OTL logfile created on: 2013-06-08 16:53:57 - Run 5 OTL by OldTimer - Version 3.2.69.0 Folder = D:\ Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1015,17 Mb Total Physical Memory | 208,13 Mb Available Physical Memory | 20,50% Memory free 2,90 Gb Paging File | 2,13 Gb Available in Paging File | 73,40% Paging File free Paging file location(s): D:\pagefile.sys 2048 4095 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 22,08 Gb Total Space | 4,67 Gb Free Space | 21,13% Space Free | Partition Type: NTFS Drive D: | 63,47 Gb Total Space | 43,02 Gb Free Space | 67,77% Space Free | Partition Type: NTFS Drive E: | 63,48 Gb Total Space | 10,99 Gb Free Space | 17,30% Space Free | Partition Type: NTFS Computer Name: RYSZARD | User Name: Ryszard Pietruszka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-05-24 16:31:54 | 000,920,472 | ---- | M] (Mozilla Corporation) -- E:\download\firefox\firefox.exe PRC - [2013-04-21 17:52:40 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2013-04-01 16:00:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.exe PRC - [2012-12-24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccsvchst.exe PRC - [2012-06-03 11:44:46 | 000,071,096 | ---- | M] () -- E:\download\CDBurner\CDBurnerXP\NMSAccessU.exe PRC - [2012-04-13 10:17:10 | 001,529,152 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2012-04-13 10:17:08 | 001,220,928 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2010-04-15 19:01:58 | 001,732,960 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe PRC - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009-04-27 13:37:18 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\lxddamon.exe PRC - [2009-04-27 13:37:16 | 000,291,496 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\lxddmon.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-05-25 09:41:38 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxddcoms.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-05-24 16:31:53 | 003,128,728 | ---- | M] () -- E:\download\firefox\mozjs.dll MOD - [2013-05-21 19:49:53 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9b7981233fae522d6d15b26024cc28f6\System.Windows.Forms.ni.dll MOD - [2013-05-21 19:40:31 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2012-06-03 11:44:46 | 000,071,096 | ---- | M] () -- E:\download\CDBurner\CDBurnerXP\NMSAccessU.exe MOD - [2012-05-30 16:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton Internet Security\Engine\20.3.1.22\wincfi39.dll MOD - [2012-05-13 16:56:59 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll MOD - [2012-05-13 12:35:21 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll MOD - [2012-05-13 12:34:44 | 001,591,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\8ca00132a08c69697adf1cda32ebd835\System.Drawing.ni.dll MOD - [2012-05-13 10:28:26 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MOD - [2012-05-13 10:27:50 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MOD - [2010-07-04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll MOD - [2010-05-30 14:58:16 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2009-04-27 13:37:18 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\lxddamon.exe MOD - [2009-04-27 13:37:16 | 000,291,496 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\lxddmon.exe MOD - [2008-06-19 21:53:03 | 000,060,416 | ---- | M] () -- C:\WINDOWS\system32\antiwpa.dll MOD - [2008-05-16 12:35:22 | 000,040,960 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\App4R.Monitor.Core.dll MOD - [2008-05-16 12:35:22 | 000,028,672 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\App4R.Monitor.Common.dll MOD - [2008-05-16 12:34:18 | 000,057,344 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.dll MOD - [2008-04-14 22:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2007-04-30 08:20:26 | 000,011,776 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll MOD - [2007-04-30 08:19:52 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\App4R.DevMons.ScanDevMon.dll MOD - [2007-04-30 08:19:48 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\App4R.DevMons.NetworkCardDevMon.dll MOD - [2007-03-06 08:16:48 | 000,589,824 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\lxdddatr.dll MOD - [2007-02-27 05:16:26 | 000,103,936 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdddrpp.dll MOD - [2007-01-09 17:10:06 | 000,278,528 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\lxddscw.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2013-05-22 14:45:34 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\updater.exe -- (SkypeUpdate) SRV - [2013-05-15 15:02:44 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-04-21 17:52:40 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013-03-15 18:29:10 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-12-24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe -- (NIS) SRV - [2012-07-17 15:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Program Files\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant) SRV - [2012-06-03 11:44:46 | 000,071,096 | ---- | M] () [Auto | Running] -- E:\download\CDBurner\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2012-04-13 10:17:10 | 001,529,152 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2012-04-13 10:17:04 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2012-04-07 16:20:16 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-08-05 13:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc) SRV - [2011-08-05 13:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm) SRV - [2011-08-05 13:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc) SRV - [2011-08-05 13:29:56 | 000,057,056 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\ZuneBusEnum.exe -- (ZuneBusEnum) SRV - [2011-02-02 14:08:16 | 000,018,656 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service) SRV - [2010-05-17 18:21:00 | 003,592,432 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc) SRV - [2010-04-15 19:01:58 | 001,732,960 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper) SRV - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2007-05-25 09:41:54 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxddserv.exe -- (lxddCATSCustConnectService) SRV - [2007-05-25 09:41:38 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxddcoms.exe -- (lxdd_device) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva400.sys -- (XDva400) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ivkunbke.sys -- (ivkunbke) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013-06-06 01:39:39 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20130607.024\NAVEX15.SYS -- (NAVEX15) DRV - [2013-06-06 01:39:39 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20130607.024\NAVENG.SYS -- (NAVENG) DRV - [2013-05-31 18:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20130531.