OTL logfile created on: 2012-12-06 16:55:25 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Goga\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
502,36 Mb Total Physical Memory | 110,39 Mb Available Physical Memory | 21,98% Memory free
1,19 Gb Paging File | 0,61 Gb Available in Paging File | 51,27% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 2,33 Gb Free Space | 23,89% Space Free | Partition Type: NTFS
Drive D: | 64,75 Gb Total Space | 8,38 Gb Free Space | 12,94% Space Free | Partition Type: NTFS
 
Computer Name: DOM-CD5B465048C | User Name: Goga | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-12-06 16:54:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Goga\Pulpit\OTL.exe
PRC - [2012-12-06 16:02:19 | 000,878,480 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2012-04-13 02:17:52 | 000,393,544 | ---- | M] (ZTE) -- D:\tm\T-Mobile\InternetManager_Z\Bin\BMController.exe
PRC - [2012-04-13 02:09:28 | 000,029,512 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\MainApp.exe
PRC - [2012-04-06 03:16:30 | 000,431,944 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\phoneserver.exe
PRC - [2012-04-06 03:16:24 | 000,069,448 | ---- | M] (ZTE) -- D:\tm\T-Mobile\InternetManager_Z\Bin\mcserver.exe
PRC - [2012-04-06 03:16:22 | 000,221,512 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe
PRC - [2012-04-06 03:16:20 | 000,037,192 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\db_daemon.exe
PRC - [2011-06-29 12:26:06 | 000,520,216 | ---- | M] (Ant.com) -- C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe
PRC - [2010-12-16 06:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) -- D:\Program Files\Gadu-Gadu 10 II\gg.exe
PRC - [2010-10-24 11:39:37 | 000,243,508 | ---- | M] () -- C:\Documents and Settings\Goga\Menu Start\Programy\Autostart\rundlll.exe
PRC - [2010-09-25 11:49:06 | 000,147,456 | ---- | M] () -- C:\Documents and Settings\Goga\Menu Start\Programy\Autostart\WinSvc.exe
PRC - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () -- D:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009-11-30 21:26:38 | 002,654,512 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2009-11-30 21:26:36 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008-11-05 16:14:57 | 000,221,184 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\system32\UAService7.exe
PRC - [2008-05-26 09:47:11 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Goga\Ustawienia lokalne\Temp\RtkBtMnt.exe
PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 18:21:08 | 000,396,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2007-02-12 14:50:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-04-13 02:09:28 | 000,029,512 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\MainApp.exe
MOD - [2012-04-06 03:16:30 | 000,431,944 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\phoneserver.exe
MOD - [2012-04-06 03:16:22 | 000,221,512 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe
MOD - [2012-04-06 03:16:20 | 000,037,192 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\db_daemon.exe
MOD - [2012-04-06 03:15:26 | 000,021,504 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\libctlsvr.dll
MOD - [2012-04-06 03:14:56 | 000,259,072 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\channel-icera.dll
MOD - [2012-04-06 03:14:28 | 000,099,840 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\itapi.dll
MOD - [2012-04-06 03:14:24 | 000,064,000 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\biras.dll
MOD - [2012-04-06 03:14:24 | 000,043,520 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\audio.dll
MOD - [2012-04-06 03:14:20 | 000,058,880 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\coder.dll
MOD - [2012-04-06 03:14:18 | 000,036,352 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\libConfig.dll
MOD - [2012-04-06 03:14:18 | 000,027,648 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\log.dll
MOD - [2012-04-06 03:14:18 | 000,023,552 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\AT-Process.dll
MOD - [2011-12-26 08:41:00 | 000,090,624 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\CaptureCrash.dll
MOD - [2011-12-05 12:06:08 | 000,052,736 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\pbkenabler.dll
MOD - [2011-11-25 03:46:28 | 000,879,104 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\base._Tapi.pyd
MOD - [2011-09-14 10:33:04 | 001,422,336 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\MBINdis.dll
MOD - [2011-08-12 02:50:58 | 000,189,440 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\base._db.pyd
MOD - [2011-08-10 15:01:42 | 000,641,536 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\TMobileAgent.dll
MOD - [2011-08-09 07:28:00 | 000,095,232 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\base._Ndis.pyd
MOD - [2011-08-09 07:28:00 | 000,062,976 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\base._PyAgent.pyd
MOD - [2011-08-09 07:28:00 | 000,029,696 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\base._ctrlsvr.pyd
MOD - [2011-08-09 07:28:00 | 000,017,920 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\base._dbus_wx.pyd
MOD - [2011-08-09 05:55:26 | 000,028,160 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\phserver_pbk.dll
MOD - [2011-08-09 05:55:22 | 000,033,280 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\smsenabler.dll
MOD - [2011-08-09 05:55:22 | 000,014,848 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\dcrenabler.dll
MOD - [2011-08-09 05:55:18 | 000,015,360 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\chenabler.dll
MOD - [2011-05-06 04:03:40 | 000,024,064 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\libwxdbus.dll
MOD - [2011-05-06 04:03:34 | 000,026,112 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\libnsqlc-0.2.dll
MOD - [2011-05-06 04:03:32 | 000,594,944 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\dbus-1.dll
MOD - [2011-05-06 04:02:40 | 000,341,504 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\sqlite3.dll
MOD - [2010-12-16 06:20:20 | 000,217,696 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\gglog.dll
MOD - [2010-12-16 06:20:18 | 000,123,488 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\ggipcradioproxy.dll
MOD - [2010-12-16 06:20:16 | 000,017,504 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\ggipc.dll
MOD - [2010-12-16 06:20:12 | 000,027,744 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\ggcrypto.dll
MOD - [2010-12-16 06:20:10 | 000,356,960 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\ggcommon.dll
