OTL.Txt

Intel pentium 4 - Re: Prośba o sprawdzenie logów OTL

Proszę o sprawdzenie logów.


OTL logfile created on: 2013-02-28 15:20:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 72,37% Memory free
3,85 Gb Paging File | 3,41 Gb Available in Paging File | 88,60% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 3,00 Gb Free Space | 12,29% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 5,16 Gb Free Space | 20,65% Space Free | Partition Type: NTFS
Drive E: | 24,97 Gb Total Space | 1,42 Gb Free Space | 5,68% Space Free | Partition Type: NTFS

Computer Name: CHYLI-HMKKX19S8 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013-02-28 15:18:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads\OTL.exe
PRC - [2013-01-15 19:24:05 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-12-17 11:08:08 | 009,784,832 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe
PRC - [2012-09-28 09:25:56 | 000,586,904 | ---- | M] (PandoraTV) -- C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
PRC - [2012-09-28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
PRC - [2012-07-06 18:54:00 | 000,441,160 | ---- | M] () -- C:\Program Files\Hostless Modem\CheckNDISPort.exe
PRC - [2010-03-27 08:38:44 | 001,422,168 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
PRC - [2009-06-18 10:04:36 | 000,772,096 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-11-13 15:17:38 | 000,872,448 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2006-10-13 09:11:16 | 000,983,040 | R--- | M] (Obigo AB) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2005-10-18 15:00:10 | 000,241,152 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-12-17 11:08:08 | 009,784,832 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe
MOD - [2012-12-17 11:06:02 | 001,349,632 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll
MOD - [2012-12-08 10:50:42 | 000,218,624 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll
MOD - [2012-10-28 16:14:04 | 001,094,144 | ---- | M] () -- C:\Program Files\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll
MOD - [2012-10-22 11:21:42 | 001,277,952 | ---- | M] () -- C:\Program Files\PANDORA.TV\PanService\avformat-53.dll
MOD - [2012-07-09 17:57:30 | 002,090,496 | ---- | M] () -- C:\Program Files\PANDORA.TV\PanService\avcodec-53.dll
MOD - [2012-07-06 18:54:00 | 000,441,160 | ---- | M] () -- C:\Program Files\Hostless Modem\CheckNDISPort.exe
MOD - [2012-03-23 10:07:34 | 000,224,768 | ---- | M] () -- C:\Program Files\PANDORA.TV\PanService\libupnp.dll
MOD - [2011-12-06 16:19:48 | 000,133,632 | ---- | M] () -- C:\Program Files\PANDORA.TV\PanService\avutil-51.dll
MOD - [2010-01-30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2006-03-09 17:45:36 | 000,081,920 | R--- | M] () -- C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2013-01-15 19:24:05 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-09-28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2010-03-25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2005-10-18 15:00:10 | 000,241,152 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva401.sys -- (XDva401)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys -- (SYMIDSCO)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ewfiltertdidriver.sys -- (filtertdidriver)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (at93gsbm)
DRV - [2013-01-15 12:55:05 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010-06-22 17:00:04 | 005,068,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010-05-17 01:04:06 | 000,101,904 | R--- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009-03-25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009-03-25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2009-03-25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2009-03-25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009-03-25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2009-03-25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2009-03-25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008-07-10 15:29:52 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2006-12-14 09:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006-11-15 07:34:00 | 004,225,920 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2006-09-18 14:59:08 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic)
DRV - [2006-09-18 14:59:02 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006-09-18 14:59:00 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5)
DRV - [2006-09-18 14:58:58 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt)
DRV - [2006-09-18 14:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006-09-18 14:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006-05-15 14:35:36 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus)
DRV - [2005-10-20 15:30:00 | 000,011,264 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2005-10-18 15:01:38 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope =


