OTL logfile created on: 2012-07-12 11:29:26 - Run 1
OTL by OldTimer - Version 3.2.54.0     Folder = H:\
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,75 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 62,99% Memory free
3,74 Gb Paging File | 3,26 Gb Available in Paging File | 87,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 68,12 Gb Free Space | 30,56% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 2,16 Gb Free Space | 23,95% Space Free | Partition Type: NTFS
Drive F: | 1021,00 Mb Total Space | 1018,75 Mb Free Space | 99,78% Space Free | Partition Type: FAT32
Drive H: | 3,76 Gb Total Space | 2,39 Gb Free Space | 63,50% Space Free | Partition Type: FAT32
 
Computer Name: MIREK-PC | User Name: Mirek | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-07-12 11:27:14 | 000,596,480 | ---- | M] (OldTimer Tools) -- H:\OTL.exe
PRC - [2009-04-11 08:27:45 | 001,792,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-01-21 04:33:37 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-01-08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2006-03-09 11:58:00 | 001,060,424 | ---- | M] () -- C:\Windows\System32\WdfCoInstaller01000.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2012-07-12 10:54:06 | 000,017,408 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\rpcnetp.exe -- (rpcnetp)
SRV - [2012-06-23 15:51:59 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-06-17 15:00:49 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-04-03 16:38:06 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Stopped] -- C:\Windows\System32\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Disabled | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2008-06-02 19:32:16 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2008-05-30 18:36:20 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008-05-21 02:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2008-05-21 02:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2008-05-14 19:55:14 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2008-05-12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Stopped] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008-04-07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-01-21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-12-11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007-10-19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007-05-16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Stopped] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007-01-05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\FsUsbExDisk.SYS -- (FsUsbExDisk)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (EverestDriver)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\Program Files\Anti Trojan Elite\ATEPMon.sys -- (ATE_PROCMON)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (abyasth6)
DRV - [2011-09-11 21:52:59 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2010-04-22 18:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009-11-02 19:27:16 | 000,019,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-03-20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-03-20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009-03-20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008-11-29 01:36:58 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008-09-24 05:09:56 | 003,976,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008-05-30 18:37:06 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2008-05-30 18:37:02 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2008-05-30 18:37:00 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Stopped] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2008-05-30 18:36:58 | 000,108,752 | ---- | M] (SafeBoot International) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2008-05-27 22:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008-04-28 11:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008-04-14 23:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008-04-10 17:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008-04-07 20:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2008-04-07 20:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008-02-29 18:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008-01-21 04:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2007-09-17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-06-19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wyborcza.pl/0,0.html?p=016