MOD - [2010-10-24 11:39:37 | 000,243,508 | ---- | M] () -- C:\Documents and Settings\Goga\Menu Start\Programy\Autostart\rundlll.exe
MOD - [2010-10-14 10:37:52 | 000,971,776 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\libxml2.dll
MOD - [2010-10-14 10:37:52 | 000,080,688 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\zlib1.dll
MOD - [2010-09-25 11:49:06 | 000,147,456 | ---- | M] () -- C:\Documents and Settings\Goga\Menu Start\Programy\Autostart\WinSvc.exe
MOD - [2010-08-06 20:01:42 | 002,404,352 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\QtCore4.dll
MOD - [2010-08-06 20:01:42 | 001,515,520 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\QtScript4.dll
MOD - [2010-08-06 20:01:42 | 001,040,384 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\QtNetwork4.dll
MOD - [2010-08-06 20:01:42 | 000,389,120 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\QtXml4.dll
MOD - [2010-08-06 20:01:42 | 000,323,584 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\QtSvg4.dll
MOD - [2010-08-06 20:01:40 | 013,553,664 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\QtWebKit4.dll
MOD - [2010-08-06 20:01:38 | 008,818,688 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\QtGui4.dll
MOD - [2010-08-06 20:01:22 | 003,334,144 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\QtXmlPatterns4.dll
MOD - [2010-08-06 20:00:32 | 000,311,296 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\imageformats\qtiff4.dll
MOD - [2010-08-06 20:00:32 | 000,274,432 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\imageformats\qmng4.dll
MOD - [2010-08-06 20:00:32 | 000,143,360 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\imageformats\qjpeg4.dll
MOD - [2010-08-06 20:00:32 | 000,027,648 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\imageformats\qgif4.dll
MOD - [2010-08-06 20:00:32 | 000,018,944 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\imageformats\qsvg4.dll
MOD - [2010-03-19 08:33:38 | 000,059,904 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10 II\zlib1.dll
MOD - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () -- D:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2010-02-28 12:28:17 | 000,670,208 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\10022800\algo.dll
MOD - [2010-01-29 09:47:30 | 000,129,024 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\BIOptimizationClient.dll
MOD - [2010-01-29 09:45:10 | 000,160,768 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\BIXml.dll
MOD - [2009-10-28 04:40:14 | 003,885,984 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2009-05-14 12:35:28 | 000,077,824 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wx._animate.pyd
MOD - [2009-05-14 12:34:52 | 000,069,632 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wx._media.pyd
MOD - [2009-05-14 12:34:48 | 000,339,968 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wx._html.pyd
MOD - [2009-05-14 12:34:24 | 000,663,552 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wx._misc_.pyd
MOD - [2009-05-14 12:33:08 | 000,942,080 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wx._controls_.pyd
MOD - [2009-05-14 12:32:28 | 000,655,360 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wx._windows_.pyd
MOD - [2009-05-14 12:32:12 | 000,741,376 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wx._gdi_.pyd
MOD - [2009-05-14 12:30:46 | 000,978,944 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wx._core_.pyd
MOD - [2009-05-14 12:18:06 | 000,483,328 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wxmsw28uh_html_vc.dll
MOD - [2009-05-14 12:17:46 | 000,114,688 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wxmsw28uh_media_vc.dll
MOD - [2009-05-14 12:17:42 | 000,729,088 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wxmsw28uh_adv_vc.dll
MOD - [2009-05-14 12:17:28 | 003,194,880 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wxmsw28uh_core_vc.dll
MOD - [2009-05-14 12:16:08 | 000,135,168 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wxbase28uh_net_vc.dll
MOD - [2009-05-14 12:16:02 | 001,331,200 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\wxbase28uh_vc.dll
MOD - [2009-02-16 19:45:32 | 000,159,744 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\win32gui.pyd
MOD - [2009-02-16 19:45:28 | 000,106,496 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\win32api.pyd
MOD - [2009-02-16 19:42:24 | 000,122,880 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\pywintypes25.dll
MOD - [2008-04-14 18:20:37 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007-09-09 16:07:00 | 000,151,552 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\libexpat.dll
MOD - [2007-02-12 14:50:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
MOD - [2006-09-19 02:52:52 | 000,053,248 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\_socket.pyd
MOD - [2006-09-19 02:52:50 | 000,655,360 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\_ssl.pyd
MOD - [2006-09-19 02:52:40 | 000,135,168 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\pyexpat.pyd
MOD - [2006-09-19 02:52:34 | 000,007,680 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\select.pyd
MOD - [2006-09-19 02:52:32 | 000,049,152 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\_sqlite3.pyd
MOD - [2006-09-19 02:52:26 | 000,081,920 | ---- | M] () -- D:\tm\T-Mobile\InternetManager_Z\Bin\_ctypes.pyd
MOD - [2006-09-14 00:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [1998-10-17 07:00:00 | 000,033,792 | ---- | M] () -- C:\Program Files\WinZip\WZSHLEXT.DLL
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] --  -- (msav)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2012-12-03 12:02:40 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2011-06-29 12:26:06 | 000,520,216 | ---- | M] (Ant.com) [Auto | Running] -- C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe -- (AntUpdaterService)
SRV - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- D:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009-11-30 21:26:36 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2009-11-30 21:26:36 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2009-11-30 21:26:36 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008-11-05 16:14:57 | 000,221,184 | ---- | M] (Sony DADC Austria AG.) [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7)
SRV - [2007-02-12 13:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\snp325.sys -- (SNP325)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\NSNDIS5.SYS -- (NSNDIS5)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Goga\USTAWI~1\Temp\idrmkl.sys -- (idrmkl)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (aaiqvlqx)
