wklejto.pl

Dodane przez: ~Anonim (2013-01-19 19:11) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
OTL logfile created on: 2013-01-19 19:00:57 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\krol\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,50 Gb Total Physical Memory | 3,02 Gb Available Physical Memory | 86,40% Memory free
5,34 Gb Paging File | 5,04 Gb Available in Paging File | 94,45% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 1,73 Gb Free Space | 7,10% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 76,06 Gb Free Space | 77,89% Space Free | Partition Type: NTFS
Drive E: | 176,01 Gb Total Space | 30,86 Gb Free Space | 17,53% Space Free | Partition Type: NTFS
 
Computer Name: KR-E24024C69E1B | User Name: krol | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-01-19 19:00:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\krol\Pulpit\OTL.exe
PRC - [2012-02-01 12:05:06 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-01-09 15:36:15 | 014,586,888 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2011-12-07 17:42:15 | 000,275,968 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2011-12-07 17:42:15 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2011-12-07 17:42:15 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2011-12-07 17:42:14 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2011-12-07 17:42:14 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2011-12-07 17:42:14 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2011-12-07 17:42:14 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2011-12-07 17:42:14 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2011-12-07 17:42:14 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2011-12-07 17:42:14 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2011-12-07 17:42:14 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2011-12-07 17:42:14 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2011-12-07 17:42:14 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2010-07-29 18:19:04 | 000,234,496 | ---- | M] () -- C:\Program Files\Total Video Converter\TVCShellExt.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013-01-09 15:36:15 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-10-26 16:17:52 | 000,087,368 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe -- (HTCMonitorService)
SRV - [2012-10-08 16:40:38 | 000,166,912 | ---- | M] () [Auto | Stopped] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012-07-25 11:48:59 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc)
SRV - [2012-06-30 20:26:09 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-05-15 11:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-01-19 07:18:50 | 003,337,216 | ---- | M] (Hide My IP) [On_Demand | Stopped] -- C:\Program Files\Hide My IP\HideMyIpSrv.exe -- (HideMyIpSRV)
SRV - [2011-06-26 07:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\ComboFix\pev.3XE -- (PEVSystemStart)
SRV - [2011-06-08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2007-05-04 18:50:04 | 000,135,233 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2007-05-04 18:49:48 | 000,065,605 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2007-01-03 12:19:38 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe -- (ForcewareWebInterface)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\krol\USTAWI~1\Temp\catchme.sys -- (catchme)
DRV - [2012-09-25 22:46:20 | 000,021,248 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2012-07-25 11:49:01 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2012-07-25 11:49:01 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2012-07-25 11:49:01 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2012-07-25 11:49:01 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011-12-08 20:16:33 | 000,428,088 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2011-12-08 20:03:56 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-11-21 22:19:51 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2011-08-10 11:56:46 | 000,067,968 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zte_cdc_acm.sys -- (zte_cdc_acm)
DRV - [2011-08-10 11:56:46 | 000,009,984 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zte_cpo.sys -- (zte_cpo)
DRV - [2011-05-18 10:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011-05-18 10:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011-05-18 10:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011-05-18 10:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-12-15 03:46:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009-12-15 03:46:18 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2009-06-10 15:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-06-14 09:41:58 | 004,429,312 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007-05-04 18:41:50 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007-05-04 18:41:48 | 000,046,720 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-06-18 23:51:32 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=80ef7af8-758c-11e1-b15c-001a4df4cb77