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-21-1960408961-602162358-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nasza-klasa.pl
IE - HKU\S-1-5-21-1960408961-602162358-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKU\S-1-5-21-1960408961-602162358-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-1960408961-602162358-682003330-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1960408961-602162358-682003330-500\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: " URL " = http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC
IE - HKU\S-1-5-21-1960408961-602162358-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)



[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms} & {google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome & q={searchTerms} & {google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: about:blank
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - Extension: AdBlock = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\onomnaapllbibeeggnncehgfnkfafpfb\0.2_0\

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CheckNDISPort] C:\Program Files\Hostless Modem\CheckNDISPort.exe ()
O4 - HKLM..\Run: [iPlusManager] C:\Program Files\iPlus\iPlusChecker.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKU\S-1-5-21-1960408961-602162358-682003330-500..\Run: [RGSC] E:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-1960408961-602162358-682003330-500..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\S-1-5-21-1960408961-602162358-682003330-500..\Run: [Sorira] C:\Documents and Settings\Administrator\Dane aplikacji\Sorira.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1960408961-602162358-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E & ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij & do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij & do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: & Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : & Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1356375835671 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1DE8F235-6D6F-40AF-B715-C3805B332D54}: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4ACE01C-7F28-4B0E-8181-E5350E6FD05B}: NameServer = 212.2.96.51 212.2.96.52
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-12-27 19:49:48 | 000,000,007 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2cb9d976-58d8-11e2-a908-8ab5376904ea}\Shell - " " = AutoRun
O33 - MountPoints2\{2cb9d976-58d8-11e2-a908-8ab5376904ea}\Shell\AutoRun\command - " " = H:\AutoRun.exe
O33 - MountPoints2\{2cb9d977-58d8-11e2-a908-8ab5376904ea}\Shell - " " = AutoRun
O33 - MountPoints2\{2cb9d977-58d8-11e2-a908-8ab5376904ea}\Shell\AutoRun\command - " " = H:\AutoRun.exe
O33 - MountPoints2\{2cb9d97a-58d8-11e2-a908-8ab5376904ea}\Shell - " " = AutoRun
O33 - MountPoints2\{2cb9d97a-58d8-11e2-a908-8ab5376904ea}\Shell\AutoRun\command - " " = H:\AutoRun.exe
O33 - MountPoints2\{3012b0e8-5815-11e2-a907-de042048a384}\Shell - " " = AutoRun
O33 - MountPoints2\{3012b0e8-5815-11e2-a907-de042048a384}\Shell\AutoRun\command - " " = H:\AutoRun.exe
O33 - MountPoints2\{3012b0eb-5815-11e2-a907-de042048a384}\Shell - " " = AutoRun
O33 - MountPoints2\{3012b0eb-5815-11e2-a907-de042048a384}\Shell\AutoRun\command - " " = H:\AutoRun.exe
O33 - MountPoints2\{3012b0ee-5815-11e2-a907-de042048a384}\Shell - " " = AutoRun
O33 - MountPoints2\{3012b0ee-5815-11e2-a907-de042048a384}\Shell\AutoRun\command - " " = H:\AutoRun.exe
O33 - MountPoints2\{3012b0f1-5815-11e2-a907-ceb2caf12d49}\Shell - " " = AutoRun
O33 - MountPoints2\{3012b0f1-5815-11e2-a907-ceb2caf12d49}\Shell\AutoRun\command - " " = H:\AutoRun.exe
O33 - MountPoints2\{6c110151-4c79-11e2-a8c9-fe42f94a27e9}\Shell - " " = AutoRun
O33 - MountPoints2\{6c110151-4c79-11e2-a8c9-fe42f94a27e9}\Shell\AutoRun\command - " " = I:\AutoRun.exe
O33 - MountPoints2\{6c110154-4c79-11e2-a8c9-fe42f94a27e9}\Shell - " " = AutoRun
O33 - MountPoints2\{6c110154-4c79-11e2-a8c9-fe42f94a27e9}\Shell\AutoRun\command - " " = H:\AutoRun.exe
O33 - MountPoints2\{97bb9d1c-64d7-11e2-8278-d8ccd55e7fe9}\Shell - " " = AutoRun
O33 - MountPoints2\{97bb9d1c-64d7-11e2-8278-d8ccd55e7fe9}\Shell\AutoRun\command - " " = H:\Startme.exe
O33 - MountPoints2\{b30780f2-4cf8-11e2-a8cc-882034c821e9}\Shell - " " = AutoRun
O33 - MountPoints2\{b30780f2-4cf8-11e2-a8cc-882034c821e9}\Shell\AutoRun\command - " " = H:\AutoRun.exe
O33 - MountPoints2\{b30780f3-4cf8-11e2-a8cc-882034c821e9}\Shell - " " = AutoRun
O33 - MountPoints2\{b30780f3-4cf8-11e2-a8cc-882034c821e9}\Shell\AutoRun\command - " " = H:\AutoRun.exe
O33 - MountPoints2\{d060647e-6219-11e2-826e-806d6172696f}\Shell - " " = AutoRun
O33 - MountPoints2\{d060647e-6219-11e2-826e-806d6172696f}\Shell\AutoRun\command - " " = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- " %1 " %*
O35 - HKLM\..exefile [open] -- " %1 " %*
O37 - HKLM\...com [@ = comfile] -- " %1 " %*
O37 - HKLM\...exe [@ = exefile] -- " %1 " %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013-02-26 17:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\SharePoint
[2013-02-26 17:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office