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2013-05-09 12:41:16 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2013-04-20 18:43:22 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2013-04-20 02:08:13 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2013-04-19 15:31:50 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130607.001\IDSXpx86.sys -- (IDSxpx86) DRV - [2013-01-31 05:18:18 | 000,394,656 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1403010.016\symtdi.sys -- (SYMTDI) DRV - [2013-01-31 05:18:06 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1403010.016\symefa.sys -- (SymEFA) DRV - [2013-01-29 03:45:18 | 000,602,712 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1403010.016\srtsp.sys -- (SRTSP) DRV - [2013-01-29 03:45:18 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1403010.016\srtspx.sys -- (SRTSPX) DRV - [2013-01-22 04:15:32 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1403010.016\symds.sys -- (SymDS) DRV - [2012-11-16 04:22:01 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1403010.016\ironx86.sys -- (SymIRON) DRV - [2012-11-16 04:18:04 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1403010.016\ccsetx86.sys -- (ccSet_NIS) DRV - [2012-06-03 11:44:46 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2012-03-06 18:48:54 | 007,101,032 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2012-01-07 12:41:32 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50) DRV - [2011-11-08 12:47:38 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2010-03-10 11:29:24 | 000,042,144 | ---- | M] (Diskeeper Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKRtWrt.sys -- (DKRtWrt) DRV - [2009-12-18 11:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv) DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-04-06 09:13:52 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc) DRV - [2009-04-06 09:13:52 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt) DRV - [2009-03-25 15:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-04-13 23:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) DRV - [2006-11-02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB) DRV - [2006-09-18 14:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm) DRV - [2006-09-18 14:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl) DRV - [2006-09-18 14:58:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) DRV - [2005-09-21 17:26:36 | 000,006,656 | R--- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter) DRV - [2005-09-21 17:25:40 | 000,012,800 | R--- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt) DRV - [2004-08-13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2002-04-26 13:04:16 | 000,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\KMM4XNT.SYS -- (Kmm4xNT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ IE - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\..\SearchScopes,DefaultScope = {F318F340-AD14-4F15-9475-A7DD0EA51C11} IE - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\..\SearchScopes\{F318F340-AD14-4F15-9475-A7DD0EA51C11}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_pl IE - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: E:\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: E:\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@rsj.de/prodown: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFFPlgn\ [2013-04-20 18:45:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\ [2013-06-08 16:51:14 | 000,000,000 | ---D | M] [2012-03-30 17:50:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Mozilla\Extensions [2013-05-29 23:15:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Mozilla\Firefox\Profiles\57iyyolf.default\extensions [2013-05-29 23:15:14 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Mozilla\Firefox\Profiles\57iyyolf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-05-08 19:39:20 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Mozilla\Firefox\Profiles\57iyyolf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2010-05-31 13:36:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Delta Search (Enabled) CHR - default_search_provider: search_url = http://www2.delta-search.com/?q={searchTerms}&affID=119816&tt=gc_050513_d9114_gc_&babsrc=SP_ss&mntrId=C83600B0C4009ED8 CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = E:\Real Alternative\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = E:\Real Alternative\browser\plugins\nprpjplug.dll CHR - Extension: Norton Identity Protection = C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\ O1 HOSTS File: ([2012-01-14 15:04:09 | 000,000,819 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.3.1.22\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.3.1.22\coieplg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. O3 - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.3.1.22\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [lxddamon] C:\Program Files\Lexmark 2500 Series\lxddamon.exe () O4 - HKLM..