lista wniosków ocena formalna_przekazane do merytorycznej_zbiorcze zestawienie.pdf -> C:\Documents and Settings\Cap\Pulpit\Lista wniosków ocena formalna_przekazane do merytorycznej_zbiorcze zestawienie.pdf -> [2011-04-04 00:16:03 | 000,485,469 | ---- | C] () Lista wniosków ocena formalna_odrzucone_zbiorcze zestawienie.pdf -> C:\Documents and Settings\Cap\Pulpit\Lista wniosków ocena formalna_odrzucone_zbiorcze zestawienie.pdf -> [2011-04-04 00:15:51 | 000,294,358 | ---- | C] () pd5_a_wozniak_20050415.pdf -> C:\Documents and Settings\Cap\Pulpit\pd5_a_wozniak_20050415.pdf -> [2011-03-30 20:05:35 | 000,117,830 | ---- | C] () Autodesk Maya 2011.lnk -> C:\Documents and Settings\All Users\Pulpit\Autodesk Maya 2011.lnk -> [2011-03-30 17:28:25 | 000,000,694 | ---- | C] () kat102010.pdf -> C:\Documents and Settings\Cap\Pulpit\kat102010.pdf -> [2011-03-29 08:00:08 | 060,281,924 | ---- | C] () ChemSketch.lnk -> C:\Documents and Settings\Cap\Pulpit\ChemSketch.lnk -> [2011-03-25 01:50:00 | 000,001,457 | ---- | C] () _delis43.ini -> C:\WINDOWS\_delis43.ini -> [2011-03-21 20:28:31 | 000,000,127 | ---- | C] () CDex.INI -> C:\WINDOWS\CDex.INI -> [2011-03-14 20:39:46 | 000,006,245 | ---- | C] () srvany.exe -> C:\WINDOWS\System32\srvany.exe -> [2011-02-01 18:54:58 | 000,008,192 | ---- | C] () hpoins05.dat -> C:\WINDOWS\hpoins05.dat -> [2011-01-21 04:28:42 | 000,068,903 | ---- | C] () hpomdl05.dat -> C:\WINDOWS\hpomdl05.dat -> [2011-01-21 04:28:42 | 000,019,696 | ---- | C] () tablet.dat -> C:\WINDOWS\System32\tablet.dat -> [2011-01-15 23:31:33 | 000,012,925 | ---- | C] () Engine3D.dll -> C:\WINDOWS\System32\Engine3D.dll -> [2010-11-07 21:00:13 | 001,206,272 | ---- | C] () msblcd32.dll -> C:\WINDOWS\System32\msblcd32.dll -> [2010-11-07 19:03:14 | 000,000,185 | ---- | C] () EEBAPI.dll -> C:\WINDOWS\System32\EEBAPI.dll -> [2010-09-18 21:47:17 | 000,126,976 | ---- | C] () EEBDSCVR.dll -> C:\WINDOWS\System32\EEBDSCVR.dll -> [2010-09-18 21:47:17 | 000,094,208 | ---- | C] () EBAPI.dll -> C:\WINDOWS\System32\EBAPI.dll -> [2010-09-18 21:47:17 | 000,049,152 | ---- | C] () CDEALC1100Euro.ini -> C:\WINDOWS\CDEALC1100Euro.ini -> [2010-09-18 21:46:08 | 000,000,025 | ---- | C] () War3Unin.dat -> C:\WINDOWS\War3Unin.dat -> [2010-08-13 15:59:19 | 000,109,787 | ---- | C] () proc-1605931354.bin -> C:\WINDOWS\System32\proc-1605931354.bin -> [2010-07-24 19:16:15 | 000,000,004 | ---- | C] () haspdos.sys -> C:\WINDOWS\System32\haspdos.sys -> [2010-05-20 20:52:43 | 000,000,383 | ---- | C] () ds1410d.sys -> C:\WINDOWS\System32\drivers\ds1410d.sys -> [2010-05-20 20:52:34 | 000,007,328 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2010-05-16 20:07:13 | 000,000,165 | ---- | C] () WkDos.exe -> C:\WINDOWS\System32\WkDos.exe -> [2010-05-06 19:40:14 | 000,057,552 | ---- | C] () CmdLineExt03.dll -> C:\WINDOWS\System32\CmdLineExt03.dll -> [2010-05-02 15:26:28 | 000,043,520 | ---- | C] () gmer.ini -> C:\WINDOWS\gmer.ini -> [2010-04-05 14:05:59 | 000,000,250 | ---- | C] () gmer.dll -> C:\WINDOWS\gmer.dll -> [2010-04-05 14:05:58 | 000,884,736 | ---- | C] () gmer.exe -> C:\WINDOWS\gmer.exe -> [2010-04-05 14:05:58 | 000,811,008 | ---- | C] () MPQEditor.ini -> C:\Documents and Settings\Cap\Dane aplikacji\MPQEditor.ini -> [2010-04-03 11:52:28 | 000,001,381 | ---- | C] () myMPQ.ini -> C:\Documents and Settings\Cap\Dane aplikacji\myMPQ.ini -> [2010-03-25 08:52:29 | 000,000,674 | ---- | C] () ativpsrm.bin -> C:\WINDOWS\ativpsrm.bin -> [2010-03-11 22:24:47 | 000,000,000 | ---- | C] () ati2sgag.exe -> C:\WINDOWS\System32\ati2sgag.exe -> [2010-03-11 22:23:21 | 000,593,920 | ---- | C] () ChssBase.ini -> C:\WINDOWS\ChssBase.ini -> [2010-03-04 17:20:41 | 000,000,038 | ---- | C] () ativva5x.dat -> C:\WINDOWS\System32\ativva5x.dat -> [2010-02-11 05:12:00 | 003,107,788 | ---- | C] () ativva6x.dat -> C:\WINDOWS\System32\ativva6x.dat -> [2010-02-11 05:12:00 | 000,887,724 | ---- | C] () UnGins.exe -> C:\WINDOWS\UnGins.exe -> [2010-02-10 13:04:12 | 000,122,884 | ---- | C] () BioPdf.PdfWriter.Lib.dll -> C:\WINDOWS\System32\BioPdf.PdfWriter.Lib.dll -> [2010-01-04 11:55:05 | 000,006,144 | ---- | C] () solidlocalmon.dll -> C:\WINDOWS\System32\solidlocalmon.dll -> [2010-01-02 20:01:38 | 000,027,456 | ---- | C] () solidlocalui.dll -> C:\WINDOWS\System32\solidlocalui.dll -> [2010-01-02 20:01:38 | 000,018,752 | ---- | C] () ENGINEEXT.INI -> C:\WINDOWS\ENGINEEXT.INI -> [2009-11-22 17:21:08 | 000,002,818 | ---- | C] () unrar.dll -> C:\WINDOWS\System32\unrar.dll -> [2009-10-21 00:34:22 | 000,178,176 | ---- | C] () avisplitter.ini -> C:\WINDOWS\avisplitter.ini -> [2009-10-21 00:34:22 | 000,000,038 | ---- | C] () xvidcore.dll -> C:\WINDOWS\System32\xvidcore.dll -> [2009-10-21 00:34:21 | 000,881,664 | ---- | C] () xvidvfw.dll -> C:\WINDOWS\System32\xvidvfw.dll -> [2009-10-21 00:34:21 | 000,205,824 | ---- | C] () ff_vfw.dll -> C:\WINDOWS\System32\ff_vfw.dll -> [2009-10-21 00:34:20 | 000,085,504 | ---- | C] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Cap\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009-08-30 16:02:03 | 000,118,784 | ---- | C] () avrack.ini -> C:\WINDOWS\avrack.ini -> [2009-08-30 15:27:46 | 000,000,164 | ---- | C] () jedih2rx.bin -> C:\WINDOWS\System32\drivers\jedih2rx.bin -> [2009-08-30 15:25:41 | 000,001,024 | R--- | C] () ramsed.bin -> C:\WINDOWS\System32\drivers\ramsed.bin -> [2009-08-30 15:25:41 | 000,000,122 | R--- | C] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2009-08-30 15:06:32 | 000,002,048 | --S- | C] () emptyregdb.dat -> C:\WINDOWS\System32\emptyregdb.dat -> [2009-08-30 14:58:46 | 000,021,856 | ---- | C] () ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2009-08-30 14:51:13 | 000,004,293 | ---- | C] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2009-08-30 14:50:12 | 004,987,920 | ---- | C] () oeminfo.ini -> C:\WINDOWS\System32\oeminfo.ini -> [2009-05-21 05:24:48 | 000,001,683 | ---- | C] () atiicdxx.dat -> C:\WINDOWS\System32\atiicdxx.dat -> [2009-04-23 23:29:16 | 000,189,051 | ---- | C] () SysTool.sys -> C:\WINDOWS\System32\drivers\SysTool.sys -> [2006-11-10 15:08:50 | 000,024,064 | ---- | C] () ATITool.sys -> C:\WINDOWS\System32\drivers\ATITool.sys -> [2006-11-10 14:08:50 | 000,024,064 | ---- | C] () svsvc.exe -> C:\WINDOWS\System32\drivers\svsvc.exe -> [2006-01-03 22:22:37 | 000,416,256 | ---- | C] () Dcache.bin -> C:\WINDOWS\System32\Dcache.bin -> [2004-08-03 22:56:48 | 000,001,804 | ---- | C] () secupd.dat -> C:\WINDOWS\System32\secupd.dat -> [2004-08-02 12:20:40 | 000,004,569 | ---- | C] () perfh015.dat -> C:\WINDOWS\System32\perfh015.dat -> [2001-10-26 14:15:16 | 000,451,352 | ---- | C] () perfi015.dat -> C:\WINDOWS\System32\perfi015.dat -> [2001-10-26 14:15:16 | 000,313,828 | ---- | C] () perfc015.dat -> C:\WINDOWS\System32\perfc015.dat -> [2001-10-26 14:15:16 | 000,075,486 | ---- | C] () perfd015.dat -> C:\WINDOWS\System32\perfd015.dat -> [2001-10-26 14:15:16 | 000,034,990 | ---- | C] () oembios.bin -> C:\WINDOWS\System32\oembios.bin -> [2001-08-23 11:00:00 | 013,107,200 | ---- | C] () oembios.dat -> C:\WINDOWS\System32\oembios.dat -> [2001-08-23 11:00:00 | 000,004,463 | ---- | C] () perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2001-08-17 19:30:24 | 000,395,200 | ---- | C] () perfi009.dat -> C:\WINDOWS\System32\perfi009.dat -> [2001-08-17 19:30:24 | 000,272,128 | ---- | C] () perfd009.dat -> C:\WINDOWS\System32\perfd009.dat -> [2001-08-17 19:30:24 | 000,028,626 | ---- | C] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2001-08-17 19:30:22 | 000,059,440 | ---- | C] () mib.bin -> C:\WINDOWS\System32\mib.bin -> [2001-08-17 19:15:38 | 000,046,258 | ---- | C] () dssec.dat -> C:\WINDOWS\System32\dssec.dat -> [2001-07-21 20:36:48 | 000,218,003 | ---- | C] () mlang.dat -> C:\WINDOWS\System32\mlang.dat -> [2001-07-21 20:36:04 | 000,673,088 | ---- | C] () noise.dat -> C:\WINDOWS\System32\noise.dat -> [2001-07-21 20:24:16 | 000,000,741 | ---- | C] () giveio.sys -> C:\WINDOWS\System32\drivers\giveio.sys -> [1996-04-03 20:33:26 | 000,005,248 | ---- | C] () [File - Lop Check] Autodesk -> C:\Documents and Settings\All Users\Dane aplikacji\Autodesk -> [2009-12-14 00:27:58 | 000,000,000 | ---D | M] SolidDocuments -> C:\Documents and Settings\All Users\Dane aplikacji\SolidDocuments -> [2010-01-02 20:01:16 | 000,000,000 | ---D | M] PDF Writer -> C:\Documents and Settings\All Users\Dane aplikacji\PDF Writer -> [2010-01-04 12:03:06 | 000,000,000 | ---D | M] avg9 -> C:\Documents and Settings\All Users\Dane aplikacji\avg9 -> [2010-07-24 18:31:30 | 000,000,000 | ---D | M] {429CAD59-35B1-4DBC-BB6D-1DB246563521} -> C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521} -> [2010-08-16 22:31:36 | 000,000,000 | ---D | M] {A9C4258F-A865-4B3B-ADD2-824E1FF6724F} -> C:\Documents and Settings\All Users\Dane aplikacji\{A9C4258F-A865-4B3B-ADD2-824E1FF6724F} -> [2010-12-17 01:01:02 | 000,000,000 | -H-D | M] regid.1986-12.com.adobe -> C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe -> [2010-12-29 