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=80ef7af8-758c-11e1-b15c-001a4df4cb77&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?affID=114733&tt=270912_ctrl2_3912_7&babsrc=HP_ss&mntrId=38bf5518000000000000001a4df4cb77
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=80ef7af8-758c-11e1-b15c-001a4df4cb77
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=114733&tt=270912_ctrl2_3912_7&babsrc=SP_ss&mntrId=38bf5518000000000000001a4df4cb77
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=80ef7af8-758c-11e1-b15c-001a4df4cb77&q={searchTerms}
IE - HKCU\..\SearchScopes\{70801BA9-A4D2-4D71-927B-A10A8A444E7D}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://startsear.ch/?aff=1&cf=80ef7af8-758c-11e1-b15c-001a4df4cb77"
FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&src=sp&cf=80ef7af8-758c-11e1-b15c-001a4df4cb77&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@ganymede/DARTS,version=1.0: C:\Program Files\Ganymede\Plugins\DARTS\NPDARTS.dll (Ganymede Technologies)
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@ganymede/MAKAOV2,version=1.0: C:\Program Files\Ganymede\Plugins\MAKAOV2\NPMAKAOV2.dll (Ganymede Technologies)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_Z\Bin\addon [2010-04-01 13:29:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-30 20:26:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-08-23 12:38:34 | 000,000,000 | ---D | M]
 
[2012-02-27 17:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\krol\Dane aplikacji\Mozilla\Extensions
[2012-12-31 21:46:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\krol\Dane aplikacji\Mozilla\Firefox\Profiles\jwpzd6mv.default\extensions
[2012-09-10 14:56:12 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Documents and Settings\krol\Dane aplikacji\Mozilla\Firefox\Profiles\jwpzd6mv.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2012-12-31 21:46:33 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\krol\Dane aplikacji\Mozilla\Firefox\Profiles\jwpzd6mv.default\extensions\ffxtlbr@babylon.com
[2012-09-30 13:33:51 | 000,002,225 | ---- | M] () -- C:\Documents and Settings\krol\Dane aplikacji\Mozilla\Firefox\Profiles\jwpzd6mv.default\searchplugins\BabylonMngr.xml
[2012-03-24 09:37:13 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\krol\Dane aplikacji\Mozilla\Firefox\Profiles\jwpzd6mv.default\searchplugins\startsear.xml
[2012-03-24 09:37:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-03-24 09:37:20 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{af345866-9bf5-3c77-693b-bf4ce540177e}
[2012-06-30 20:26:09 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
[2011-07-15 12:24:58 | 000,686,240 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPMAKAOV2.dll
[2012-01-02 10:48:42 | 000,083,456 | ---- | M] (StartSearch ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2012-02-16 12:12:03 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-09-30 13:33:30 | 000,002,362 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-02-16 12:12:03 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-02-16 12:12:03 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-02-16 12:12:03 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-16 12:12:03 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-16 12:12:03 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://search.babylon.com/?affID=114733&tt=270912_ctrl2_3912_7&babsrc=HP_ss&mntrId=38bf5518000000000000001a4df4cb77
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&affID=114733&tt=270912_ctrl2_3912_7&babsrc=SP_ss&mntrId=38bf5518000000000000001a4df4cb77
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.babylon.com/?affID=114733&tt=270912_ctrl2_3912_7&babsrc=HP_ss&mntrId=38bf5518000000000000001a4df4cb77
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\24.0.1312.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: StartSearch Video plug-in (Enabled) = C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\chvsharetvplg.dll
CHR - plugin: StartSearch Video plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Ganymede Darts Plugin (Enabled) = C:\Program Files\Ganymede\Plugins\DARTS\NPDARTS.dll
CHR - plugin: GanymedeNet.Detector (Enabled) = C:\Program Files\Ganymede\Plugins\npganymedenet.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - Extension: Angry Birds = C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: StartSearch Video plug-in = C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Babylon Toolbar = C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.9_0\
CHR - Extension: uTorrentControl_v2 = C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.3.18.20_0\
 
O1 HOSTS File: ([2001-10-26 14:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (extrafind) - {c83f3b1f-dba3-f363-c5ea-0757d4c51454} - C:\WINDOWS\system32\cf9899eb.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [Browsers Protector] C:\Program Files\Browsers Protector\regmon32.exe ()
O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"  /MINIMIZED File not found
O4 - HKCU..\Run: [ChomikBox] C:\Program Files\ChomikBox\chomikbox.exe ( )