[2013-02-26 17:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2013-02-26 17:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013-02-26 16:59:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Microsoft
[2013-02-26 16:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2013-02-26 16:59:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013-02-26 16:59:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013-02-26 16:56:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2013-02-26 16:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013-02-26 16:50:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2013-02-26 16:48:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013-02-26 16:48:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2013-02-26 16:47:03 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013-02-23 13:51:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PANDORATV
[2013-02-23 13:51:55 | 000,000,000 | ---D | C] -- C:\Program Files\PANDORA.TV
[2013-02-23 13:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\The KMPlayer
[2013-02-23 13:50:22 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2013-02-20 18:22:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Narzędzia administracyjne
[2013-02-19 21:23:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Rockstar Games
[2013-02-19 21:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft
[2013-02-19 21:17:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\SecuROM
[2013-02-19 20:42:09 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2013-02-19 20:37:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2013-02-19 20:37:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2013-02-19 16:29:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Rockstar Games
[2013-02-18 19:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Rockstar Games
[2013-02-16 12:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\gry tel
[2013-02-14 17:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2013-02-10 17:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013-02-10 17:22:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2013-02-09 19:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Ventrilo
[2013-02-09 19:13:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ventrilo
[2013-02-09 19:13:57 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2013-02-07 20:40:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Realtek
[2013-02-07 20:40:15 | 000,085,120 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtnicxp.sys
[2013-02-07 20:39:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2013-02-07 20:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\InstallShield
[2013-02-07 20:37:38 | 000,069,632 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2013-02-04 23:43:49 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013-02-04 13:46:10 | 000,018,704 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\se27nd5.sys
[2013-02-04 13:45:58 | 000,090,800 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\se27unic.sys
[2013-02-04 13:45:58 | 000,004,128 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\se27cr.sys
[2013-02-04 13:45:56 | 000,088,688 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE27mgmt.sys
[2013-02-04 13:45:52 | 000,086,560 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE27obex.sys
[2013-02-04 13:45:43 | 000,097,184 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE27mdm.sys
[2013-02-04 13:45:43 | 000,009,360 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE27mdfl.sys
[2013-02-04 13:45:43 | 000,006,240 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE27cmnt.sys
[2013-02-04 13:45:43 | 000,006,240 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE27cm.sys
[2013-02-04 13:45:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Teleca
[2013-02-04 13:44:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sony Ericsson
[2013-02-04 13:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Ericsson Shared
[2013-02-04 13:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Teleca Shared
[2013-02-04 13:40:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2013-02-04 13:39:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2013-02-04 13:37:04 | 000,061,600 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE27bus.sys
[2013-02-04 13:37:04 | 000,005,872 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE27whnt.sys
[2013-02-04 13:37:04 | 000,005,872 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE27wh.sys
[2013-02-03 14:12:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AGEIA
[2013-02-03 14:11:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2013-02-03 14:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2013-02-03 14:10:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013-01-30 21:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\TeamViewer
[2013-01-30 16:01:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\TS3Client
[2013-01-30 15:22:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client
[2013-01-30 15:21:36 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2013-01-29 17:56:26 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2013-01-29 16:30:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\GameRanger
[2013-01-29 16:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Activision