23:17:48 | 000,000,000 | ---D | M] ACD Systems -> C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems -> [2010-12-30 01:57:32 | 000,000,000 | ---D | M] Gadu-Gadu 10 -> C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 -> [2011-01-13 22:38:00 | 000,000,000 | ---D | M] Advanced Chemistry Development -> C:\Documents and Settings\All Users\Dane aplikacji\Advanced Chemistry Development -> [2011-02-10 19:41:38 | 000,000,000 | ---D | M] Common Files -> C:\Documents and Settings\All Users\Dane aplikacji\Common Files -> [2011-03-15 08:16:08 | 000,000,000 | -H-D | M] Aston -> C:\Documents and Settings\Cap\Dane aplikacji\Aston -> [2009-08-30 16:06:56 | 000,000,000 | ---D | M] Autodesk -> C:\Documents and Settings\Cap\Dane aplikacji\Autodesk -> [2009-12-14 00:27:58 | 000,000,000 | ---D | M] SolidDocuments -> C:\Documents and Settings\Cap\Dane aplikacji\SolidDocuments -> [2010-01-02 20:03:52 | 000,000,000 | ---D | M] Thinstall -> C:\Documents and Settings\Cap\Dane aplikacji\Thinstall -> [2010-01-04 01:41:42 | 000,000,000 | ---D | M] PDF Writer -> C:\Documents and Settings\Cap\Dane aplikacji\PDF Writer -> [2010-01-04 12:03:06 | 000,000,000 | ---D | M] Daoisoft -> C:\Documents and Settings\Cap\Dane aplikacji\Daoisoft -> [2010-02-21 21:46:48 | 000,000,000 | ---D | M] ChessBase -> C:\Documents and Settings\Cap\Dane aplikacji\ChessBase -> [2010-03-04 14:29:34 | 000,000,000 | ---D | M] Graphisoft -> C:\Documents and Settings\Cap\Dane aplikacji\Graphisoft -> [2010-05-06 19:46:06 | 000,000,000 | ---D | M] Opera -> C:\Documents and Settings\Cap\Dane aplikacji\Opera -> [2010-07-24 18:12:46 | 000,000,000 | ---D | M] GanymedeNet -> C:\Documents and Settings\Cap\Dane aplikacji\GanymedeNet -> [2010-07-24 19:16:16 | 000,000,000 | ---D | M] Free Download Manager -> C:\Documents and Settings\Cap\Dane aplikacji\Free Download Manager -> [2010-10-09 14:52:52 | 000,000,000 | ---D | M] uTorrent -> C:\Documents and Settings\Cap\Dane aplikacji\uTorrent -> [2010-11-29 09:00:50 | 000,000,000 | ---D | M] Golden Software -> C:\Documents and Settings\Cap\Dane aplikacji\Golden Software -> [2010-12-17 01:02:38 | 000,000,000 | ---D | M] ACD Systems -> C:\Documents and Settings\Cap\Dane aplikacji\ACD Systems -> [2011-01-02 15:34:40 | 000,000,000 | ---D | M] Ifu Hamburg GmbH, Germany -> C:\Documents and Settings\Cap\Dane aplikacji\Ifu Hamburg GmbH, Germany -> [2011-01-06 19:26:08 | 000,000,000 | ---D | M] Mathsoft -> C:\Documents and Settings\Cap\Dane aplikacji\Mathsoft -> [2011-01-08 13:52:52 | 000,000,000 | ---D | M] Gadu-Gadu 10 -> C:\Documents and Settings\Cap\Dane aplikacji\Gadu-Gadu 10 -> [2011-01-13 22:42:58 | 000,000,000 | ---D | M] BESTplayer -> C:\Documents and Settings\Cap\Dane aplikacji\BESTplayer -> [2011-01-16 21:01:12 | 000,000,000 | ---D | M] Advanced Chemistry Development -> C:\Documents and Settings\Cap\Dane aplikacji\Advanced Chemistry Development -> [2011-02-10 12:22:24 | 000,000,000 | ---D | M] [File - Purity Scan] < End of report > [/code]