DRV - [2011-08-10 11:56:46 | 000,067,968 | ---- | M] (ZTE) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\zte_cdc_acm.sys -- (zte_cdc_acm)
DRV - [2011-08-10 11:56:46 | 000,009,984 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zte_cpo.sys -- (zte_cpo)
DRV - [2010-10-01 05:09:30 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010-10-01 05:09:30 | 000,105,728 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010-10-01 05:09:30 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010-10-01 05:09:30 | 000,070,656 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010-10-01 05:09:30 | 000,069,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2010-09-11 19:50:16 | 000,099,968 | ---- | M] (TechFaith Wireless Technology Limited.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TF1D091010.sys -- (TF1D091010)
DRV - [2009-12-15 03:46:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009-12-15 03:46:18 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2009-11-30 21:15:21 | 000,046,544 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-11-30 21:14:54 | 000,149,840 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-11-30 21:12:05 | 000,023,248 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-11-30 21:11:38 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-11-30 21:11:28 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-11-19 14:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2009-11-19 14:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2009-11-19 14:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009-11-19 14:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2009-11-19 14:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2009-11-19 14:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009-11-19 14:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009-11-12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-10-19 00:48:30 | 000,027,728 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009-09-23 09:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-01-27 14:57:12 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008-11-11 13:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008-11-11 13:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008-11-11 13:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008-05-10 13:13:22 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008-05-10 13:13:22 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008-04-13 19:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007-06-20 09:55:04 | 000,032,256 | ---- | M] (SlySoft Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\maplom.sys -- (Maplom)
DRV - [2007-04-30 06:37:00 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32)
DRV - [2007-03-26 12:21:06 | 004,395,008 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007-03-01 22:22:04 | 000,988,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007-03-01 22:21:24 | 000,210,688 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007-03-01 22:21:22 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007-02-16 15:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007-01-24 07:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006-10-12 14:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwl5.sys -- (BCM43XX)
DRV - [2005-12-12 20:12:01 | 000,049,664 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04)
DRV - [2005-09-01 17:54:12 | 000,007,936 | ---- | M] (Option N.V.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gtptser.sys -- (GTPTSER)
DRV - [2005-04-25 11:10:20 | 000,033,538 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2005-02-11 10:24:24 | 000,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005-02-11 10:22:48 | 000,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005-02-11 10:21:10 | 000,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005-02-11 10:21:02 | 000,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005-02-11 10:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus)
DRV - [2004-11-25 17:36:06 | 000,077,248 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-11-25 17:32:01 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003-12-01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003-09-06 13:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2001-10-26 16:45:20 | 000,042,560 | ---- | M] (Digi International, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\digirlpt.sys -- (DIGIRPS)
DRV - [2001-08-17 22:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001-08-17 22:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001-08-17 21:49:10 | 000,026,624 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irstusb.sys -- (STIrUsb)
DRV - [2000-03-10 01:24:42 | 000,007,196 | ---- | M] (IBM Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\V7.SYS -- (V7)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gazeta.hit.gemius.pl/hitredir/id=1_2aoau32zKrY2K8AzHtuKPMXfaG5wd126fPuctBzrP.67/stparam=loptipgnqn/url=http://www.gazeta.pl/0,0.html?promocja=pit2011_wyb01&utm_campaign=p_124
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\URLSearchHook: {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - No CLSID value found
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\prxtbFre2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\URLSearchHook: {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - No CLSID value found
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - No CLSID value found
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=CDS&o=16205&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=QR&apn_dtid=&apn_uid=EED60B3D-5B34-445A-AFF7-B06AE315E3E6&apn_sauid=0B484834-3D23-438A-9817-EA62EA15DB78
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\SearchScopes\{63B30D0E-2136-4FA8-B99A-1D1998E348C0}: "URL" = http://www.fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=19&tid={A988FFB5-EA06-4d11-A5AB-F372595BD7C9}
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7ADSA_pl&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2405280
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/?search={searchTerms}&loc=search_box_im2_test_v2
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\SearchScopes\{E8930232-4B31-4251-986C-98061BDC75B4}: "URL" = http://www.ant.com/web/{searchTerms}/
