OTL logfile created on: 2013-02-18 17:23:06 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Domowy\Moje dokumenty\raportery Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1022,48 Mb Total Physical Memory | 449,34 Mb Available Physical Memory | 43,95% Memory free 2,40 Gb Paging File | 1,75 Gb Available in Paging File | 72,67% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 34,48 Gb Free Space | 35,31% Space Free | Partition Type: NTFS Drive D: | 200,43 Gb Total Space | 197,47 Gb Free Space | 98,52% Space Free | Partition Type: NTFS Drive F: | 27,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 1,84 Gb Total Space | 0,75 Gb Free Space | 40,65% Space Free | Partition Type: FAT Computer Name: HYDROGENIUM | User Name: Domowy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-02-13 16:39:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Domowy\Moje dokumenty\raportery\OTL.exe PRC - [2013-02-10 13:44:51 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe PRC - [2013-02-06 21:57:35 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013-01-12 22:06:46 | 000,114,688 | ---- | M] () -- C:\Program Files\blueconnect\blueconnect.exe PRC - [2013-01-12 22:06:44 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files\blueconnect\DataCardMonitor.exe PRC - [2012-11-07 20:54:24 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012-11-04 18:43:30 | 001,851,192 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe PRC - [2012-10-30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-10-01 08:23:54 | 000,150,328 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe PRC - [2012-04-11 07:35:48 | 000,742,816 | ---- | M] (Kingsoft Corporation) -- C:\Program Files\Kingsoft\PCDoctor\KSafeTray.exe PRC - [2012-04-10 18:07:58 | 000,290,720 | ---- | M] (Kingsoft Corporation) -- C:\Program Files\Kingsoft\PCDoctor\KSafeSvc.exe PRC - [2012-02-17 18:53:28 | 000,522,720 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\oldmcdonald.exe PRC - [2012-02-17 17:52:52 | 000,425,250 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\billy.exe PRC - [2010-08-19 09:52:04 | 000,229,376 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\DCService.exe PRC - [2009-12-31 14:13:52 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Documents and Settings\Domowy\Dane aplikacji\blueconnect\ouc.exe PRC - [2009-09-24 20:53:22 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2009-09-08 22:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe PRC - [2008-10-27 18:03:46 | 000,759,072 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-02-18 09:13:01 | 002,060,288 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13021800\algo.dll MOD - [2013-02-12 20:33:40 | 014,717,808 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll MOD - [2013-02-08 15:26:33 | 001,027,072 | ---- | M] () -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\jlp8r3m7.default-1360775584531\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll MOD - [2013-02-06 21:57:32 | 003,023,256 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013-01-12 22:06:46 | 000,114,688 | ---- | M] () -- C:\Program Files\blueconnect\blueconnect.exe MOD - [2011-10-21 10:01:48 | 000,140,664 | ---- | M] () -- C:\Program Files\Kingsoft\PCDoctor\zlib1.dll MOD - [2011-10-21 10:01:40 | 000,075,160 | ---- | M] () -- C:\Program Files\Kingsoft\PCDoctor\json.dll MOD - [2010-09-26 16:20:42 | 000,159,744 | ---- | M] () -- C:\Program Files\blueconnect\SMSPlugin.dll MOD - [2010-09-25 15:25:48 | 000,122,880 | ---- | M] () -- C:\Program Files\blueconnect\DeviceMgrPlugin.dll MOD - [2010-09-25 15:25:38 | 000,237,568 | ---- | M] () -- C:\Program Files\blueconnect\DeviceMgrUIPlugin.dll MOD - [2010-09-25 15:23:18 | 001,019,904 | ---- | M] () -- C:\Program Files\blueconnect\NDISAPI.dll MOD - [2010-08-19 09:52:04 | 000,229,376 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\DCService.exe MOD - [2010-06-28 15:41:34 | 000,155,648 | ---- | M] () -- C:\Program Files\blueconnect\DetectDev.dll MOD - [2010-01-14 19:04:08 | 000,065,536 | ---- | M] () -- C:\Program Files\blueconnect\SpeedManagerPlugin.dll MOD - [2009-12-21 15:29:50 | 000,090,112 | ---- | M] () -- C:\Program Files\blueconnect\DialUpPlugin.dll MOD - [2009-12-21 13:22:52 | 000,065,536 | ---- | M] () -- C:\Program Files\blueconnect\ConfigFilePlugin.dll MOD - [2009-12-21 12:31:36 | 000,139,264 | ---- | M] () -- C:\Program Files\blueconnect\NetInfoPlugin.dll MOD - [2009-09-08 22:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe MOD - [2009-05-23 11:02:32 | 000,061,440 | R--- | M] () -- C:\Program Files\blueconnect\XCodec.dll MOD - [2009-05-23 11:02:30 | 000,061,440 | R--- | M] () -- C:\Program Files\blueconnect\DeviceOperate.dll MOD - [2009-05-23 11:02:24 | 000,557,056 | R--- | M] () -- C:\Program Files\blueconnect\atcomm.dll MOD - [2009-01-09 11:31:54 | 000,139,264 | ---- | M] () -- C:\Program Files\blueconnect\LocaleMgrPlugin.dll MOD - [2009-01-09 11:30:38 | 000,032,768 | ---- | M] () -- C:\Program Files\blueconnect\NotifyServicePlugin.dll MOD - [2008-11-08 10:52:10 | 000,090,112 | R--- | M] () -- C:\Program Files\blueconnect\FileManager.dll MOD - [2008-11-08 10:52:08 | 000,014,848 | R--- | M] () -- C:\Program Files\blueconnect\isaputrace.dll MOD - [2008-04-14 18:20:37 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2013-02-12 20:33:44 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-02-06 21:57:33 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-12-14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-11-07 20:54:24 | 000,161,768 | ---- | M] (Oracle Corporation) [On_Demand | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012-10-01 