\Run: [lxddmon.exe] C:\Program Files\Lexmark 2500 Series\lxddmon.exe () O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe () O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe () O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108831 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108831 O7 - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O7 - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 1 O7 - HKU\S-1-5-21-1935655697-1659004503-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 File not found O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe File not found O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1275220259906 (WUWebControl Class) O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} http://fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab (EAFO3AXLauncher Control) O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.3.16.0.cab (SysInfo Class) O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} http://update.nprotect.net/keycrypt/cabal/npkcx_inca.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.62 62.179.1.63 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{997BEC68-E554-4A90-8C2A-CF544DBDE76C}: DhcpNameServer = 62.179.1.62 62.179.1.63 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\Antiwpa: DllName - (antiwpa.dll) - C:\WINDOWS\System32\antiwpa.dll () O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-05-30 12:25:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-06-07 20:30:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryszard Pietruszka\Menu Start\Programy\Postal 2 PL [2013-05-26 17:49:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Lexmark 2500 Series [2013-05-26 17:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 2500 Series [2013-05-26 17:49:13 | 000,983,107 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lxddgf.dll [2013-05-26 17:49:13 | 000,507,904 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxddutil.dll [2013-05-26 17:49:13 | 000,200,704 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxddinsb.dll [2013-05-26 17:49:13 | 000,176,128 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxddins.dll [2013-05-26 17:49:13 | 000,143,360 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxddjswr.dll [2013-05-26 17:49:13 | 000,110,592 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxddinsr.dll [2013-05-26 17:49:13 | 000,086,016 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxddcub.dll [2013-05-26 17:49:13 | 000,077,824 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxddcu.dll [2013-05-26 17:49:13 | 000,036,864 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxddcur.dll [2013-05-26 17:49:12 | 000,077,906 | ---- | C] (Lexmark International) -- C:\WINDOWS\System32\lxddcfg.dll [2013-05-26 00:45:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryszard Pietruszka\Menu Start\Programy\Metin2 [2013-05-25 19:19:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Program Files [2013-05-25 14:33:27 | 000,000,000 | ---D | C] -- C:\lexmark [2013-05-22 15:41:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013-05-22 15:32:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\iMetin [2013-05-22 15:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryszard Pietruszka\Menu Start\Programy\iMetin [2013-05-21 19:41:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2013-05-21 18:59:10 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2013-05-21 18:59:10 | 000,018,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2013-05-17 20:47:55 | 000,000,000 | ---D | C] -- C:\logs [2013-05-15 15:01:40 | 017,613,192 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2013-02-01 20:53:51 | 000,005,120 | ---- | C] (myN) -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\patcher02.patUpdater.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-06-08 17:01:16 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-06-08 16:53:51 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync [2013-06-08 16:53:01 | 000,001,184 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-1659004503-1177238915-1003UA.job [2013-06-08 16:50:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-06-08 11:47:14 | 000,001,060 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-06-07 20:30:41 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\Postal 2 PL.lnk [2013-06-07 20:04:30 | 000,198,656 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-06-07 19:53:05 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-1659004503-1177238915-1003Core.job [2013-06-07 14:59:39 | 019,060,255 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\Plan konstrukcji wiaty3.rar [2013-06-07 14:59:20 | 043,860,495 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\Plan konstrukcji wiaty2.rar [2013-06-07 14:59:01 | 041,111,160 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\Plan konstrukcji wiaty1.rar [2013-06-05 20:26:41 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\Microsoft Office Word 2007.lnk [2013-06-05 04:07:34 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-06-04 08:34:29 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\isolate.ini [2013-06-01 07:42:29 | 000,556,760 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-06-01 07:42:29 | 000,494,462 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-06-01 07:42:29 | 000,105,574 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-06-01 07:42:29 | 000,084,814 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013-05-30 22:31:46 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\Counter-Strike.url [2013-05-30 11:44:52 | 002,125,810 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\oświetlenie.pdf [2013-05-30 11:44:52 | 000,356,868 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K2_1 Poz.2 Dźwigar.pdf [2013-05-30 11:44:52 | 000,293,292 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K3_1 Poz.3 Słup , poz.9. Słup.pdf [2013-05-30 11:44:52 | 000,243,434 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K4_1 Poz.4 Rygiel łączący.pdf [2013-05-30 