IE - HKU\S-1-5-21-1757981266-854245398-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://gazeta.hit.gemius.pl/hitredir/id=1_2aoau32zKrY2K8AzHtuKPMXfaG5wd126fPuctBzrP.67/stparam=loptipgnqn/url=http://www.gazeta.pl/0,0.html?promocja=pit2011_wyb01&utm_campaign=p_124"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2240: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1348: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\Goga\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-09-25 17:00:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: D:\tm\T-Mobile\InternetManager_Z\Bin\addon [2010-04-01 13:29:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-30 11:48:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012-01-27 22:13:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Goga\Dane aplikacji\Mozilla\Extensions
[2012-05-31 16:25:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Goga\Dane aplikacji\Mozilla\Firefox\Profiles\lzx7qzz3.default\extensions
[2012-05-31 16:25:50 | 000,000,000 | ---D | M] (ST-Eng7 Community Toolbar) -- C:\Documents and Settings\Goga\Dane aplikacji\Mozilla\Firefox\Profiles\lzx7qzz3.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2012-04-17 15:23:59 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Goga\Dane aplikacji\Mozilla\Firefox\Profiles\lzx7qzz3.default\extensions\engine@conduit.com
[2012-01-27 22:12:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-02-21 18:47:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-02-21 18:47:51 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-21 18:47:51 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-02-21 18:47:51 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-02-21 18:47:51 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-21 18:47:51 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-21 18:47:51 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2011-06-08 18:04:54 | 000,012,393 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
O1 - Hosts: <html lang='en'>
O1 - Hosts: <head>
O1 - Hosts:             <meta name="description" content="Yahoo! GeoCities offers you a free web site and all the tools you need to build a dynamic site. Features include easy-to-use site building tools, online help, web site statistics, secure and reliable hosting, and an intuitive control panel.">
O1 - Hosts:             <title>Yahoo! GeoCities: Get a web site with easy-to-use site building tools.</title>
O1 - Hosts:             <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/combo?yui/2.5.2/build/reset-fonts-grids/reset-fonts-grids.css&smbiz/css/headfoot_6.css&smbiz/css/ysbs_glossary_1.css"> 
O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/lib/smbiz/css/geocities_84954.css"> 
O1 - Hosts: <style>
O1 - Hosts: h1 { line-height:30px;height:30px; padding-left:15px; font-weight:bold;font-size:1.6em;color:#1f296a;}
O1 - Hosts: .services li { margin-left:1.0em; padding-left:0.5em; background:url("http://l.yimg.com/a/lib/smbiz/i/geo_bullet_3x3_1.gif") no-repeat 0 0.5em; margin-bottom:0.5em;margin-left:1.5em;margin-right:0.5em;width:6em}
O1 - Hosts: .services li {float:left; width:17em; font-size:116%;margin-top:0.8em}
O1 - Hosts:  .services {  font-size:116%; padding-bottom:20px }
O1 - Hosts: .learnmore a {color:#2882DE;font-size:16px}
O1 - Hosts: .image_web  {float:right; margin:15px 0 0 15px}
O1 - Hosts: p {margin:20px;font-size:1em;}
O1 - Hosts: h2 {margin:20px 0 0 20px;color:#1F296;font-weight:bold;font-size:1.25em;color:#1f296a;}
O1 - Hosts: h3 {margin:20px;color:#1F296;font-weight:bold;font-size:1.15em;color:#1f296a;}
O1 - Hosts: li.rule {border-top:solid 1px #DBE1E6;}
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
O1 - Hosts:  <div class="ez-mw" style ="height:900px;width:905px">
O1 - Hosts:     <div class="ez-wri ez-oh" style="width:900px">
O1 - Hosts: 90 more lines...
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Ant.com browser helper (video detector)) - {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (no name) - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - No CLSID value found.
O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\prxtbFre2.dll (Conduit Ltd.)
O2 - BHO: (no name) - {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - No CLSID value found.
O2 - BHO: (no name) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - No CLSID value found.
O2 - BHO: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found.
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll (MTWB)
O2 - BHO: (Fast Browser Search Toolbar Helper) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll ()
O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll ()
O3 - HKLM\..\Toolbar: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O3 - HKLM\..\Toolbar: (no name) - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\prxtbFre2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll ()
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll ()
O3 - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - No CLSID value found.
O3 - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\Toolbar\WebBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll ()
O3 - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\Toolbar\WebBrowser: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O3 - HKU\S-1-5-21-1757981266-854245398-725345543-1003\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\prxtbFre2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [iPlusManager] C:\Program Files\Plus Internet\iPlusChecker.exe File not found
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKU\S-1-5-21-1757981266-854245398-725345543-1003..\Run: [DAEMON Tools Lite] D:\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1757981266-854245398-725345543-1003..\Run: [EXPLORER.EXE] C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1757981266-854245398-725345543-1003..\Run: [wsctf.exe] wsctf.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\mcserver.lnk = D:\tm\T-Mobile\InternetManager_Z\Bin\mcserver.exe (ZTE)
O4 - Startup: C:\Documents and Settings\Goga\Menu Start\Programy\Autostart\rundlll.exe ()
O4 - Startup: C:\Documents and Settings\Goga\Menu Start\Programy\Autostart\WinSvc.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-854245398-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1757981266-854245398-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1757981266-854245398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00  [binary data]
O7 - HKU\S-1-5-21-1757981266-854245398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1757981266-854245398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\S-1-5-21-1757981266-854245398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-21-1757981266-854245398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\S-1-5-21-1757981266-854245398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: &P&obierz &za pomocą BitComet - D:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - D:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Download videos by Ant.com - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - D:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{87BD1363-B9EF-4F00-83A5-27D911318BA1}: NameServer = 213.158.199.1 213.158.199.5