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=cdfbb460-064f-11e1-a1a7-abb8f0df1299&q={searchTerms}
IE - HKLM\..\SearchScopes\{D7394597-3F82-4F8C-9D1B-E7DB908FEF21}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcmnbie7-pl-pl
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=all&pf=cmnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}
IE - HKCU\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
IE - HKCU\..\SearchScopes\{47DFB43E-F37A-4F05-B8C2-9608942638F2}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=cdfbb460-064f-11e1-a1a7-abb8f0df1299&q={searchTerms}
IE - HKCU\..\SearchScopes\{D7394597-3F82-4F8C-9D1B-E7DB908FEF21}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcmnbie7-pl-pl
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rayv.com/rayvplugin: C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll (RayV)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010-01-25 09:38:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru [2011-09-13 16:04:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru [2011-09-13 16:04:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-17 15:00:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-06-25 07:54:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010-01-25 09:38:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-17 15:00:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-06-25 07:54:10 | 000,000,000 | ---D | M]
 
[2008-10-24 14:02:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mirek\AppData\Roaming\mozilla\Extensions
[2012-05-03 15:58:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mirek\AppData\Roaming\mozilla\Firefox\Profiles\en4m00zq.default\extensions
[2010-10-08 19:42:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mirek\AppData\Roaming\mozilla\Firefox\Profiles\en4m00zq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-06-07 06:21:07 | 000,000,000 | ---D | M] (ProfilePassword-Firefox) -- C:\Users\Mirek\AppData\Roaming\mozilla\Firefox\Profiles\en4m00zq.default\extensions\{b9615918-d3de-44a4-ab65-76df7ea1f1c1}(19)
[2008-11-22 22:48:07 | 000,000,000 | ---D | M] (MGSWrapper) -- C:\Users\Mirek\AppData\Roaming\mozilla\Firefox\Profiles\en4m00zq.default\extensions\mgswrapper@microgaming.com
[2010-04-06 14:06:18 | 000,000,000 | ---D | M] (Flash AX Control) -- C:\Users\Mirek\AppData\Roaming\mozilla\Firefox\Profiles\en4m00zq.default\extensions\npfax@microgaming.co.uk
[2011-05-29 18:00:01 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Mirek\AppData\Roaming\mozilla\Firefox\Profiles\en4m00zq.default\extensions\vshare@toolbar
[2008-11-29 01:41:33 | 000,002,921 | ---- | M] () -- C:\Users\Mirek\AppData\Roaming\Mozilla\Firefox\Profiles\en4m00zq.default\searchplugins\daemon-search.xml
[2011-07-11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Mirek\AppData\Roaming\Mozilla\Firefox\Profiles\en4m00zq.default\searchplugins\startsear.xml
[2012-04-16 15:34:00 | 000,003,915 | ---- | M] () -- C:\Users\Mirek\AppData\Roaming\Mozilla\Firefox\Profiles\en4m00zq.default\searchplugins\sweetim.xml
[2012-07-12 01:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-07-12 01:05:13 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2011-09-11 21:57:14 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
[2012-06-17 15:00:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007-11-09 17:25:00 | 000,057,344 | ---- | M] () -- C:\Program Files\mozilla firefox\components\MGSHelper.dll