11:44:52 | 000,242,720 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K8_1 Poz.8 Podciąg.pdf [2013-05-30 11:44:52 | 000,242,110 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K7_1 Poz.7 Podciąg.pdf [2013-05-30 11:44:52 | 000,226,350 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K11_1 Poz.12.1 Belka oczepowa pod słupy.pdf [2013-05-30 11:44:52 | 000,223,414 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K12_1 Stoły handlowe.pdf [2013-05-30 11:44:52 | 000,218,775 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K9_1 Poz.10a Stężenia dachowe.pdf [2013-05-30 11:44:52 | 000,201,072 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K5_1 Poz.5 Belka.pdf [2013-05-30 11:44:52 | 000,193,195 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K6_1 Poz.6 Belka.pdf [2013-05-30 11:44:52 | 000,112,352 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\opis techniczny.pdf [2013-05-30 11:44:51 | 001,184,786 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\4_1 RZUT DACHU.PDF [2013-05-30 11:44:51 | 000,551,047 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\3_1 RZUT KONSTRUKCJI DACHU.PDF [2013-05-30 11:44:51 | 000,405,275 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\5_1 PRZEKROJE.PDF [2013-05-30 11:44:51 | 000,373,867 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\6_1 ELEWACJE.PDF [2013-05-30 11:44:51 | 000,343,830 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\2_1 RZUT PARTERU.PDF [2013-05-30 11:44:51 | 000,304,042 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\1_1 RZUT FUNDAMENTÓW.PDF [2013-05-30 11:44:51 | 000,212,083 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K1_1 Poz.1.1 Płatew.pdf [2013-05-30 11:44:51 | 000,202,692 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K10_1 Poz.10b Stężenia ścienne.pdf [2013-05-30 11:44:51 | 000,100,103 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\8_1 ELEWACJE - BUDYNKI C, D, E i F.PDF [2013-05-30 11:44:51 | 000,095,532 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\7_1 ELEWACJE - BUDYNKI A i B.PDF [2013-05-30 11:44:51 | 000,094,537 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\9_1 ELEWACJE - BUDYNKI G i H.PDF [2013-05-30 11:44:51 | 000,094,472 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\10_1 ELEWACJE - BUDYNKI I i J.PDF [2013-05-26 17:50:42 | 000,065,104 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf [2013-05-25 14:54:56 | 000,243,375 | ---- | M] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\rekomendacja.jpg [2013-05-24 04:09:47 | 000,008,059 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symds.cat [2013-05-23 07:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symefa.sys [2013-05-23 07:25:28 | 000,007,583 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symefa.cat [2013-05-23 07:25:28 | 000,003,434 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symefa.inf [2013-05-22 16:27:41 | 000,000,212 | -HS- | M] () -- C:\boot.ini [2013-05-21 07:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symds.sys [2013-05-21 07:02:00 | 000,002,852 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symds.inf [2013-05-21 06:40:20 | 000,008,059 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.cat [2013-05-16 07:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.sys [2013-05-16 07:02:14 | 000,001,388 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.inf [2013-05-15 15:02:32 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-05-15 15:02:32 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-05-15 15:01:52 | 017,613,192 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-06-08 16:53:51 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync [2013-06-07 20:30:41 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\Postal 2 PL.lnk [2013-06-07 16:26:33 | 001,738,515 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\IMG_0267.jpg [2013-06-07 14:59:39 | 019,060,255 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\Plan konstrukcji wiaty3.rar [2013-06-07 14:59:12 | 043,860,495 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\Plan konstrukcji wiaty2.rar [2013-06-07 14:58:58 | 041,111,160 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\Plan konstrukcji wiaty1.rar [2013-05-30 22:31:46 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\Counter-Strike.url [2013-05-30 11:44:52 | 002,125,810 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\oświetlenie.pdf [2013-05-30 11:44:52 | 000,356,868 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K2_1 Poz.2 Dźwigar.pdf [2013-05-30 11:44:52 | 000,293,292 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K3_1 Poz.3 Słup , poz.9. Słup.pdf [2013-05-30 11:44:52 | 000,243,434 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K4_1 Poz.4 Rygiel łączący.pdf [2013-05-30 11:44:52 | 000,242,720 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K8_1 Poz.8 Podciąg.pdf [2013-05-30 11:44:52 | 000,242,110 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K7_1 Poz.7 Podciąg.pdf [2013-05-30 11:44:52 | 000,223,414 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K12_1 Stoły handlowe.pdf [2013-05-30 11:44:52 | 000,218,775 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K9_1 Poz.10a Stężenia dachowe.pdf [2013-05-30 11:44:52 | 000,201,072 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K5_1 Poz.5 Belka.pdf [2013-05-30 11:44:52 | 000,193,195 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K6_1 Poz.6 Belka.pdf [2013-05-30 11:44:52 | 000,112,352 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\opis techniczny.pdf [2013-05-30 11:44:51 | 001,184,786 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\4_1 RZUT DACHU.PDF [2013-05-30 11:44:51 | 000,551,047 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\3_1 RZUT KONSTRUKCJI DACHU.PDF [2013-05-30 11:44:51 | 000,405,275 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\5_1 PRZEKROJE.PDF [2013-05-30 11:44:51 | 000,373,867 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\6_1 