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - http://fotki.yandex.ru/js/c/Fotki.js?build=df13d9fd8dd6ba4b4016997523b338e4
O24 - Desktop Components:1 () - http://translate.googleusercontent.com/video/report/306/preview_482.jpg
O24 - Desktop Components:2 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Goga\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Goga\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-08-25 09:24:13 | 000,000,007 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-10-05 09:26:36 | 000,000,059 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2007-11-03 12:37:25 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{04055ac8-9925-11e1-af28-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{04055ac8-9925-11e1-af28-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{0457923e-1ed6-11e2-af89-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{0457923e-1ed6-11e2-af89-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{07e60b7e-2db6-11df-9949-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{07e60b7e-2db6-11df-9949-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{0c744f21-2bff-11e0-9b61-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{0c744f21-2bff-11e0-9b61-001dd945cecb}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{102adb1a-9c53-11de-967c-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{102adb1a-9c53-11de-967c-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{102adb1d-9c53-11de-967c-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{102adb1d-9c53-11de-967c-001dd945cecb}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{10e6daf6-645e-11e1-aefe-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{10e6daf6-645e-11e1-aefe-001dd945cecb}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{11dfa874-e161-11e0-9c58-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{11dfa874-e161-11e0-9c58-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{11dfa875-e161-11e0-9c58-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{11dfa875-e161-11e0-9c58-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{12c23684-57b4-11e0-9bab-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{12c23684-57b4-11e0-9bab-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{12c23691-57b4-11e0-9bab-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{12c23691-57b4-11e0-9bab-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{12c23692-57b4-11e0-9bab-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{12c23692-57b4-11e0-9bab-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{12c23693-57b4-11e0-9bab-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{12c23693-57b4-11e0-9bab-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{12c23697-57b4-11e0-9bab-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{12c23697-57b4-11e0-9bab-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{18b3b045-9f4c-11e0-9bf0-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{18b3b045-9f4c-11e0-9bf0-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{1f6f1ede-f800-11df-9afd-001dd945cecb}\Shell\AutoRun\command - "" = I:\f662sjd.exe
O33 - MountPoints2\{1f6f1ede-f800-11df-9afd-001dd945cecb}\Shell\open\Command - "" = I:\f662sjd.exe
O33 - MountPoints2\{25b4a41e-2d70-11e2-afaf-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{25b4a41e-2d70-11e2-afaf-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{29c8eb62-c0f8-11e1-af6a-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{29c8eb62-c0f8-11e1-af6a-001dd945cecb}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{29c8eb64-c0f8-11e1-af6a-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{29c8eb64-c0f8-11e1-af6a-001dd945cecb}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{29c8eb67-c0f8-11e1-af6a-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{29c8eb67-c0f8-11e1-af6a-001dd945cecb}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{29c8eb6b-c0f8-11e1-af6a-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{29c8eb6b-c0f8-11e1-af6a-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{2ae90014-6b49-11e0-9bc9-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{2ae90014-6b49-11e0-9bc9-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2ae90016-6b49-11e0-9bc9-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{2ae90016-6b49-11e0-9bc9-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2ae9001a-6b49-11e0-9bc9-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{2ae9001a-6b49-11e0-9bc9-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2f5993f2-6473-11e0-9bc4-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{2f5993f2-6473-11e0-9bc4-001dd945cecb}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{39ec4190-516b-11e0-9ba3-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{39ec4190-516b-11e0-9ba3-001dd945cecb}\Shell\AutoRun\command - "" = G:\USBAutoRun.exe
O33 - MountPoints2\{406f726c-1edd-11e2-af8a-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{406f726c-1edd-11e2-af8a-001dd945cecb}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{406f7270-1edd-11e2-af8a-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{406f7270-1edd-11e2-af8a-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{507b9efe-1627-11df-98fc-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{507b9efe-1627-11df-98fc-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{50d58206-1413-11e0-9b36-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{50d58206-1413-11e0-9b36-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{53594a37-437f-11e1-aea2-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{53594a37-437f-11e1-aea2-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{535a3278-ba09-11dd-923c-0016d3e7f7de}\Shell\AutoRun\command - "" = F:\e.cmd
O33 - MountPoints2\{535a3278-ba09-11dd-923c-0016d3e7f7de}\Shell\explore\Command - "" = F:\e.cmd
O33 - MountPoints2\{535a3278-ba09-11dd-923c-0016d3e7f7de}\Shell\open\Command - "" = F:\e.cmd
O33 - MountPoints2\{53d5c66c-3ef3-11de-94e6-001dd945cecb}\Shell\AutoRun\command - "" = F:\qs.exe
O33 - MountPoints2\{53d5c66c-3ef3-11de-94e6-001dd945cecb}\Shell\open\Command - "" = F:\qs.exe
O33 - MountPoints2\{5b58ecc3-607b-11dd-90d4-0016d3e7f7de}\Shell\AutoRun\command - "" = F:\e.cmd