[2006-12-11 20:13:02 | 000,061,440 | ---- | M] (Multimedia Cafe www.mmcafe.pl) -- C:\Program Files\mozilla firefox\plugins\npcnmozillainterface.dll
[2012-04-02 12:23:03 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009-06-15 11:14:40 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
[2011-10-03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2012-05-04 09:35:18 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-05-04 09:35:18 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-05-04 09:35:18 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-05-04 09:35:18 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-05-04 09:35:18 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-05-04 09:35:18 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://startsear.ch/?aff=1
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\10.0.648.204\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\10.0.648.204\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\10.0.648.204\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Cafe News interface container (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npcnmozillainterface.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: GanymedeNet.Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
CHR - plugin: RayV Plugin (Enabled) = C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
Hosts file not found
O2 - BHO: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland)
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [hpqSRMon]  File not found
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [RayV] C:\Program Files\RayV\RayV\RayV.exe (RayV)
O4 - HKCU..\Run: [WUDFPlatform] C:\Users\Mirek\AppData\Local\Microsoft\Windows\1609\WUDFPlatform.exe ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: GamebookersPoker.com - {25D3746C-E212-4755-9D2D-87671CB6C150} - C:\Programs\Gamebookers\GamebookersPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : GamebookersPoker.com - {25D3746C-E212-4755-9D2D-87671CB6C150} - C:\Programs\Gamebookers\GamebookersPoker\RunApp.exe File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland)
O9 - Extra Button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra Button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe (Microgaming)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (Bodog)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C4E9D49-3E80-4252-9699-8279DE3B8E0C}: NameServer = 217.30.129.149 217.30.137.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4AC057C3-A4F4-4005-B1D9-2D9CCE0FA726}: DhcpNameServer = 192.168.1.252
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Forest.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Forest.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-07-12 11:28:08 | 000,000,288 | RHS- | M] () - H:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{0d188df8-6ec1-11df-acb1-ae861623a07b}\Shell - "" = AutoRun
O33 - MountPoints2\{0d188df8-6ec1-11df-acb1-ae861623a07b}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{0d188e12-6ec1-11df-acb1-ae861623a07b}\Shell - "" = AutoRun
O33 - MountPoints2\{0d188e12-6ec1-11df-acb1-ae861623a07b}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{156b8c5f-6f2e-11df-bdfb-f73baa577e78}\Shell - "" = AutoRun
O33 - MountPoints2\{156b8c5f-6f2e-11df-bdfb-f73baa577e78}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{156b8c61-6f2e-11df-bdfb-f73baa577e78}\Shell - "" = AutoRun
O33 - MountPoints2\{156b8c61-6f2e-11df-bdfb-f73baa577e78}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{156b8c73-6f2e-11df-bdfb-f73baa577e78}\Shell - "" = AutoRun
O33 - MountPoints2\{156b8c73-6f2e-11df-bdfb-f73baa577e78}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{40d46b34-a197-11df-aa38-de50e4df68ec}\Shell\Auto\command - "" = H:\RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE
O33 - MountPoints2\{40d46b34-a197-11df-aa38-de50e4df68ec}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE
O33 - MountPoints2\{40d46b34-a197-11df-aa38-de50e4df68ec}\Shell\Browser\command - "" = H:\RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE
O33 - MountPoints2\{982ad9f0-eb66-11df-8694-e71d9795f1e3}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{b68b4926-834f-11df-9d1f-cdf0ea0fbc7a}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\copy.exe
O33 - MountPoints2\{c99469e9-7151-11df-b66a-e34689a69077}\Shell - "" = AutoRun
O33 - MountPoints2\{c99469e9-7151-11df-b66a-e34689a69077}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{eec08866-becb-11dd-85c9-002186b6ce16}\Shell - "" = AutoRun
O33 - MountPoints2\{eec08866-becb-11dd-85c9-002186b6ce16}\Shell\AutoRun\command - "" = G:\TData.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-11 23:36:29 | 000,000,000 | ---D | C] -- C:\Users\Mirek\AppData\Roaming\hellomoto
[2012-07-11 13:26:19 | 000,000,000 | ---D | C] -- C:\Users\Mirek\Desktop\naszapociecha.pl
[2012-07-09 12:51:40 | 000,000,000 | ---D | C] -- C:\Users\Mirek\AppData\Roaming\Design-Lib.Com
[2012-07-09 12:51:32 | 000,000,000 | ---D | C] -- C:\Users\Mirek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Design-Lib.com Creations
[2012-07-09 12:51:32 | 000,000,000 | ---D | C] -- C:\Program Files\Design-Lib Creations
[2012-07-09 12:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Convert Multiple PSD Files To JPG Files Software
[2012-07-09 12:47:56 | 000,876,032 | ---- | C] (Abysmal Software) -- C:\windows\System32\DevIL.dll
[2012-07-09 12:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\Convert Multiple PSD Files To JPG Files Software
[2012-07-09 11:56:00 | 000,000,000 | ---D | C] -- C:\Users\Mirek\.thumbnails
[2012-07-09 11:52:59 | 000,000,000 | ---D | C] -- C:\Users\Mirek\AppData\Local\fontconfig
[2012-07-09 11:52:56 | 000,000,000 | ---D | C] -- C:\Users\Mirek\AppData\Local\gegl-0.2
[2012-07-09 11:52:56 | 000,000,000 | ---D | C] -- C:\Users\Mirek\.gimp-2.8
[2012-07-09 11:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012-07-01 00:09:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Selteco
[2012-07-01 00:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\Selteco
[2012-06-27 01:46:06 | 000,000,000 | ---D | C] -- C:\Users\Mirek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012-06-27 01:46:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012-06-27 01:46:02 | 000,000,000 | ---D | C] -- C:\Users\Mirek\AppData\Roaming\Notepad++
[2012-06-27 01:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2012-06-27 01:40:23 | 000,000,000 | ---D | C] -- C:\Users\Mirek\AppData\Roaming\FileZilla
[2012-06-27 01:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2012-06-27 01:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2012-06-23 16:28:53 | 000,000,000 | ---D | C] -- C:\Users\Mirek\AppData\Local\Macromedia
[2012-06-19 12:19:57 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2012-06-19 12:19:56 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2012-06-19 12:19:18 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2012-06-19 12:19:18 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2012-06-19 12:19:18 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2012-06-19 12:18:24 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2012-06-19 12:18:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
[2012-06-15 07:12:35 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2012-06-15 07:12:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2012-06-15 07:12:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2012-06-15 07:12:32 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2012-06-15 07:12:32 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2012-06-15 07:12:32 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2012-06-15 07:12:31 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2012-06-14 08:56:56 | 002,045,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-07-12 11:28:28 | 000,152,576 | ---- | M] () -- C:\Users\Mirek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-07-12 10:54:45 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2012-07-12 10:54:31 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012-07-12 10:54:06 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.exe