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [Steam] E:\Cs\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\mcserver.lnk = C:\Program Files\T-Mobile\InternetManager_Z\Bin\mcserver.exe (ZTE)
O4 - Startup: C:\Documents and Settings\krol\Menu Start\Programy\Autostart\GameRanger.lnk = C:\Documents and Settings\krol\Dane aplikacji\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies)
O4 - Startup: C:\Documents and Settings\krol\Menu Start\Programy\Autostart\qaa64.exe (KMNBM)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\HMIPCore.dll (Hide My IP)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\HMIPCore.dll (Hide My IP)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\HMIPCore.dll (Hide My IP)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8571035-7945-404A-B334-DCE53B4E1426}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\daneap~1\browse~1\22643~1.41\{16cdf~1\browse~1.dll) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-11-21 22:06:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-09-18 19:03:41 | 000,000,000 | ---D | M] - D:\Automap -- [ NTFS ]
O32 - AutoRun File - [2012-12-30 18:15:02 | 001,639,137 | ---- | M] () - D:\Automap.rar -- [ NTFS ]
O33 - MountPoints2\{6363e2c0-db37-11e1-8783-001a4df4cb77}\Shell - "" = AutoRun
O33 - MountPoints2\{6363e2c0-db37-11e1-8783-001a4df4cb77}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{f7204540-d645-11e1-b8e3-001a4df4cb77}\Shell - "" = AutoRun
O33 - MountPoints2\{f7204540-d645-11e1-b8e3-001a4df4cb77}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{f7204543-d645-11e1-b8e3-001a4df4cb77}\Shell - "" = AutoRun
O33 - MountPoints2\{f7204543-d645-11e1-b8e3-001a4df4cb77}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-01-19 19:00:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\krol\Pulpit\OTL.exe
[2013-01-19 18:54:03 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013-01-19 18:50:00 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013-01-19 18:49:40 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013-01-19 18:44:59 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013-01-19 18:44:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013-01-19 18:44:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013-01-19 18:44:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013-01-19 18:44:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-01-19 18:44:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\krol\Menu Start\Programy\Narzędzia administracyjne
[2013-01-19 18:44:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013-01-19 18:40:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013-01-19 18:30:44 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013-01-19 18:12:53 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\krol\wgsdgsdgdsgsd.exe
[2013-01-13 00:12:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krol\Dane aplikacji\BabSolution
[2012-12-30 13:42:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2012-12-30 00:32:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate
[2012-12-30 00:32:56 | 003,200,512 | ---- | C] (KMNBM) -- C:\Documents and Settings\krol\Menu Start\Programy\Autostart\qaa64.exe
[2012-12-30 00:32:56 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate
[2012-12-28 23:40:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krol\Dane aplikacji\Tibia
[2012-12-28 23:40:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibia
[2012-12-28 23:37:37 | 033,466,957 | ---- | C] (CipSoft GmbH                                                ) -- C:\Documents and Settings\krol\Pulpit\tibia981.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-01-19 19:00:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\krol\Pulpit\OTL.exe
[2013-01-19 18:59:45 | 000,493,632 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2013-01-19 18:59:45 | 000,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-01-19 18:59:45 | 000,084,916 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2013-01-19 18:59:45 | 000,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-01-19 18:59:13 | 000,708,712 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\OTL(19450).exe
[2013-01-19 18:55:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-01-19 18:50:04 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2013-01-19 18:41:31 | 000,000,223 | ---- | M] () -- C:\Boot.bak
[2013-01-19 18:23:06 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad
[2013-01-19 18:22:54 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013-01-19 18:21:01 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013-01-19 18:19:50 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2013-01-19 18:19:47 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-01-19 18:18:11 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2013-01-19 18:18:05 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1275210071-839522115-1003UA.job
[2013-01-19 18:18:04 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1275210071-839522115-1003Core.job
[2013-01-19 18:12:59 | 000,002,929 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.js