ELEWACJE.PDF [2013-05-30 11:44:51 | 000,343,830 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\2_1 RZUT PARTERU.PDF [2013-05-30 11:44:51 | 000,304,042 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\1_1 RZUT FUNDAMENTÓW.PDF [2013-05-30 11:44:51 | 000,226,350 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K11_1 Poz.12.1 Belka oczepowa pod słupy.pdf [2013-05-30 11:44:51 | 000,212,083 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K1_1 Poz.1.1 Płatew.pdf [2013-05-30 11:44:51 | 000,202,692 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\K10_1 Poz.10b Stężenia ścienne.pdf [2013-05-30 11:44:51 | 000,100,103 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\8_1 ELEWACJE - BUDYNKI C, D, E i F.PDF [2013-05-30 11:44:51 | 000,095,532 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\7_1 ELEWACJE - BUDYNKI A i B.PDF [2013-05-30 11:44:51 | 000,094,537 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\9_1 ELEWACJE - BUDYNKI G i H.PDF [2013-05-30 11:44:51 | 000,094,472 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\10_1 ELEWACJE - BUDYNKI I i J.PDF [2013-05-26 17:50:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxddvs.dll [2013-05-26 17:50:15 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxddcoin.dll [2013-05-26 17:49:57 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdddrs.dll [2013-05-26 17:49:57 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxddcnv4.dll [2013-05-26 17:49:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxddcaps.dll [2013-05-26 17:49:14 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\LXDDinst.dll [2013-05-26 17:49:14 | 000,065,104 | ---- | C] () -- C:\WINDOWS\System32\LexFiles.ulf [2013-05-26 17:49:13 | 001,232,896 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddserv.dll [2013-05-26 17:49:13 | 000,999,424 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddusb1.dll [2013-05-26 17:49:13 | 000,700,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddhbn3.dll [2013-05-26 17:49:13 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddcomc.dll [2013-05-26 17:49:13 | 000,665,982 | ---- | C] () -- C:\WINDOWS\System32\lxddhelp.chm [2013-05-26 17:49:13 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddpmui.dll [2013-05-26 17:49:13 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddlmpm.dll [2013-05-26 17:49:13 | 000,537,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddcoms.exe [2013-05-26 17:49:13 | 000,425,984 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddcomm.dll [2013-05-26 17:49:13 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddinpa.dll [2013-05-26 17:49:13 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddiesc.dll [2013-05-26 17:49:13 | 000,394,160 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddcfg.exe [2013-05-26 17:49:13 | 000,385,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddih.exe [2013-05-26 17:49:13 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDDhcp.dll [2013-05-26 17:49:13 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxddgrd.dll [2013-05-26 17:49:13 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddprox.dll [2013-05-26 17:49:13 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxddpplc.dll [2013-05-26 17:49:12 | 000,001,932 | ---- | C] () -- C:\WINDOWS\System32\lxdd.loc [2013-05-25 14:54:55 | 000,243,375 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Pulpit\rekomendacja.jpg [2013-05-17 23:13:34 | 000,001,211 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Menu Start\Programy\GG.lnk [2013-03-16 21:48:21 | 000,753,057 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat [2013-01-31 17:01:15 | 000,000,212 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\_bak.reg [2012-10-28 11:32:57 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2012-09-30 15:47:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Wideo-0003.mp4 [2012-09-30 15:37:30 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Wideo-0007.mp4 [2012-09-21 07:09:30 | 003,907,640 | ---- | C] () -- C:\WINDOWS\System32\gsdll32.dll [2012-09-21 07:09:30 | 003,194,880 | ---- | C] () -- C:\WINDOWS\System32\gsdll321.dll [2012-09-19 18:12:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\breeeeeeeeeeeeeeeeeeeeee.JPG [2012-07-20 01:51:44 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\hCR6e.jpg [2012-07-20 01:49:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\zik190.jpg.gif [2012-05-03 08:50:06 | 001,257,395 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1935655697-1659004503-1177238915-1003-0.dat [2012-04-11 07:57:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-04-07 16:20:49 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft.SqlServer.Compact.351.32.bc [2012-04-06 00:54:30 | 000,001,167 | ---- | C] () -- C:\WINDOWS\FOE2.ini [2012-03-13 17:30:06 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2012-01-14 15:03:49 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\antiwpa.dll [2012-01-12 18:09:40 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2012-01-06 01:05:34 | 000,001,917 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\localstore.rdf [2012-01-06 01:05:34 | 000,000,226 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\Setup.dat [2012-01-06 01:05:15 | 018,874,368 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\data1.cab [2011-12-16 10:51:57 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT [2011-12-02 01:33:28 | 000,402,146 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2011-08-10 14:49:52 | 000,000,180 | ---- | C] () -- C:\WINDOWS\psr.INI [2011-08-10 14:16:19 | 000,000,612 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini [2011-08-10 14:14:17 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySmp3con.dat [2011-08-10 14:14:02 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2011-08-06 13:22:02 | 000,000,271 | ---- | C] () -- C:\WINDOWS\game.ini [2011-08-03 11:51:39 | 000,003,881 | ---- | C] () -- C:\WINDOWS\System32\wbers.dat [2011-02-13 02:40:37 | 000,001,046 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\Setup.reg [2011-01-27 12:41:43 | 000,000,022 | -HS- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Sys6925.Config Collection.sys [2010-07-22 18:57:08 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\PnkBstrK.sys [2010-06-04 20:04:28 | 000,050,330 | ---- | C] () -- C:\Documents and Settings\All Users\lxdd [2010-05-30 18:01:53 | 000,198,656 | ---- | C] () -- C:\Documents and Settings\Ryszard Pietruszka\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2010-05-30 14:54:59 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 22:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 22:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2011-01-27 12:06:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2012-05-20 17:35:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2012-07-25 20:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited [2012-05-20 18:29:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2013-05-05 16:20:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-05-30 15:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Diskeeper Corporation [2012-04-07 13:57:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DriverGenius [2010-05-30 15:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2012-10-06 21:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [2011-01-05 18:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit [2013-03-01 22:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-10-19 18:28:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LxThumbs [2011-12-04 01:20:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon [2011-12-04 01:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonSG [2011-03-01 20:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nitro PDF [2012-02-18 01:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Omnius for SE [2011-01-23 00:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-06-29 09:38:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PCSettings [2012-11-15 23:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RDRM [2011-06-14 18:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe [2012-08-11 16:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SolidDocuments [2013-06-08 16:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2012-05-20 18:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2011-01-15 14:53:12 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2012-05-20 18:04:50 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012-01-07 03:42:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9} [2010-05-30 16:47:31 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2011-01-16 14:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\TuneUp Software [2012-02-14 22:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\.minecraft [2011-06-27 01:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\AnvSoft [2010-05-30 17:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Ashampoo [2012-04-07 16:12:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Autodesk [2013-02-26 16:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Balmora.pl [2011-03-01 19:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\CAD-KAS [2012-07-25 20:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Canneverbe Limited [2013-05-05 16:20:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\DAEMON Tools Lite [2011-03-01 20:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Downloaded Installations [2012-01-31 10:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\ElevatedDiagnostics [2011-03-01 20:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\eXPert PDF Editor [2013-01-31 18:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\FileZilla [2012-03-25 22:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\GameRanger [2013-06-08 12:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\GG [2011-11-13 01:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\gtk-2.0 [2011-02-15 18:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Hardcore [2013-03-01 22:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\ipla [2010-07-25 16:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Leadertech [2013-05-26 17:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Lexmark Productivity Studio [2012-04-10 03:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\LolClient [2012-01-27 13:17:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\NapiProjekt [2012-04-21 22:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Need for Speed World [2011-03-01 20:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Nitro PDF [2010-07-29 00:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\OpenFM [2011-07-11 02:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Opera [2011-07-27 00:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\SFBot [2013-06-03 04:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Simple Adblock [2012-12-26 02:51:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\SolidDocuments [2010-08-05 00:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\TeamViewer [2012-09-28 22:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Teleca [2011-08-28 12:57:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Tific [2012-06-01 22:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\TS3Client [2012-05-20 18:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\TuneUp Software [2010-05-30 12:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\URSoft [2013-06-07 19:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\uTorrent [2010-12-06 13:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\VoipBuster [2013-05-26 17:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryszard Pietruszka\Dane aplikacji\Wise Care 365 [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 206 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1CE11B51 < End of report >