08:22:06 | 000,295,224 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2012-09-13 01:57:47 | 000,123,568 | ---- | M] (Stardock Software, Inc) [On_Demand | Stopped] -- C:\Program Files\Stardock\Multiplicity2\MultiSrv.exe -- (Multiplicity) SRV - [2012-04-10 18:07:58 | 000,290,720 | ---- | M] (Kingsoft Corporation) [Auto | Running] -- C:\Program Files\Kingsoft\PCDoctor\KSafeSvc.exe -- (KSafeSvc) SRV - [2010-08-19 09:52:04 | 000,229,376 | ---- | M] () [On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\DCService.exe -- (DCService.exe) SRV - [2009-09-24 20:53:22 | 000,238,952 | ---- | M] (Teruten) [On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2009-09-08 22:12:51 | 000,116,104 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2008-10-27 18:03:46 | 000,759,072 | ---- | M] (ABBYY (BIT Software)) [On_Demand | Running] -- C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.ScreenshotReader.9.0) SRV - [2008-04-07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013-02-15 16:30:27 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2012-12-19 15:36:24 | 000,188,328 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2012-12-19 15:36:10 | 000,104,872 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2012-12-19 15:35:16 | 000,116,136 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2012-12-19 15:35:16 | 000,094,632 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - [2012-12-14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012-10-30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012-10-30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012-10-30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012-10-30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2012-10-30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2012-10-30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2012-10-30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012-09-18 10:33:00 | 000,081,336 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2012-09-18 10:32:56 | 000,065,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou) DRV - [2012-09-18 10:32:56 | 000,012,216 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2012-09-18 10:32:44 | 000,022,072 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2010-07-04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2010-04-09 15:24:18 | 000,069,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - [2010-04-09 15:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2010-02-04 05:21:49 | 000,108,032 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smtmoser.sys -- (smtmoser) DRV - [2009-12-23 17:00:39 | 000,025,728 | R--- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smtmoadb.sys -- (androidusb) DRV - [2009-09-21 09:33:06 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009-03-20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009-03-20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) DRV - [2009-03-20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV - [2009-02-27 15:39:18 | 000,007,552 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewfiltertdidriver.sys -- (filtertdidriver) DRV - [2007-09-29 04:05:58 | 002,456,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007-09-17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007-09-05 10:31:30 | 004,611,072 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2007-06-28 12:46:42 | 000,020,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2007-06-28 12:46:40 | 000,045,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-06-18 23:51:32 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006-05-03 15:40:42 | 000,390,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd) DRV - [2003-09-19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-515967899-606747145-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com IE - HKU\S-1-5-21-515967899-606747145-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-515967899-606747145-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-515967899-606747145-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ IE - HKU\S-1-5-21-515967899-606747145-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = IE - HKU\S-1-5-21-515967899-606747145-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = IE - HKU\S-1-5-21-515967899-606747145-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = IE - HKU\S-1-5-21-515967899-606747145-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = IE - HKU\S-1-5-21-515967899-606747145-725345543-1005\..\SearchScopes,DefaultScope = {98D11AA3-3165-4C84-8CBF-092608D6DF8C} IE - HKU\S-1-5-21-515967899-606747145-725345543-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-515967899-606747145-725345543-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-515967899-606747145-725345543-1005\..