[2012-07-12 10:51:15 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-07-12 10:51:15 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-07-12 10:51:00 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012-07-12 09:20:00 | 000,000,322 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForMirek.job
[2012-07-12 08:45:43 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.dll
[2012-07-12 02:19:03 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.dll
[2012-07-10 17:28:25 | 000,360,448 | ---- | M] () -- C:\Users\Mirek\AppData\Local\irtbzfdnfi.exe
[2012-07-10 13:55:19 | 000,016,139 | ---- | M] () -- C:\Users\Mirek\Desktop\baby13.jpg
[2012-07-10 13:55:15 | 000,065,491 | ---- | M] () -- C:\Users\Mirek\Desktop\baby12.jpeg
[2012-07-10 13:55:07 | 000,015,714 | ---- | M] () -- C:\Users\Mirek\Desktop\baby11.jpg
[2012-07-10 13:50:13 | 000,019,124 | ---- | M] () -- C:\Users\Mirek\Desktop\bab10.jpg
[2012-07-10 13:50:07 | 000,098,627 | ---- | M] () -- C:\Users\Mirek\Desktop\baby9.jpg
[2012-07-10 13:49:56 | 000,027,360 | ---- | M] () -- C:\Users\Mirek\Desktop\baby8.jpg
[2012-07-10 13:44:37 | 000,022,903 | ---- | M] () -- C:\Users\Mirek\Desktop\baby7.jpg
[2012-07-10 13:44:32 | 000,035,760 | ---- | M] () -- C:\Users\Mirek\Desktop\baby6.jpg
[2012-07-10 13:44:27 | 000,072,646 | ---- | M] () -- C:\Users\Mirek\Desktop\baby5.jpg
[2012-07-10 13:41:36 | 000,006,029 | ---- | M] () -- C:\Users\Mirek\Desktop\baby4.jpg
[2012-07-10 13:41:13 | 000,007,421 | ---- | M] () -- C:\Users\Mirek\Desktop\baby3.jpg
[2012-07-10 13:40:59 | 000,004,384 | ---- | M] () -- C:\Users\Mirek\Desktop\baby2.jpg
[2012-07-10 13:40:24 | 000,004,967 | ---- | M] () -- C:\Users\Mirek\Desktop\baby1.jpg
[2012-07-09 13:10:16 | 000,006,968 | ---- | M] () -- C:\Users\Mirek\AppData\Local\recently-used.xbel
[2012-07-09 12:52:02 | 000,049,223 | ---- | M] () -- C:\Users\Mirek\Desktop\C Users Mirek Downloads naszapociecha 2 naszapociecha 2 projekt logo.jpg
[2012-07-09 12:51:32 | 000,002,047 | ---- | M] () -- C:\Users\Mirek\Desktop\Batch PSD to JPG.lnk
[2012-07-09 12:47:57 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Convert Multiple PSD Files To JPG Files Software.lnk
[2012-07-09 12:41:37 | 000,630,463 | ---- | M] () -- C:\Users\Mirek\Documents\projekt logo.xcf
[2012-07-09 11:13:19 | 000,102,366 | ---- | M] () -- C:\Users\Mirek\Desktop\logo2.png
[2012-07-05 18:40:58 | 000,722,516 | ---- | M] () -- C:\windows\System32\perfh015.dat
[2012-07-05 18:40:58 | 000,641,696 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012-07-05 18:40:58 | 000,156,484 | ---- | M] () -- C:\windows\System32\perfc015.dat
[2012-07-05 18:40:58 | 000,123,002 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012-07-01 00:09:46 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Bannershop GIF Animator PL 5.lnk
[2012-06-30 00:57:49 | 000,022,499 | ---- | M] () -- C:\Users\Mirek\Desktop\2rw8hhh.jpg
[2012-06-30 00:57:27 | 000,021,918 | ---- | M] () -- C:\Users\Mirek\Desktop\24b9f1050003f9604e1eb155.jpg
[2012-06-29 09:56:55 | 000,022,489 | ---- | M] () -- C:\Users\Mirek\Desktop\logo.png
[2012-06-23 15:51:58 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2012-06-23 15:51:58 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012-06-20 09:45:01 | 000,000,680 | ---- | M] () -- C:\Users\Mirek\AppData\Local\d3d9caps.dat
[2012-06-15 07:36:19 | 000,146,728 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012-06-14 09:42:56 | 000,134,459 | ---- | M] () -- C:\Users\Mirek\Desktop\9CD1234257.pdf
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-07-10 17:28:25 | 000,360,448 | ---- | C] () -- C:\Users\Mirek\AppData\Local\irtbzfdnfi.exe
[2012-07-10 13:55:18 | 000,016,139 | ---- | C] () -- C:\Users\Mirek\Desktop\baby13.jpg
[2012-07-10 13:55:13 | 000,065,491 | ---- | C] () -- C:\Users\Mirek\Desktop\baby12.jpeg