O33 - MountPoints2\{5b58ecc3-607b-11dd-90d4-0016d3e7f7de}\Shell\explore\Command - "" = F:\e.cmd
O33 - MountPoints2\{5b58ecc3-607b-11dd-90d4-0016d3e7f7de}\Shell\open\Command - "" = F:\e.cmd
O33 - MountPoints2\{5b58ecc4-607b-11dd-90d4-0016d3e7f7de}\Shell\AutoRun\command - "" = F:\e.cmd
O33 - MountPoints2\{5b58ecc4-607b-11dd-90d4-0016d3e7f7de}\Shell\explore\Command - "" = F:\e.cmd
O33 - MountPoints2\{5b58ecc4-607b-11dd-90d4-0016d3e7f7de}\Shell\open\Command - "" = F:\e.cmd
O33 - MountPoints2\{637c023b-62f3-11e0-9bc1-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{637c023b-62f3-11e0-9bc1-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{67ed8515-b7f7-11e1-af63-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{67ed8515-b7f7-11e1-af63-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{6dfa7d6a-a039-11de-9697-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{6dfa7d6a-a039-11de-9697-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{704637f1-772c-11e0-9bcd-cc60b7e5a70f}\Shell - "" = AutoRun
O33 - MountPoints2\{704637f1-772c-11e0-9bcd-cc60b7e5a70f}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{704637f5-772c-11e0-9bcd-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{704637f5-772c-11e0-9bcd-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{70463806-772c-11e0-9bcd-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{70463806-772c-11e0-9bcd-001dd945cecb}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{70463807-772c-11e0-9bcd-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{70463807-772c-11e0-9bcd-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{713045ee-5b04-11dd-90a4-0016d3e7f7de}\Shell\AutoRun\command - "" = F:\e.cmd
O33 - MountPoints2\{713045ee-5b04-11dd-90a4-0016d3e7f7de}\Shell\explore\Command - "" = F:\e.cmd
O33 - MountPoints2\{713045ee-5b04-11dd-90a4-0016d3e7f7de}\Shell\open\Command - "" = F:\e.cmd
O33 - MountPoints2\{71ce47ea-789e-11e0-9bce-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{71ce47ea-789e-11e0-9bce-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{87002e40-4368-11df-998b-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{87002e40-4368-11df-998b-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8c227cab-200b-11e1-9c89-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{8c227cab-200b-11e1-9c89-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8c227caf-200b-11e1-9c89-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{8c227caf-200b-11e1-9c89-001dd945cecb}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{8d549d79-a6db-11de-96c3-0016d3e7f7de}\Shell - "" = AutoRun
O33 - MountPoints2\{8d549d79-a6db-11de-96c3-0016d3e7f7de}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{994a3ace-a088-11de-969b-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{994a3ace-a088-11de-969b-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{996d6112-9ed4-11de-9690-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{996d6112-9ed4-11de-9690-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{996d6116-9ed4-11de-9690-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{996d6116-9ed4-11de-9690-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9fb53dbe-fc94-11df-9b00-001dd945cecb}\Shell\AutoRun\command - "" = I:\1j038ki.exe
O33 - MountPoints2\{9fb53dbe-fc94-11df-9b00-001dd945cecb}\Shell\open\Command - "" = I:\1j038ki.exe
O33 - MountPoints2\{a846d0ca-2b3d-11de-9491-0016d3e7f7de}\Shell\AutoRun\command - "" = F:\e.cmd
O33 - MountPoints2\{a846d0ca-2b3d-11de-9491-0016d3e7f7de}\Shell\explore\Command - "" = F:\e.cmd
O33 - MountPoints2\{a846d0ca-2b3d-11de-9491-0016d3e7f7de}\Shell\open\Command - "" = F:\e.cmd
O33 - MountPoints2\{a846d0cb-2b3d-11de-9491-0016d3e7f7de}\Shell\AutoRun\command - "" = H:\e.cmd
O33 - MountPoints2\{a846d0cb-2b3d-11de-9491-0016d3e7f7de}\Shell\explore\Command - "" = H:\e.cmd
O33 - MountPoints2\{a846d0cb-2b3d-11de-9491-0016d3e7f7de}\Shell\open\Command - "" = H:\e.cmd
O33 - MountPoints2\{b686ea65-2192-11e1-9c8b-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{b686ea65-2192-11e1-9c8b-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{b69f9d97-b983-11e1-af67-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{b69f9d97-b983-11e1-af67-001dd945cecb}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c0375a2a-1d32-11dd-8f35-86836e0a0233}\Shell\AutoRun\command - "" = F:\nhbivui.exe
O33 - MountPoints2\{c0375a2a-1d32-11dd-8f35-86836e0a0233}\Shell\explore\Command - "" = F:\nhbivui.exe
O33 - MountPoints2\{c0375a2a-1d32-11dd-8f35-86836e0a0233}\Shell\open\Command - "" = F:\nhbivui.exe
O33 - MountPoints2\{c3b14d40-32e2-11e1-9caf-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{c3b14d40-32e2-11e1-9caf-001dd945cecb}\Shell\AutoRun\command - "" = G:\USBAutoRun.exe
O33 - MountPoints2\{cae3b316-93ab-11dd-9148-0016d3e7f7de}\Shell\verb1\command - "" = desktop.exe
O33 - MountPoints2\{cb031394-401d-11e1-ae87-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{cb031394-401d-11e1-ae87-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{cec08830-57a3-11e0-9baa-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{cec08830-57a3-11e0-9baa-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{cec08833-57a3-11e0-9baa-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{cec08833-57a3-11e0-9baa-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{cec08835-57a3-11e0-9baa-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{cec08835-57a3-11e0-9baa-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{cec08836-57a3-11e0-9baa-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{cec08836-57a3-11e0-9baa-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{cf7ca6cb-9a57-11e0-9be9-001e101f515d}\Shell - "" = AutoRun
O33 - MountPoints2\{cf7ca6cb-9a57-11e0-9be9-001e101f515d}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{d0486ced-2372-11e2-af94-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{d0486ced-2372-11e2-af94-001dd945cecb}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{d0486cef-2372-11e2-af94-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{d0486cef-2372-11e2-af94-001dd945cecb}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{d21a79ad-e92c-11df-9ae9-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{d21a79ad-e92c-11df-9ae9-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d2c127b2-a089-11de-969c-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{d2c127b2-a089-11de-969c-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d5b545e6-931e-11e0-9be3-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{d5b545e6-931e-11e0-9be3-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{da441640-486b-11df-999f-001dd945cecb}\Shell\AutoRun\command - "" = dhrhyje.bat
O33 - MountPoints2\{da441640-486b-11df-999f-001dd945cecb}\Shell\open\Command - "" = dhrhyje.bat
O33 - MountPoints2\{e1394014-40ef-11e1-ae8a-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{e1394014-40ef-11e1-ae8a-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e1394018-40ef-11e1-ae8a-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{e1394018-40ef-11e1-ae8a-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e4cd33e8-9dd8-11de-9688-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{e4cd33e8-9dd8-11de-9688-001dd945cecb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f5147204-aff1-11e1-af4e-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{f5147204-aff1-11e1-af4e-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f5147208-aff1-11e1-af4e-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{f5147208-aff1-11e1-af4e-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f514720a-aff1-11e1-af4e-001dd945cecb}\Shell - "" = AutoRun
O33 - MountPoints2\{f514720a-aff1-11e1-af4e-001dd945cecb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{fa874d1f-9ef6-11df-9a9a-001dd945cecb}\Shell\AutoRun\command - "" = E:\twhvna.exe
O33 - MountPoints2\{fa874d1f-9ef6-11df-9a9a-001dd945cecb}\Shell\open\Command - "" = E:\twhvna.exe
O33 - MountPoints2\{fa874d20-9ef6-11df-9a9a-001dd945cecb}\Shell\AutoRun\command - "" = J:\twhvna.exe
O33 - MountPoints2\{fa874d20-9ef6-11df-9a9a-001dd945cecb}\Shell\open\Command - "" = J:\twhvna.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (smrgdf C:\Program Files\iolo\System Mechanic 6\)
O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /L:"Polish" /KBD:2)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-12-06 16:52:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Goga\Pulpit\OTL.exe
[2012-12-06 16:29:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Goga\Recent
[2012-12-06 16:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Goga\Ustawienia lokalne\Dane aplikacji\Softonic-Eng7
[2012-12-06 15:51:49 | 000,724,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bmutil.dll
[2012-12-06 15:51:49 | 000,480,384 | ---- | C] (Bytemobile, Inc.) -- C:\WINDOWS\System32\bmnet.dll
[2012-12-06 15:51:49 | 000,308,352 | ---- | C] (Bytemobile, Inc.) -- C:\WINDOWS\System32\bminstall.dll
[2012-12-06 15:51:49 | 000,132,224 | ---- | C] (Bytemobile, Inc.) -- C:\WINDOWS\System32\bmdumpd.bin
[2012-12-06 15:51:49 | 000,024,192 | ---- | C] (Bytemobile, Inc.) -- C:\WINDOWS\System32\drivers\tcpipBM.sys
[2012-12-06 15:51:49 | 000,013,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sporder.dll
[2012-12-06 15:51:49 | 000,013,184 | ---- | C] (Bytemobile, Inc.) -- C:\WINDOWS\System32\drivers\BMLoad.sys
[2012-12-06 15:51:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Internet Manager
[2012-12-06 15:40:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012-12-04 14:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\T-Mobile
[2012-12-04 14:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Service
[2012-12-03 10:15:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Goga\Dane aplikacji\InternetManager_Z
[2012-12-03 10:14:57 | 000,067,968 | ---- | C] (ZTE) -- C:\WINDOWS\System32\drivers\zte_cdc_acm.sys
[2012-12-03 10:14:57 | 000,009,984 | ---- | C] (ZTE) -- C:\WINDOWS\System32\drivers\zte_cpo.sys
[2012-12-03 10:14:55 | 000,013,824 | ---- | C] (ZTE) -- C:\WINDOWS\System32\zte_CPOCoinstaller.dll
[2007-12-19 15:46:08 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Goga\Dane aplikacji\pcouffin.sys
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-12-06 17:07:04 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-06 17:01:00 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012-12-06 16:54:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Goga\Pulpit\OTL.exe
[2012-12-06 16:53:22 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Goga\Pulpit\4bsuqsp2.exe
[2012-12-06 15:51:52 | 000,000,726 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\mcserver.lnk
[2012-12-06 15:51:48 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Internet Manager.lnk
[2012-12-06 15:50:53 | 000,000,101 | ---- | M] () -- C:\WINDOWS\System32\SupportApp.bat
[2012-12-06 15:34:08 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-06 15:34:02 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\SLOW-PCfighter-Goga-Startup.job
[2012-12-06 15:33:45 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\iMeshNAG.job
[2012-12-06 15:33:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-12-05 14:59:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-12-04 17:43:01 | 000,003,158 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2012-12-03 10:16:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_zte_cdc_acm_01009.Wdf
[2012-11-28 22:38:19 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-12-06 16:52:07 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Goga\Pulpit\4bsuqsp2.exe
[2012-12-06 15:51:52 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\mcserver.lnk
[2012-12-06 15:51:48 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Internet Manager.lnk
[2012-12-03 10:16:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_zte_cdc_acm_01009.Wdf
[2012-12-03 10:14:16 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\changeAcl.exe
[2012-12-03 10:14:16 | 000,000,101 | ---- | C] () -- C:\WINDOWS\System32\SupportApp.bat
[2012-11-08 18:59:37 | 000,000,853 | ---- | C] () -- C:\Documents and Settings\Goga\Pulpit\The Sims 2.lnk
[2012-10-25 20:01:28 | 000,012,412 | ---- | C] () -- C:\WINDOWS\System32\MCUCoInst.dll
[2012-02-15 07:58:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-01-22 10:55:29 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012-01-19 15:09:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Goga\Ustawienia lokalne\Dane aplikacji\{9C4B5AE7-6D1B-43CF-AE36-A3FC66F0D901}
[2012-01-19 15:09:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Goga\Ustawienia lokalne\Dane aplikacji\{5E967733-878C-48C8-B815-13CBBD62A9B7}
[2011-12-26 15:53:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Goga\Ustawienia lokalne\Dane aplikacji\{8358FF7C-C98D-4C32-A46B-BBB3DD6B237D}
[2011-12-26 15:53:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Goga\Ustawienia lokalne\Dane aplikacji\{7CB7DC36-237C-4CD4-8868-7AA2054E799B}
[2011-09-25 09:55:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Goga\Ustawienia lokalne\Dane aplikacji\{7501821A-0F47-4F2C-A314-8A12F21486B8}
[2011-08-04 20:24:44 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Goga\Ustawienia lokalne\Dane aplikacji\{517A5FB3-16EB-4D4B-AA0D-67446C6946F0}