\SearchScopes\{98D11AA3-3165-4C84-8CBF-092608D6DF8C}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms} IE - HKU\S-1-5-21-515967899-606747145-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: passworddepot%40acebit.com:6.2.2.0 FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.20 FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.7.1 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\passworddepot@acebit.com: C:\Program Files\AceBIT\Password Depot 6\Firefox\ [2013-02-12 23:42:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-13 22:22:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-02-06 21:57:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-02-13 21:58:18 | 000,000,000 | ---D | M] [2013-02-16 20:03:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Extensions [2013-02-18 16:50:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\jlp8r3m7.default-1360775584531\extensions [2013-02-13 21:15:00 | 000,000,000 | ---D | M] (British English Dictionary (Updated)) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\jlp8r3m7.default-1360775584531\extensions\en-gb@flyingtophat.co.uk [2013-02-15 20:30:44 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\jlp8r3m7.default-1360775584531\extensions\support@lastpass.com [2013-02-13 19:20:37 | 000,123,385 | ---- | M] () (No name found) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\jlp8r3m7.default-1360775584531\extensions\elemhidehelper@adblockplus.org.xpi [2013-02-15 13:22:49 | 000,817,280 | ---- | M] () (No name found) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\jlp8r3m7.default-1360775584531\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-16 20:03:35 | 000,242,136 | ---- | M] () (No name found) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\jlp8r3m7.default-1360775584531\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-02-06 21:56:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013-02-06 21:56:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-02-06 21:55:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\chrome\pl\locale\pl\mozapps\extensions [2013-02-06 21:55:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\chrome\toolkit\content\mozapps\extensions [2013-02-06 21:56:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\chrome\toolkit\skin\classic\aero\mozapps\extensions [2013-02-06 21:56:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\chrome\toolkit\skin\classic\mozapps\extensions [2013-02-12 23:42:44 | 000,000,000 | ---D | M] (Password Depot Extension) -- C:\PROGRAM FILES\ACEBIT\PASSWORD DEPOT 6\FIREFOX [2013-02-06 21:57:35 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2013-01-05 16:46:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2013-01-05 16:46:01 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-01-14 11:07:44 | 000,002,034 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml [2013-01-05 16:46:01 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2013-01-05 16:46:01 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2013-01-05 16:46:01 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2013-01-05 16:46:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://home.myplaycity.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\25.0.1364.84\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\25.0.1364.84\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\25.0.1364.84\pdf.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: MyWebFace Installer Plugin Stub (Enabled) = C:\Program Files\MyWebFace_5aEI\Installr\1.bin\NP5aEISB.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - Extension: Angry Birds = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_2\ CHR - Extension: http://pobierz.pl/gry/windows/sportowe/nba-2k = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\almkmdiapoafkbigaeonkpondgbdhalj\2013.2.6.48742_0\ CHR - Extension: Dysk Google = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: HC GKS Katowice - oficjalna strona hokejowej GieKSy. = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apifnjckmjccbmpkbekdloammmmfjidm\2013.1.15.54993_0\ CHR - Extension: http://pobierz.pl/gry/windows/sportowe/nhl-09 = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bgnhppmpajaojlfpdanbdddimoelbdgp\2013.2.2.55727_0\ CHR - Extension: YouTube = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: 2CONV VIDEO CONVERTER. VIDEO TO MP3 CONVERTER. = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bpomkjklofhokffoficelnlljbabckli\2012.12.25.52442_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Tampermonkey = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\2.11.3078_0\ CHR - Extension: User-Agent Switcher for Chrome = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg\1.0.26_0\ CHR - Extension: Gra Gangnam Style = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\fdbdhcafljkcahgefanhpdahdnpfkaok\1.0.0_1\ CHR - Extension: Stylish = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.1_0\ CHR - Extension: Click&Clean = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.0.1_1\ CHR - Extension: AdBlock = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.60_0\ CHR - Extension: http://pobierz.pl/gry/windows/gry-akcji/tom-c = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gpbhomhojpmaabojigihfdlkhfilgpli\2013.2.6.49571_0\ CHR - Extension: LastPass = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.20_0\ CHR - Extension: http://pobierz.pl/gry/windows/sportowe/pro-ev = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hjckilgoejonklbjakplidpohgimbhlf\2013.2.6.48922_0\ CHR - Extension: Allow Right-Click = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hompjdfbfmmmgflfjdlnkohcplmboaeo\1.2.15_0\ CHR - Extension: Password Depot Browser Extension for Google Chrome = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\imkcgcjpeajeajpcpbdbgbknfaijnpdc\6.1.6_0\ CHR - Extension: http://pobierz.pl/gry/windows/sportowe/vancou = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\inanlmhlfopnnacgikpbdbjmoipkjjdf\2013.2.6.49283_0\ CHR - Extension: http://www.youtube-mp3.org/pl = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jidcbfegfahmndhaklacfibejfbaphfn\2012.12.22.58210_0\ CHR - Extension: History Eraser App = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jjolhjmdgbhebcdnfjhngobjggghoipa\3.8_0\ CHR - Extension: http://pobierz.pl/gry/windows/sportowe/fifa-m = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kkmddphnkojpfikekeaahlogbmdmcaji\2013.2.6.48436_0\ CHR - Extension: Ultimate User Agent Switcher, URL sniffer = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ljfpjnehmoiabkefmnjegmpdddgcdnpo\0.9.2.1_0\ CHR - Extension: User-Agent Switcher = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lkmofgnohbedopheiphabfhfjgkhfcgf\1.6_0\ CHR - Extension: http://download.komputerswiat.pl/gry-i-rozryw = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\llaicbbhkclamlkcaikbeipjiljokdoa\2013.2.2.55615_0\ CHR - Extension: http://www.gry.pl/ = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nhcelcmnjhnpjgcijakgclhfblmpbnfp\2013.1.15.54891_0\ CHR - Extension: Download YouTube Videos as MP4 = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiedkoafeodhiiccoclonninnkjbjnff\1.5.3_2\ CHR - Extension: Click&Clean App = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\ CHR - Extension: Gmail = C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012-12-29 23:42:38 | 000,000,858 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 212.77.100.101 wp.pl O1 - Hosts: 213.180.147.27 zapytaj.onet.pl O1 - Hosts: 217.74.71.147 mobi.interia.pl O1 - Hosts: 217.74.64.236 poczta.interia.pl O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Password Depot 6) - {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} - C:\Program Files\AceBIT\Password Depot 6\pdIEAddOn32.dll (AceBIT) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome\Application\25.0.1364.84\npchrome_frame.dll (Google Inc.) O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll () O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKU\S-1-5-21-515967899-606747145-725345543-1005\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll () O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [KSafeTray] C:\Program files\Kingsoft\PCDoctor\KSafeTray.exe (Kingsoft Corporation) O4 - HKU\S-1-5-21-515967899-606747145-725345543-1005..\Run: [HW_OPENEYE_OUC_blueconnect] C:\Program Files\blueconnect\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Password Depot 6 - {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} - C:\Program Files\AceBIT\Password Depot 6\PasswordDepot.exe (AceBIT GmbH) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1352667522828 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1359765588281 (MUWebControl Class) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D6FB3FB-2D50-4578-A4CF-8100C00B79F5}: NameServer = 212.74.114.129,83.146.21.6 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{61DFABE7-4335-468B-9250-F3CC27661998}: NameServer = 198.153.192.1,198.153.194.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62A3D78B-255E-477A-8FE8-28530527E8AE}: NameServer = 198.153.192.1,198.153.194.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D111F7C2-C338-48C6-BA61-3B799F073AF6}: NameServer = 213.158.199.1 213.158.199.5 O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome\Application\25.0.1364.84\npchrome_frame.dll (Google Inc.) O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll () O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (%windir%\XP SP3 W1440.exe) - C:\WINDOWS\XP SP3 W1440.EXE (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-11-06 00:49:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012-11-11 14:12:33 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2012-11-11 14:12:34 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-08-19 17:49:08 | 000,126,976 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2009-05-05 02:59:04 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O32 - AutoRun File - [2013-02-13 21:02:12 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ FAT ] O33 - MountPoints2\{30817388-79db-11e2-bca0-08002700a42b}\Shell - "" = AutoRun O33 - MountPoints2\{30817388-79db-11e2-bca0-08002700a42b}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010-08-19 17:49:08 | 000,126,976 | R--- | M] () O33 - MountPoints2\{7224b1c0-5e66-11e2-af16-e2d01a8632e5}\Shell - "" = AutoRun O33 - MountPoints2\{897c03c2-7845-11e2-bc9f-08002700a42b}\Shell - "" = AutoRun O33 - MountPoints2\{897c03c2-7845-11e2-bc9f-08002700a42b}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010-08-19 17:49:08 | 000,126,976 | R--- | M] () O33 - MountPoints2\{897c03c5-7845-11e2-bc9f-08002700a42b}\Shell - "" = AutoRun O33 - MountPoints2\{897c03c5-7845-11e2-bc9f-08002700a42b}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010-08-19 17:49:08 | 000,126,976 | R--- | M] () O33 - MountPoints2\{a0a5faba-7617-11e2-af37-08002700a42b}\Shell - "" = AutoRun O33 - MountPoints2\{b4a89a15-5cfb-11e2-af11-de37d2554de4}\Shell - "" = AutoRun O33 - MountPoints2\{b4a89a15-5cfb-11e2-af11-de37d2554de4}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010-08-19 17:49:08 | 000,126,976 | R--- | M] () O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010-08-19 17:49:08 | 000,126,976 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-02-18 17:16:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Moje dokumenty\Password Depot [2013-02-18 17:10:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Moje dokumenty\raportery [2013-02-16 14:42:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Dane aplikacji\ATI [2013-02-16 14:41:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang [2013-02-16 14:41:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Dane aplikacji\KSafe [2013-02-16 14:40:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2013-02-16 14:11:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Szablony [2013-02-15 15:14:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Menu Start\Programy\nLite [2013-02-13 22:25:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus [2013-02-13 22:25:07 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2013-02-13 22:25:06 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2013-02-13 22:25:01 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2013-02-13 22:25:01 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2013-02-13 22:24:59 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2013-02-13 22:24:58 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2013-02-13 22:24:58 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2013-02-13 22:24:57 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2013-02-13 22:21:44 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2013-02-13 22:21:41 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2013-02-13 22:11:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Domowy\Recent [2013-02-13 21:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Moje dokumenty\Browser [2013-02-13 20:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BDLogging [2013-02-13 20:57:21 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\capicom.dll [2013-02-13 18:49:17 | 000,000,000 | ---D | C] -- C:\Program Files\Hosts_Anti_Adwares_PUPs [2013-02-13 18:21:13 | 000,000,000 | ---D | C] -- C:\_OTL [2013-02-13 15:57:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Logs [2013-02-13 12:49:56 | 000,061,440 | ---- | C] (Reflexive) -- C:\WINDOWS\System32\Big Kahuna Reef 2.scr [2013-02-13 12:49:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Big Kahuna Reef 2 [2013-02-13 12:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Big Kahuna Reef 2 [2013-02-13 12:48:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Menu Start\Programy\Rebel Bomberman [2013-02-13 12:48:28 | 000,000,000 | ---D | C] -- C:\Program Files\Alawar [2013-02-13 12:48:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Super Collapse 3 [2013-02-13 12:48:00 | 000,000,000 | ---D | C] -- C:\Program Files\Super Collapse 3 [2013-02-13 12:47:45 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade [2013-02-13 12:46:41 | 000,327,168 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUn0415.exe [2013-02-13 00:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Moje dokumenty\TotalValidatorTool [2013-02-13 00:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Dane aplikacji\TotalValidatorTool [2013-02-12 23:48:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Dane aplikacji\AceBIT [2013-02-12 23:42:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AceBIT [2013-02-12 23:42:39 | 000,672,024 | ---- | C] (WeOnlyDo! COM) -- C:\WINDOWS\System32\wodKeys.dll [2013-02-12 23:42:38 | 000,729,424 | ---- | C] (WeOnlyDo Software) -- C:\WINDOWS\System32\wodSFTP.dll [2013-02-12 23:42:26 | 000,000,000 | ---D | C] -- C:\Program Files\AceBIT [2013-02-12 23:41:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Menu Start\Programy\Total Validator Tool [2013-02-12 23:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\TotalValidatorTool [2013-02-12 19:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Anvisoft [2013-02-12 19:07:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\SlimWare Utilities Inc [2013-02-12 19:02:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Downloaded Installers [2013-02-07 17:40:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Games [2013-02-07 17:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games [2013-02-07 00:46:55 | 016,909,640 | ---- | C] (Electronic Arts, Inc.) -- C:\Documents and Settings\Domowy\Pulpit\OriginThinSetup (1).exe [2013-02-06 23:05:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Domowy\Moje dokumenty\OTL.exe [2013-02-06 22:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ALLConverter PRO [2013-02-06 22:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\ALLConverter [2013-02-06 22:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO [2013-02-06 21:54:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\CRE [2013-02-06 21:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013-02-04 19:28:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Mousie [2013-02-04 19:28:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mousie [2013-02-04 18:27:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Dane aplikacji\Malwarebytes [2013-02-04 18:27:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware [2013-02-04 18:27:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2013-02-04 18:27:28 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013-02-04 18:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013-02-03 22:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Menu Start\Programy\Games [2013-02-03 22:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\KARPOLAN [2013-02-02 20:54:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Moje dokumenty\KONAMI [2013-02-02 13:56:58 | 000,000,000 | -HSD | C] -- C:\found.000 [2013-02-02 06:33:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\KONAMI [2013-02-02 06:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI [2013-02-01 23:47:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2013-02-01 23:43:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Domowy\NetHood [2013-01-30 14:45:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\VirtualBox VMs [2013-01-30 14:42:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\.VirtualBox [2013-01-30 14:40:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Oracle VM VirtualBox [2013-01-30 14:40:21 | 000,188,328 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\VBoxDrv.sys [2013-01-30 14:39:58 