[2013-01-19 18:12:59 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\krol\Menu Start\Programy\Autostart\runctf.lnk
[2013-01-19 18:12:53 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\krol\wgsdgsdgdsgsd.exe
[2013-01-19 17:36:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-01-19 17:29:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-01-19 16:49:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-01-16 20:48:12 | 000,197,427 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\wplata_gotowkowa_20130116.pdf
[2013-01-14 22:53:01 | 000,241,152 | ---- | M] () -- C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-14 19:13:44 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2013-01-14 14:24:24 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\Google Chrome.lnk
[2013-01-09 15:36:15 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013-01-09 15:36:15 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013-01-09 15:36:13 | 016,369,160 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013-01-08 13:58:05 | 001,074,716 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013-01-08 13:58:05 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013-01-06 00:35:30 | 135,357,719 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\VIDEO0018.mp4
[2013-01-06 00:29:32 | 090,888,636 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\VIDEO0016.mp4
[2013-01-04 09:45:33 | 477,294,190 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\Top Gear Vietnam Special Lektor PL (TVRip).rmvb
[2013-01-04 09:25:44 | 019,102,689 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\Top Gear Vietnam Special Lektor PL (TVRip. XviD).avi
[2013-01-03 15:24:04 | 000,053,641 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\faktura_25_2012_31-12-2012.pdf
[2013-01-03 15:24:01 | 000,052,626 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\faktura_26_2012_31-12-2012.pdf
[2013-01-01 12:26:44 | 000,560,099 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\Tibia MC 8.6.7z
[2013-01-01 02:00:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KR-E24024C69E1B-krol.job
[2012-12-31 17:34:37 | 001,359,455 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\krk_alkochinczyk.jpeg
[2012-12-31 16:26:15 | 000,000,358 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\Skrót do Classic.lnk
[2012-12-31 16:22:38 | 000,870,603 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\IMAG0088.jpg
[2012-12-30 13:41:13 | 002,106,673 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\Talaturen's IP Changer.rar
[2012-12-30 13:40:36 | 003,798,596 | ---- | M] () -- C:\Documents and Settings\krol\Pulpit\ElfBot NG.rar
[2012-12-30 00:33:21 | 000,001,838 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2012-12-30 00:32:56 | 003,200,512 | ---- | M] (KMNBM) -- C:\Documents and Settings\krol\Menu Start\Programy\Autostart\qaa64.exe
[2012-12-28 23:40:22 | 000,000,428 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2012-12-28 23:37:49 | 033,466,957 | ---- | M] (CipSoft GmbH                                                ) -- C:\Documents and Settings\krol\Pulpit\tibia981.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-01-19 18:59:13 | 000,708,712 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\OTL(19450).exe
[2013-01-19 18:50:04 | 000,000,223 | ---- | C] () -- C:\Boot.bak
[2013-01-19 18:50:01 | 000,262,400 | RHS- | C] () -- C:\cmldr
[2013-01-19 18:44:59 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013-01-19 18:44:59 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013-01-19 18:44:59 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013-01-19 18:44:59 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013-01-19 18:44:59 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013-01-19 18:18:12 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013-01-19 18:18:11 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2013-01-19 18:12:59 | 000,002,929 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.js
[2013-01-19 18:12:59 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\krol\Menu Start\Programy\Autostart\runctf.lnk
[2013-01-19 18:12:55 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad
[2013-01-16 20:48:12 | 000,197,427 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\wplata_gotowkowa_20130116.pdf
[2013-01-10 17:56:51 | 090,888,636 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\VIDEO0016.mp4
[2013-01-08 23:37:08 | 135,357,719 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\VIDEO0018.mp4
[2013-01-04 09:25:54 | 477,294,190 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\Top Gear Vietnam Special Lektor PL (TVRip).rmvb
[2013-01-04 09:24:59 | 019,102,689 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\Top Gear Vietnam Special Lektor PL (TVRip. XviD).avi
[2013-01-03 15:24:04 | 000,053,641 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\faktura_25_2012_31-12-2012.pdf
[2013-01-03 15:24:01 | 000,052,626 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\faktura_26_2012_31-12-2012.pdf
[2013-01-01 12:26:44 | 000,560,099 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\Tibia MC 8.6.7z
[2012-12-31 17:34:37 | 001,359,455 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\krk_alkochinczyk.jpeg
[2012-12-31 16:26:13 | 000,870,603 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\IMAG0088.jpg
[2012-12-30 13:41:11 | 002,106,673 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\Talaturen's IP Changer.rar
[2012-12-30 13:40:34 | 003,798,596 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\ElfBot NG.rar
[2012-12-30 13:30:47 | 000,000,358 | ---- | C] () -- C:\Documents and Settings\krol\Pulpit\Skrót do Classic.lnk
[2012-12-30 00:32:58 | 000,001,838 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2012-12-28 23:40:22 | 000,000,428 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2012-11-16 09:27:19 | 000,002,781 | ---- | C] () -- C:\Documents and Settings\krol\.recently-used.xbel
[2012-10-03 16:53:16 | 000,201,040 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2012-09-29 18:16:34 | 000,558,133 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2012-09-22 13:00:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\krol\F1_ 2012 _[ENG]_[ iso]_[FLT][Torrenty.org].torrent
[2012-08-02 17:38:38 | 000,072,192 | R--- | C] () -- C:\WINDOWS\System32\changeAcl.exe
[2012-06-24 15:53:21 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2012-03-24 09:37:20 | 000,075,045 | ---- | C] () -- C:\WINDOWS\System32\b1a6a8c.exe
[2012-03-24 09:37:19 | 001,915,904 | ---- | C] () -- C:\WINDOWS\System32\cf9899eb.dll
[2012-03-22 22:10:20 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\krol\Dane aplikacji\Preferencje Adobe CS5 dla formatu GIF
[2012-03-17 09:15:11 | 001,074,716 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012-03-17 09:15:11 | 001,074,716 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012-03-17 09:15:11 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012-03-17 09:14:52 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012-02-02 16:38:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\krol\Film0099.mp4
[2012-02-02 16:00:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\krol\herb przytorza2.png
[2012-01-30 22:23:28 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\proc-503976190.bin
[2012-01-20 15:48:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\krol\Dyson_Vac_www[1].planetbossi.ch.wmv
[2011-12-27 10:06:18 | 000,054,420 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011-12-13 18:42:49 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2011-12-13 18:42:49 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2011-12-13 18:42:49 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2011-12-13 18:42:49 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2011-12-13 18:42:49 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2011-12-13 18:42:49 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2011-12-13 18:42:49 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2011-12-13 18:42:49 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2011-12-13 18:42:49 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2011-12-13 18:42:49 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2011-12-13 18:42:49 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011-12-13 18:42:49 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011-12-13 18:42:49 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011-12-13 18:42:49 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011-12-13 18:42:49 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011-12-13 18:42:49 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2011-12-13 18:42:49 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2011-12-13 18:42:49 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011-12-13 18:42:49 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2011-11-27 22:49:11 | 000,241,152 | ---- | C] () -- C:\Documents and Settings\krol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-11-21 23:07:25 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-11-21 23:07:23 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-11-21 23:07:23 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-11-21 23:07:23 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-11-21 22:59:35 | 000,434,176 | ---- | C] () -- C:\WINDOWS\System32\ZSHP1018.EXE
[2011-11-21 22:52:44 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-11-21 22:50:07 | 003,582,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-11-21 22:22:23 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-11-21 22:20:51 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011-11-21 22:08:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-11-21 22:03:49 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2012-01-19 19:51:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010-04-16 17:09:01 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 21:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 231 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B
 
< End of report >
 
Wygenerowano w 0.269s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!