[2011-08-04 20:24:44 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Goga\Ustawienia lokalne\Dane aplikacji\{01CC6450-7305-46A4-A514-836D3BAA27B7}
[2011-03-22 11:11:47 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010-05-20 20:06:51 | 000,000,208 | ---- | C] () -- C:\Documents and Settings\Goga\Dane aplikacji\burnaware.ini
[2010-05-09 13:19:38 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Goga\Dane aplikacji\$_hpcst$.hpc
[2007-12-19 15:46:08 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Goga\Dane aplikacji\inst.exe
[2007-12-19 15:46:08 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Goga\Dane aplikacji\pcouffin.cat
[2007-12-19 15:46:08 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Goga\Dane aplikacji\pcouffin.inf
[2007-11-06 20:20:17 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Goga\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007-11-03 18:21:33 | 000,000,125 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-08-11 14:38:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 18:20:47 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 18:20:57 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010-07-16 13:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
[2009-12-22 11:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2011-06-05 22:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ant.com
[2009-02-20 10:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2011-03-22 11:12:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2010-02-13 21:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CodedColor
[2010-12-31 22:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService
[2012-08-11 16:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FarmFrenzy3
[2010-02-03 20:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Fighters
[2010-05-07 23:08:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-07-29 16:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IM
[2010-07-29 16:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IncrediMail
[2009-05-05 11:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MAGIX
[2012-02-22 15:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-03-02 16:20:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PanoViewer
[2007-12-01 15:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\sentinel
[2008-05-10 13:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpieleEntwicklungsKombinat
[2012-08-02 20:36:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TP-LINK
[2012-02-22 08:31:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2008-05-09 12:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\AD ON Multimedia
[2009-11-20 13:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Alawar
[2011-10-16 17:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\AncientAqua
[2010-04-21 08:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Arkadium
[2009-10-16 12:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\ASCOMP Software
[2007-12-28 20:29:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Ashampoo
[2009-09-16 07:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Audacity
[2008-05-23 20:10:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Background Optimizer
[2012-02-19 10:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\BitComet
[2011-03-22 11:12:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Canneverbe Limited
[2012-02-18 21:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\CDRoller
[2008-05-11 08:42:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\City Interactive
[2009-02-20 11:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\CodedColor
[2009-01-27 14:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\DAEMON Tools
[2009-12-25 19:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Datalayer
[2010-02-13 21:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\DeepBurner
[2008-12-11 17:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Disney Interactive Studios
[2012-10-27 15:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Gadu-Gadu 10
[2012-08-10 21:28:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Gaijin Ent
[2007-11-04 19:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\gtopala
[2008-11-05 19:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\GuiltyGearIsukaNA
[2010-12-24 21:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\ImgBurn
[2012-12-03 10:15:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\InternetManager_Z
[2010-05-10 15:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\ipla
[2012-06-06 17:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\iPlus
[2011-10-15 12:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Karate Panda Demo
[2010-01-13 21:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Kutchka
[2008-01-27 15:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Langenscheidt
[2008-12-03 15:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Leadertech
[2008-04-30 11:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\LEGO Company
[2009-05-04 14:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\LG Electronics
[2009-05-05 11:02:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\MAGIX
[2010-09-30 18:09:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Nowe Gadu-Gadu
[2011-03-22 11:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\OpenCandy
[2009-09-16 07:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\OpenFM
[2011-04-08 20:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\OpenOffice.ux.pl2
[2011-12-06 07:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Opera
[2009-12-25 19:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\PC Suite
[2011-12-09 01:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\PriceGong
[2008-04-26 20:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\SBMAV Disk Cleaner Lite
[2011-04-16 19:03:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\SecondLife
[2008-10-30 19:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Soldat
[2008-05-10 13:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\SpieleEntwicklungsKombinat
[2010-02-13 21:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\SpinTop
[2008-12-13 16:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Stellarium
[2012-08-10 21:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\TMInc
[2011-08-18 23:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\TS3Client
[2008-11-07 11:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Goga\Dane aplikacji\Zoner
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 1022 bytes -> C:\Documents and Settings\Goga\Pulpit:Å?_ì

< End of report >