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\VBoxUSBMon.sys [2013-01-30 14:39:13 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2013-01-22 16:45:09 | 000,081,920 | ---- | C] (Compedia LTD.) -- C:\WINDOWS\System32\LZSCMPRS.DLL [2013-01-22 16:45:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Avalon and Compedia Multimedia [2013-01-22 16:45:08 | 000,092,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\Wing.dll [2013-01-22 16:45:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Wing32.dll [2013-01-22 16:44:16 | 000,000,000 | ---D | C] -- C:\Program Files\Compedia [2013-01-22 16:39:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Moje dokumenty\FIFA 08 Demo [2013-01-21 22:23:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\Nieużywane skróty pulpitu [2013-01-21 21:50:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA SPORTS [2013-01-20 19:35:21 | 000,000,000 | ---D | C] -- C:\Program Files\Super Taxi Driver 2006 [2013-01-20 19:15:33 | 000,000,000 | ---D | C] -- C:\cybermycha [2013-01-20 17:38:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\ReadMe [2013-01-20 17:38:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\data [2013-01-20 17:38:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\AutoRun [2013-01-20 17:38:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\Support [2013-01-20 17:33:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\EA 2001,2005,2008 SPORTS [2013-01-20 15:54:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Moje dokumenty\FIFA 2005 [2013-01-19 17:47:31 | 000,000,000 | ---D | C] -- C:\Program Files\BlueStacks [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-02-18 17:22:00 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7BE2CED4-AAFC-4C8B-9B10-F50E05A7AE58}.job [2013-02-18 17:21:00 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{66E46D5A-2A05-461A-939E-97CEF7356EDE}.job [2013-02-18 17:19:06 | 000,001,136 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-606747145-725345543-1005UA.job [2013-02-18 17:05:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-02-18 17:04:20 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DDE2CB88-54B3-4F31-9239-BA04F6D2F941}.job [2013-02-18 17:00:46 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013-02-18 17:00:24 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\KsafeDelay.job [2013-02-18 16:59:42 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-02-18 16:59:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-02-18 16:59:00 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys [2013-02-18 16:50:08 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-02-18 15:51:09 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-02-16 19:19:02 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-606747145-725345543-1005Core.job [2013-02-16 16:09:31 | 000,001,871 | ---- | M] () -- C:\Documents and Settings\Domowy\Moje dokumenty\Nowy1.html [2013-02-16 14:40:49 | 000,243,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-02-16 13:58:56 | 000,016,778 | ---- | M] () -- C:\Documents and Settings\Domowy\Moje dokumenty\cc_20130216_135848.reg [2013-02-16 13:02:07 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\housecall.guid.cache [2013-02-16 10:52:11 | 021,469,265 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\nba_2k13.zip [2013-02-15 23:22:36 | 009,681,197 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\r [2013-02-15 23:19:09 | 008,053,132 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\hockey_fight_pro.apk [2013-02-15 23:11:40 | 002,948,317 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Niepotwierdzony 897534.crdownload [2013-02-15 22:28:51 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\Domowy\Moje dokumenty\fd.js [2013-02-15 17:31:24 | 274,726,912 | ---- | M] () -- C:\Documents and Settings\Domowy\Moje dokumenty\bitdef32+.iso [2013-02-15 17:22:50 | 000,589,824 | ---- | M] () -- C:\Documents and Settings\Domowy\Moje dokumenty\gr.iso [2013-02-15 16:30:27 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys [2013-02-15 15:14:23 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\nLite.lnk [2013-02-15 14:41:07 | 000,000,938 | ---- | M] () -- C:\Documents and Settings\Domowy\Dane aplikacji\wklnhst.dat [2013-02-15 13:32:32 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2013-02-14 21:38:50 | 000,558,810 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-02-14 21:38:50 | 000,496,094 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-02-14 21:38:50 | 000,105,750 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-02-14 21:38:50 | 000,084,578 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013-02-14 01:02:00 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013-02-13 22:25:08 | 000,001,698 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk [2013-02-13 20:59:36 | 001,513,490 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\1360785234.bdinstall.bin [2013-02-13 20:57:42 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_avchv_01009.Wdf [2013-02-13 12:54:04 | 000,000,030 | ---- | M] () -- C:\WINDOWS\TextSpy.ini [2013-02-13 12:49:56 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Big Kahuna Reef 2 - Chain Reaction.lnk [2013-02-13 12:48:41 | 000,000,868 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Rebel Bomberman.lnk [2013-02-13 12:48:03 | 000,000,787 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Super Collapse 3.lnk [2013-02-12 23:41:37 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Total Validator.lnk [2013-02-12 21:19:42 | 003,767,142 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Shaggy - Boombastic.mp3 [2013-02-12 20:33:44 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-02-12 20:33:44 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-02-07 21:44:41 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-02-07 17:40:03 | 000,001,828 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Midtown Madness 2.lnk [2013-02-07 00:46:38 | 016,909,640 | ---- | M] (Electronic Arts, Inc.) -- C:\Documents and Settings\Domowy\Pulpit\OriginThinSetup (1).exe [2013-02-06 22:25:22 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ALLConverter PRO.lnk [2013-02-04 22:20:20 | 000,001,856 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Carl the Caveman.lnk [2013-02-04 19:28:54 | 000,000,663 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Mousie.lnk [2013-02-04 19:17:49 | 000,001,814 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Air Flashback.lnk [2013-02-04 18:47:35 | 000,001,818 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Combatant Area.lnk [2013-02-04 18:37:17 | 000,001,772 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Xing Chess.lnk [2013-02-04 18:27:34 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2013-02-03 22:22:07 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Sea Battle.lnk [2013-02-02 17:22:53 | 665,937,658 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\PES2013_DEMO2.exe [2013-02-02 06:33:19 | 000,001,964 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Pro Evolution Soccer 2013 DEMO2.lnk [2013-02-02 05:41:32 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\PES2013_DEMO2.zip [2013-02-02 00:09:41 | 000,000,691 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk [2013-02-01 23:50:50 | 000,012,540 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak [2013-01-30 14:40:28 | 000,000,852 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Oracle VM VirtualBox.lnk [2013-01-30 14:34:55 | 000,002,980 | ---- | M] () -- C:\WINDOWS\opentargetdir.vbs [2013-01-30 14:04:21 | 000,983,704 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\default.zip [2013-01-26 04:55:40 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll [2013-01-22 16:45:09 | 000,000,123 | ---- | M] () -- C:\WINDOWS\compedia.ini [2013-01-21 22:29:43 | 000,072,748 | ---- | M] (Jordan Russell) -- C:\WINDOWS\unins001.exe [2013-01-21 22:29:43 | 000,000,874 | ---- | M] () -- C:\WINDOWS\unins001.dat [2013-01-20 19:20:59 | 000,000,009 | ---- | M] () -- C:\WINDOWS\nfsc_patch.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-02-16 16:09:31 | 000,001,871 | ---- | C] () -- C:\Documents and Settings\Domowy\Moje dokumenty\Nowy1.html [2013-02-16 14:41:46 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\KsafeDelay.job [2013-02-16 13:58:55 | 000,016,778 | ---- | C] () -- C:\Documents and Settings\Domowy\Moje dokumenty\cc_20130216_135848.reg [2013-02-16 13:02:07 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\housecall.guid.cache [2013-02-16 12:06:00 | 021,469,265 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\nba_2k13.zip [2013-02-15 23:22:53 | 009,681,197 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\r [2013-02-15 23:20:23 | 000,000,739 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\blueconnect.lnk [2013-02-15 23:19:33 | 002,948,317 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Niepotwierdzony 897534.crdownload [2013-02-15 23:19:30 | 008,053,132 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\hockey_fight_pro.apk [2013-02-15 22:28:50 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\Domowy\Moje dokumenty\fd.js [2013-02-15 17:29:48 | 274,726,912 | ---- | C] () -- C:\Documents and Settings\Domowy\Moje dokumenty\bitdef32+.iso [2013-02-15 17:22:50 | 000,589,824 | ---- | C] () -- C:\Documents and Settings\Domowy\Moje dokumenty\gr.iso [2013-02-15 15:14:23 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\nLite.lnk [2013-02-14 00:57:12 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2013-02-13 22:25:08 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk [2013-02-13 22:24:59 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013-02-13 20:59:35 | 001,513,490 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\1360785234.bdinstall.bin [2013-02-13 20:57:42 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_avchv_01009.Wdf [2013-02-13 12:54:04 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini [2013-02-13 12:49:56 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Big Kahuna Reef 2 - Chain Reaction.lnk [2013-02-13 12:48:41 | 000,000,868 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Rebel Bomberman.lnk [2013-02-13 12:48:03 | 000,000,787 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Super Collapse 3.lnk [2013-02-12 23:41:37 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Total Validator.lnk [2013-02-12 21:06:24 | 003,767,142 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Shaggy - Boombastic.mp3 [2013-02-11 14:50:15 | 000,243,920 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-02-07 17:40:03 | 000,001,828 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Midtown Madness 2.lnk [2013-02-06 22:25:22 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ALLConverter PRO.lnk [2013-02-04 22:20:20 | 000,001,856 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Carl the Caveman.lnk [2013-02-04 19:28:54 | 000,000,663 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Mousie.lnk [2013-02-04 19:17:49 | 000,001,814 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Air Flashback.lnk [2013-02-04 18:47:35 | 000,001,818 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Combatant Area.lnk [2013-02-04 18:37:17 | 000,001,772 