[2012-07-10 13:55:00 | 000,015,714 | ---- | C] () -- C:\Users\Mirek\Desktop\baby11.jpg
[2012-07-10 13:50:13 | 000,019,124 | ---- | C] () -- C:\Users\Mirek\Desktop\bab10.jpg
[2012-07-10 13:50:06 | 000,098,627 | ---- | C] () -- C:\Users\Mirek\Desktop\baby9.jpg
[2012-07-10 13:49:55 | 000,027,360 | ---- | C] () -- C:\Users\Mirek\Desktop\baby8.jpg
[2012-07-10 13:44:37 | 000,022,903 | ---- | C] () -- C:\Users\Mirek\Desktop\baby7.jpg
[2012-07-10 13:44:32 | 000,035,760 | ---- | C] () -- C:\Users\Mirek\Desktop\baby6.jpg
[2012-07-10 13:44:26 | 000,072,646 | ---- | C] () -- C:\Users\Mirek\Desktop\baby5.jpg
[2012-07-10 13:41:35 | 000,006,029 | ---- | C] () -- C:\Users\Mirek\Desktop\baby4.jpg
[2012-07-10 13:41:13 | 000,007,421 | ---- | C] () -- C:\Users\Mirek\Desktop\baby3.jpg
[2012-07-10 13:40:59 | 000,004,384 | ---- | C] () -- C:\Users\Mirek\Desktop\baby2.jpg
[2012-07-10 13:40:12 | 000,004,967 | ---- | C] () -- C:\Users\Mirek\Desktop\baby1.jpg
[2012-07-09 13:10:16 | 000,006,968 | ---- | C] () -- C:\Users\Mirek\AppData\Local\recently-used.xbel
[2012-07-09 12:52:02 | 000,049,223 | ---- | C] () -- C:\Users\Mirek\Desktop\C Users Mirek Downloads naszapociecha 2 naszapociecha 2 projekt logo.jpg
[2012-07-09 12:51:32 | 000,002,047 | ---- | C] () -- C:\Users\Mirek\Desktop\Batch PSD to JPG.lnk
[2012-07-09 12:47:57 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Convert Multiple PSD Files To JPG Files Software.lnk
[2012-07-09 12:41:37 | 000,630,463 | ---- | C] () -- C:\Users\Mirek\Documents\projekt logo.xcf
[2012-07-09 11:52:03 | 000,000,840 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012-07-09 11:13:19 | 000,102,366 | ---- | C] () -- C:\Users\Mirek\Desktop\logo2.png
[2012-07-01 00:09:46 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Bannershop GIF Animator PL 5.lnk
[2012-06-30 00:57:49 | 000,022,499 | ---- | C] () -- C:\Users\Mirek\Desktop\2rw8hhh.jpg
[2012-06-30 00:57:26 | 000,021,918 | ---- | C] () -- C:\Users\Mirek\Desktop\24b9f1050003f9604e1eb155.jpg
[2012-06-29 09:55:20 | 000,022,489 | ---- | C] () -- C:\Users\Mirek\Desktop\logo.png
[2012-06-14 09:42:56 | 000,134,459 | ---- | C] () -- C:\Users\Mirek\Desktop\9CD1234257.pdf
[2011-09-11 21:56:47 | 000,115,369 | ---- | C] () -- C:\windows\System32\drivers\klin.dat
[2011-09-11 21:56:47 | 000,097,961 | ---- | C] () -- C:\windows\System32\drivers\klick.dat
[2011-03-22 10:06:11 | 000,077,444 | ---- | C] () -- C:\windows\hpqins05.dat
[2011-02-27 02:07:55 | 000,014,848 | ---- | C] () -- C:\Users\Mirek\AppData\Local\ClientUpdate.exe
[2011-02-21 21:03:22 | 000,000,371 | ---- | C] () -- C:\Users\Mirek\Dokumenty — skrót (2).lnk
[2011-01-15 18:45:14 | 000,000,000 | ---- | C] () -- C:\Users\Mirek\Volemeid.exe
[2010-12-24 04:00:58 | 000,303,104 | ---- | C] () -- C:\windows\Uninstall_tkexe.exe
[2010-10-21 17:46:56 | 000,123,392 | ---- | C] () -- C:\windows\System32\UnCasino5.exe
[2010-09-07 21:36:09 | 000,139,264 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2010-09-04 22:35:42 | 003,383,333 | ---- | C] () -- C:\Users\Mirek\AppData\Local\Tempupdate3283.exe
[2010-08-25 19:43:48 | 000,524,288 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2010-08-25 19:43:47 | 000,258,048 | ---- | C] () -- C:\windows\System32\libFLAC.dll
[2010-06-05 22:50:16 | 000,000,371 | ---- | C] () -- C:\Users\Mirek\Dokumenty — skrót.lnk
[2009-11-02 20:34:24 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009-01-07 19:03:18 | 000,000,680 | ---- | C] () -- C:\Users\Mirek\AppData\Local\d3d9caps.dat
[2008-11-28 01:41:39 | 000,152,576 | ---- | C] () -- C:\Users\Mirek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 81 bytes -> C:\Program Files\Stryyke:MID
@Alternate Data Stream - 81 bytes -> C:\Program Files\PowerPoker:MID
@Alternate Data Stream - 81 bytes -> C:\Program Files\Jetbull Poker:MID
@Alternate Data Stream - 81 bytes -> C:\Program Files\DoylesRoom:MID
@Alternate Data Stream - 81 bytes -> C:\Program Files\ComeOn Poker:MID
@Alternate Data Stream - 64 bytes -> C:\Users\Mirek\Documents\video.avi:TOC.WMV

< End of report >