[4 C:\WINDOWS\System32\*.tmp files - & gt; C:\WINDOWS\System32\*.tmp - & gt; ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013-02-28 15:24:08 | 000,001,164 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-602162358-682003330-500UA.job
[2013-02-28 09:57:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-02-28 09:57:57 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2013-02-28 09:57:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-02-27 21:24:09 | 000,001,112 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-602162358-682003330-500Core.job
[2013-02-27 12:51:19 | 000,278,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-02-26 21:06:18 | 000,002,362 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Google Chrome.lnk
[2013-02-24 19:04:25 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013-02-23 13:51:37 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\KMPlayer.lnk
[2013-02-19 20:42:09 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2013-02-19 20:36:16 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Grand Theft Auto IV.lnk
[2013-02-19 16:29:09 | 000,000,765 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Rockstar Games Social Club.lnk
[2013-02-14 16:24:52 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2013-02-14 16:14:42 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013-02-14 16:09:46 | 000,499,958 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2013-02-14 16:09:46 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-02-14 16:09:46 | 000,088,618 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2013-02-14 16:09:46 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-02-11 17:57:47 | 000,000,274 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\as.reg
[2013-02-07 20:11:14 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AIMP3.lnk
[2013-02-03 13:55:48 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-02-03 12:58:14 | 000,000,397 | RHS- | M] () -- C:\boot.ini
[2013-02-02 11:21:42 | 000,022,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013-01-29 16:11:50 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 4 - Modern Warfare(TM) Wielu graczy.lnk
[2013-01-29 16:11:50 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 4 - Modern Warfare(TM) Jeden gracz.lnk
[2013-01-29 16:11:28 | 000,022,328 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\PnkBstrK.sys
[2013-01-29 16:10:52 | 000,000,319 | ---- | M] () -- C:\WINDOWS\game.ini
[4 C:\WINDOWS\System32\*.tmp files - & gt; C:\WINDOWS\System32\*.tmp - & gt; ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013-02-24 19:04:12 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013-02-23 13:51:37 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\KMPlayer.lnk
[2013-02-19 20:36:16 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Grand Theft Auto IV.lnk
[2013-02-19 16:29:09 | 000,000,765 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Rockstar Games Social Club.lnk
[2013-02-18 22:42:47 | 000,985,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2013-02-14 16:24:52 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2013-02-11 17:57:47 | 000,000,274 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\as.reg
[2013-02-10 17:22:39 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2013-02-07 20:11:14 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AIMP3.lnk
[2013-01-29 16:31:06 | 000,001,049 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\GameRanger.lnk
[2013-01-29 16:11:50 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 4 - Modern Warfare(TM) Wielu graczy.lnk
[2013-01-29 16:11:50 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 4 - Modern Warfare(TM) Jeden gracz.lnk
[2013-01-29 16:11:28 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\PnkBstrK.sys
[2013-01-29 16:10:52 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2013-01-28 15:09:56 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2013-01-28 15:09:56 | 000,000,003 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2013-01-28 15:09:13 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2013-01-28 15:09:11 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2013-01-28 15:06:24 | 000,205,156 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2013-01-22 20:16:58 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2013-01-12 21:20:14 | 000,000,016 | ---- | C] () -- C:\WINDOWS\furry.ini
[2013-01-11 21:15:02 | 000,000,010 | ---- | C] () -- C:\WINDOWS\tekkyuuman.INI
[2013-01-01 21:01:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-12-27 11:33:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012-12-25 19:02:53 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012-12-25 19:02:30 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2012-12-25 19:02:09 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2012-12-24 10:02:55 | 000,011,776 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-22 21:33:56 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2012-12-22 21:32:08 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2012-12-22 21:32:08 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2012-12-22 21:32:06 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2012-12-22 21:32:06 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2012-12-22 21:32:06 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2012-12-22 21:32:06 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2012-12-22 21:32:06 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2012-12-22 21:32:06 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2012-12-22 21:32:06 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2012-12-22 21:32:05 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2012-12-22 21:17:52 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012-12-22 14:47:23 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-12-22 14:38:21 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-12-22 14:31:49 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-12-22 14:30:21 | 000,278,152 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-04-22 21:12:22 | 004,424,704 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg.dll
[2012-04-09 00:40:36 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012-04-09 00:39:46 | 000,260,608 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2012-04-09 00:39:32 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2012-04-09 00:39:32 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2012-04-09 00:39:30 | 001,525,248 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2012-04-09 00:39:30 | 000,146,944 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2012-04-09 00:39:28 | 000,212,480 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2012-04-09 00:39:28 | 000,115,200 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2012-04-09 00:39:26 | 000,328,704 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2012-03-29 15:21:26 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\libbluray.dll
[2012-03-29 15:21:18 | 006,582,226 | ---- | C] () -- C:\WINDOWS\System32\avcodec-lav-54.dll
[2012-03-29 15:21:18 | 001,152,365 | ---- | C] () -- C:\WINDOWS\System32\avformat-lav-54.dll
[2012-03-29 15:21:18 | 000,374,152 | ---- | C] () -- C:\WINDOWS\System32\swscale-lav-2.dll
[2012-03-29 15:21:18 | 000,207,872 | ---- | C] () -- C:\WINDOWS\System32\avutil-lav-51.dll
[2012-03-29 15:21:18 | 000,144,523 | ---- | C] () -- C:\WINDOWS\System32\avfilter-lav-2.dll
[2011-12-07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\Lagarith.dll
[2011-09-08 15:00:52 | 000,150,528 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2011-09-08 15:00:48 | 000,142,336 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2011-09-08 15:00:42 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2011-09-08 15:00:38 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2011-09-08 15:00:34 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2011-09-08 15:00:24 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2011-09-08 15:00:10 | 000,137,728 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2011-09-08 15:00:06 | 000,358,400 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2011-09-08 14:59:54 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2011-09-08 14:59:52 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2011-05-30 14:42:50 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-05-23 08:46:30 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-03-03 12:39:56 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2011-03-03 12:38:10 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2011-03-03 12:37:50 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2012-12-22 21:26:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
" " = %SystemRoot%\System32\shdocvw.dll -- [2008-04-14 22:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
" " = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
" " = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008-04-14 22:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Both

[color=#E56717]========== LOP Check ==========[/color]

[2013-02-27 20:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\AIMP3
[2013-01-15 12:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools
[2013-01-15 14:11:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite
[2013-01-15 12:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Pro
[2013-01-29 16:31:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GameRanger
[2012-12-22 22:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\iPlus
[2013-01-17 13:44:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Leadertech
[2013-01-30 21:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\TeamViewer
[2013-02-04 13:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Teleca
[2013-02-23 18:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\TS3Client
[2013-01-15 12:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2013-01-06 17:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService
[2012-12-23 17:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2013-02-10 17:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2013-02-04 13:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2013-02-28 09:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 129 bytes - & gt; C:\Documents and Settings\All Users\Dane aplikacji\TEMP:E0EC633E

& lt; End of report & gt;


Pobierz plik - link do postu