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Xing Chess.lnk [2013-02-04 18:27:34 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2013-02-03 22:22:07 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Sea Battle.lnk [2013-02-02 20:45:03 | 000,001,964 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Pro Evolution Soccer 2013 DEMO2.lnk [2013-02-02 20:32:33 | 665,937,658 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\PES2013_DEMO2.exe [2013-02-02 13:59:26 | 1072,222,208 | -HS- | C] () -- C:\hiberfil.sys [2013-02-02 02:43:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\PES2013_DEMO2.zip [2013-02-02 00:09:41 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk [2013-01-30 14:40:28 | 000,000,852 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Oracle VM VirtualBox.lnk [2013-01-30 14:32:20 | 000,002,980 | ---- | C] () -- C:\WINDOWS\opentargetdir.vbs [2013-01-30 14:04:21 | 000,983,704 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\default.zip [2013-01-22 16:45:09 | 000,000,123 | ---- | C] () -- C:\WINDOWS\compedia.ini [2013-01-21 22:28:22 | 000,000,874 | ---- | C] () -- C:\WINDOWS\unins001.dat [2013-01-20 19:20:59 | 000,000,009 | ---- | C] () -- C:\WINDOWS\nfsc_patch.ini [2013-01-20 18:21:03 | 005,640,192 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\FIFA08 Demo.exe [2013-01-09 16:06:17 | 000,000,283 | ---- | C] () -- C:\WINDOWS\VOGEL.INI [2013-01-09 15:58:10 | 000,001,573 | ---- | C] () -- C:\WINDOWS\unins000.dat [2013-01-07 16:27:25 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2013-01-05 12:51:58 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Domowy\AeroShake.ini [2012-12-31 18:20:20 | 000,555,462 | ---- | C] () -- C:\WINDOWS\System32\prfh0415.dat [2012-12-31 18:20:20 | 000,104,494 | ---- | C] () -- C:\WINDOWS\System32\prfc0415.dat [2012-12-30 18:03:41 | 000,000,091 | ---- | C] () -- C:\WINDOWS\System32\OEMinfo_orig.ini [2012-12-30 18:03:33 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.ini [2012-12-30 17:54:18 | 000,001,379 | ---- | C] () -- C:\Documents and Settings\Domowy\.recently-used.xbel [2012-12-26 13:53:17 | 065,365,340 | ---- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\.minecraft.7z [2012-12-21 13:01:20 | 000,026,455 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\1356091261.bdinstall.bin [2012-12-20 18:13:50 | 000,023,976 | ---- | C] () -- C:\WINDOWS\System32\Notepad.ini [2012-12-15 13:02:58 | 000,041,180 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\1355572913.bdinstall.bin [2012-12-14 18:30:07 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2012-12-03 18:44:12 | 000,075,776 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe [2012-12-03 18:44:12 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe [2012-12-03 18:44:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe [2012-12-03 17:47:27 | 000,000,091 | ---- | C] () -- C:\WINDOWS\tdw.ini [2012-11-25 23:29:54 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe [2012-11-19 12:54:18 | 000,015,432 | ---- | C] () -- C:\WINDOWS\Launcher.exe [2012-11-13 23:01:44 | 000,001,963 | ---- | C] () -- C:\Documents and Settings\Domowy\fp.dsk [2012-11-13 23:00:59 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Domowy\fp___.out [2012-11-13 23:00:57 | 000,001,381 | ---- | C] () -- C:\Documents and Settings\Domowy\fp.ini [2012-11-13 23:00:57 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\Domowy\fp.cfg [2012-11-12 16:46:50 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-11-06 20:33:31 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2012-11-06 20:33:30 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2012-11-06 18:48:29 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2012-11-06 18:48:29 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2012-11-06 18:48:20 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\$_hpcst$.hpc [2012-11-06 15:17:31 | 000,339,968 | ---- | C] () -- C:\WINDOWS\vsnpstd.exe [2012-11-06 15:17:31 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini [2012-11-06 15:17:29 | 000,390,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys [2012-11-06 15:17:26 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll [2012-11-06 15:17:26 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll [2012-11-06 15:17:26 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll [2012-11-06 15:17:26 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd.exe [2012-11-06 15:10:47 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2012-11-06 15:08:12 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2012-11-06 01:38:34 | 000,000,938 | ---- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\wklnhst.dat [2012-11-06 01:36:12 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-11-06 01:17:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2012-11-06 01:04:55 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2012-11-06 01:04:49 | 000,972,072 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2012-11-06 01:04:48 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2012-11-06 01:04:47 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat [2012-11-06 01:04:47 | 000,156,671 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2012-11-06 00:54:56 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-11-06 00:51:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-11-06 00:47:47 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2012-11-06 01:06:39 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012-08-30 21:33:28 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 18:20:57 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >