Skocz do zawartości

  2. Przeglądanie profilu: Posty: jakub995

jakub995

Rejestracja: 18 gru 2012
OFFLINE Ostatnio: 19 12 2012 19:58
-----

Moje posty

W temacie: Logi - Aktywowanie okien i programów po przejechaniu kursorem

18 12 2012 - 21:13

All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4772000a-318a-11e2-aa22-0018de9d1c77}\ not found.
File RUNDLL32.EXE URL.DLL,FileProtocolHandler JasLAN - Usługi Informatyczne not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4772000a-318a-11e2-aa22-0018de9d1c77}\ not found.
File RUNDLL32.EXE URL.DLL,FileProtocolHandler Ma a ksi gowo "Rzeczpospolitej" not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4772000a-318a-11e2-aa22-0018de9d1c77}\ not found.
File move failed. G:\Setup.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4772000a-318a-11e2-aa22-0018de9d1c77}\ not found.
File HH.EXE INS.CHM not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4772000a-318a-11e2-aa22-0018de9d1c77}\ not found.
C:\WINDOWS\System32\rundll32.exe moved successfully.
========== FILES ==========
File\Folder F:\77a224ww.exe not found.
File\Folder F:\79d179ww.exe not found.
File\Folder F:\7kra21ww.exe not found.
File\Folder F:\7kra26ww.exe not found.
File\Folder F:\7ld140ww.exe not found.
File\Folder F:\g1ku20ww.exe not found.
File\Folder F:\osfj08ww.exe not found.
File\Folder F:\oss608ww.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Hanna
->Temp folder emptied: 77873979 bytes
->Temporary Internet Files folder emptied: 22894304 bytes
->FireFox cache emptied: 67713155 bytes
->Flash cache emptied: 12750 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: varicopostgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2837232 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 140807 bytes
RecycleBin emptied: 5398382 bytes

Total Files Cleaned = 169,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12182012_194517

Files\Folders moved on Reboot...
File\Folder G:\Setup.exe not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Nie dziw się że tak długo ale zrobienie coś na tamtym kompie to jest jak chirurgiczna operacja

aha zrobiłem skan i nic nie wykryło
wysłać ci loga do tego?

W temacie: Logi - Aktywowanie okien i programów po przejechaniu kursorem

18 12 2012 - 20:07

############################## | UsbFix V 7.093 | [Listing]

User: abc (Administrator) # ABC-3BAC819E3B8
Updated 08/07/2012 by El Desaparecido
Started at 19:06:41 | 18/12/2012

Website: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com

PC: Gigabyte Technology Co., Ltd. (M61PME-S2P) (X86-based PC) # Desktop Computer
CPU: AMD Athlon™ X4 620 Processor (2611)
RAM -> [Total : 3583 | Free : 2382]
BIOS: Award Modular BIOS v6.00PG
BOOT: Normal boot

OS: Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Dodatek Service Pack 3
WB: Windows Internet Explorer 6.0.2900.5512

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 98 Gb (163 Mb free - 0%) [] # NTFS
D:\ -> Fixed drive # 368 Gb (118 Mb free - 32%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Removable drive # 7 Gb (229 Mb free - 3%) [] # NTFS

################## | Listing |

[26/05/2011 - 10:02:10 | D ] C:\Autodesk
[25/05/2011 - 09:22:26 | A | 0] C:\AUTOEXEC.BAT
[30/07/2012 - 13:42:52 | RSH | 223] C:\boot.ini
[02/03/2006 - 13:00:00 | RASH | 4952] C:\Bootfont.bin
[12/12/2012 - 20:37:33 | D ] C:\Config.Msi
[25/05/2011 - 09:22:26 | A | 0] C:\CONFIG.SYS
[25/05/2011 - 10:15:28 | A | 206] C:\csb.log
[30/11/2012 - 00:09:53 | D ] C:\Documents and Settings
[30/03/2012 - 17:49:54 | D ] C:\Downloads
[24/08/2012 - 22:57:29 | D ] C:\GRY
[09/02/2012 - 23:12:09 | D ] C:\Infonetax
[01/11/2012 - 22:20:43 | D ] C:\Instalki
[05/10/2012 - 14:17:34 | A | 129654] C:\inv_oktodelete.bmp
[25/05/2011 - 09:22:26 | RASH | 0] C:\IO.SYS
[01/06/2011 - 16:58:48 | RA | 0] C:\logwmemory.bin
[25/05/2011 - 09:22:26 | RASH | 0] C:\MSDOS.SYS
[02/03/2006 - 13:00:00 | RASH | 47564] C:\NTDETECT.COM
[25/05/2011 - 20:01:33 | RASH | 251152] C:\ntldr
[18/12/2012 - 17:53:53 | ASH | 2145386496] C:\pagefile.sys
[12/12/2012 - 18:32:27 | RD ] C:\Program Files
[13/11/2011 - 09:35:23 | D ] C:\ProgramData
[23/07/2012 - 22:11:31 | SHD ] C:\RECYCLER
[25/05/2011 - 10:15:28 | A | 1530] C:\RHDSetup.log
[24/12/2011 - 08:14:26 | SHD ] C:\System Volume Information
[23/02/2012 - 01:57:22 | D ] C:\temp
[28/05/2011 - 16:16:35 | D ] C:\unitest
[18/12/2012 - 19:06:42 | D ] C:\UsbFix
[18/12/2012 - 19:06:42 | A | 786] C:\UsbFix.txt
[16/09/2012 - 20:46:41 | A | 341] C:\user.js
[11/12/2012 - 18:02:08 | D ] C:\WINDOWS
[08/07/2012 - 21:14:35 | D ] D:\AH
[24/05/2011 - 15:49:06 | D ] D:\Archiwizacja
[12/08/2012 - 22:49:43 | D ] D:\Documents and Settings
[03/12/2011 - 12:13:11 | D ] D:\Downloads
[11/11/2012 - 15:02:42 | D ] D:\GRY
[17/07/2011 - 16:16:31 | RD ] D:\Moje dokumenty
[07/02/2012 - 10:24:52 | D ] D:\Muzyka
[19/07/2011 - 14:58:15 | D ] D:\Program Files
[17/07/2011 - 16:05:12 | D ] D:\PROGRAMY
[25/05/2011 - 20:13:47 | SHD ] D:\RECYCLER
[24/07/2012 - 01:47:55 | SHD ] D:\System Volume Information
[07/02/2012 - 10:24:55 | D ] D:\Wideo
[15/11/2012 - 17:25:34 | A | 6811016] F:\77a224ww.exe
[15/11/2012 - 20:11:34 | A | 74593568] F:\79d179ww.exe
[15/11/2012 - 17:42:14 | A | 11197080] F:\7kra21ww.exe
[15/11/2012 - 17:15:26 | A | 10077032] F:\7kra26ww.exe
[15/11/2012 - 19:17:37 | A | 18257112] F:\7ld140ww.exe
[15/11/2012 - 19:18:28 | A | 54531016] F:\8.223.4.1-060504a-033176c-whql-lenovo.exe
[11/10/2012 - 17:38:53 | A | 119909912] F:\avg_free_x86_all_2013_2677a5774.exe
[15/10/2012 - 19:43:54 | D ] F:\Bartek
[17/10/2012 - 18:29:27 | D ] F:\dokumenty
[15/11/2012 - 17:33:26 | A | 1480728] F:\g1ku20ww.exe
[15/11/2012 - 20:52:01 | A | 870104] F:\kb888111xp1pl.exe
[01/01/1970 - 00:59:59 | N | 523812] F:\MM_PLAY_TIME.ini
[26/05/2011 - 13:21:56 | A | 152270734] F:\Office2003.rar
[15/11/2012 - 17:14:20 | A | 360952] F:\osfj08ww.exe
[15/11/2012 - 19:40:28 | A | 907848] F:\oss608ww.exe
[18/12/2012 - 17:24:38 | A | 602112] F:\OTL.exe
[13/10/2012 - 22:17:06 | D ] F:\scenarios
[20/11/2012 - 14:26:17 | A | 108032] F:\UMOWA.doc
[26/11/2012 - 09:26:20 | A | 46080] F:\UMOWA1.doc
[05/12/2012 - 00:25:10 | A | 62710] F:\VZM-1_B(4)(2011).pdf
[26/11/2012 - 06:40:52 | A | 155648] F:\Wycinek.shs
[01/01/1970 - 00:59:59 | D ] F:\Władca pierścieni
[14/12/2012 - 23:19:35 | D ] F:\[BEST-TORRENTS.NET] Epoka Lodowcowa 4

################## | E.O.F |

W temacie: Logi - Aktywowanie okien i programów po przejechaniu kursorem

18 12 2012 - 20:00

OTL logfile created on: 2012-12-18 18:03:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Hanna\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,99 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 78,83% Memory free
3,84 Gb Paging File | 3,39 Gb Available in Paging File | 88,09% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27,95 Gb Total Space | 17,97 Gb Free Space | 64,32% Space Free | Partition Type: NTFS
Drive D: | 27,93 Gb Total Space | 27,64 Gb Free Space | 98,96% Space Free | Partition Type: FAT32
Drive E: | 650,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 7,47 Gb Total Space | 0,22 Gb Free Space | 2,99% Space Free | Partition Type: NTFS
Drive G: | 19,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: X-397C000E44DE4 | User Name: Hanna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-12-18 17:58:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hanna\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2012-11-22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\HelperService.exe
PRC - [2012-11-22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\ConversionService.exe
PRC - [2012-11-15 18:14:56 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012-11-15 18:14:54 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012-01-06 08:35:22 | 000,569,072 | ---- | M] (CrossLoop) -- C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\CrossLoop\CrossLoopService.exe
PRC - [2011-07-04 18:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-08-02 16:09:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-10-06 01:05:06 | 001,532,000 | ---- | M] (The Firebird Project) -- d:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
PRC - [2009-10-06 01:05:06 | 000,065,536 | ---- | M] (The Firebird Project) -- d:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
PRC - [2009-02-03 03:23:38 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\Varico\VaricoPostgres\bin\pg_ctl.exe
PRC - [2009-02-03 03:22:04 | 003,678,208 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\Varico\VaricoPostgres\bin\postgres.exe
PRC - [2008-10-20 18:47:32 | 002,580,480 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.bin
PRC - [2008-10-20 18:47:30 | 002,363,392 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003-04-02 03:20:37 | 000,012,288 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe


========== Modules (No Company Name) ==========

MOD - [2012-11-15 21:03:12 | 014,586,808 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll
MOD - [2011-07-04 18:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 18:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 18:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 18:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 18:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-04-16 04:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-02-17 10:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 10:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 10:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 10:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 10:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 10:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 09:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 09:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 09:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 09:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 09:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 09:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll
MOD - [2010-06-17 15:27:22 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2007-12-19 15:04:24 | 000,828,416 | ---- | M] () -- C:\Program Files\OpenOffice.org 2.4\program\libxml2.dll
MOD - [2004-08-03 23:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003-04-02 03:20:37 | 000,012,288 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe


========== Services (SafeList) ==========

SRV - [2012-12-06 12:51:35 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-11-22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012-11-22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012-11-15 18:14:56 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012-11-15 18:14:54 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012-01-06 08:35:22 | 000,569,072 | ---- | M] (CrossLoop) [Auto | Running] -- C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\CrossLoop\CrossLoopService.exe -- (CrossLoopService)
SRV - [2010-07-21 07:50:26 | 000,814,080 | ---- | M] (GlavSoft LLC.) [On_Demand | Stopped] -- C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\CrossLoop\tvnserver.exe -- (tvnserver)
SRV - [2009-10-06 01:05:06 | 001,532,000 | ---- | M] (The Firebird Project) [On_Demand | Running] -- d:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2009-10-06 01:05:06 | 000,065,536 | ---- | M] (The Firebird Project) [Auto | Running] -- d:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2009-02-03 03:23:38 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\Varico\VaricoPostgres\bin\pg_ctl.exe -- (pgsql-8.3)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-11-18 22:29:36 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-11-15 18:14:56 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012-11-15 18:14:56 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-06-17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010-06-17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010-06-02 14:49:20 | 000,993,464 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2010-06-02 14:49:20 | 000,738,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2010-06-02 14:49:18 | 000,217,016 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007-11-26 23:37:00 | 002,236,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1482476501-1767777339-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2012-12-05 00:06:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-12-06 12:51:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012-11-15 18:19:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hanna\Dane aplikacji\Mozilla\Extensions
[2012-12-06 12:51:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-12-06 12:51:35 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-10-24 20:33:06 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-10-24 20:33:06 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-10-24 20:33:06 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-10-24 20:33:06 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-10-24 20:33:06 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-10-24 20:33:06 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-30 12:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\Winampa.exe ()
O4 - HKU\S-1-5-21-1482476501-1767777339-1801674531-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1482476501-1767777339-1801674531-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1482476501-1767777339-1801674531-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - Startup: C:\Documents and Settings\Hanna\Menu Start\Programy\Autostart\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1482476501-1767777339-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1482476501-1767777339-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A3FBF821-4904-4763-9D4B-6AECB4650D23}: DhcpNameServer = 192.168.1.1 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - about:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-11-14 01:17:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012-01-14 16:50:00 | 001,415,168 | R--- | M] (Us│ugi Informatyczne Andrzej Ciupi˝ski) - G:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2012-01-14 20:01:06 | 000,000,839 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell - "" = AutoRun
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\APPLET\COMMAND - "" = G:\Autorun.exe -- [2012-01-14 16:50:00 | 001,415,168 | R--- | M] (Us│ugi Informatyczne Andrzej Ciupi˝ski)
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2012-01-14 16:50:00 | 001,415,168 | R--- | M] (Us│ugi Informatyczne Andrzej Ciupi˝ski)
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\HTTPJL\COMMAND - "" = RUNDLL32.EXE URL.DLL,FileProtocolHandler http://www.jaslan.pl
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\HTTPRP\COMMAND - "" = RUNDLL32.EXE URL.DLL,FileProtocolHandler http://www.rp.pl/mala_ks
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\INSTALL\COMMAND - "" = G:\Setup.exe -- [2012-01-16 12:04:53 | 012,113,147 | R--- | M] ()
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\INSTRUKCJA\COMMAND - "" = HH.EXE INS.CHM
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\MAIL\COMMAND - "" = RUNDLL32.EXE URL.DLL,FileProtocolHandler mailto:biuro@jaslan.pl?Subject="Mała Księgowość Rzeczpospolitej" 2012
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-12-17 22:27:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Menu Start\Programy\Ewidencja Środków Trwałych Rzeczpospolitej
[2012-12-17 22:25:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2012-12-17 22:25:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Hanna\Moje dokumenty\Moje wideo
[2012-12-16 18:24:44 | 000,000,000 | ---D | C] -- C:\Instalki
[2012-12-10 22:06:40 | 000,000,000 | ---D | C] -- C:\MalaKsiegowosc
[2012-12-10 22:02:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\VATowiec
[2012-12-10 22:02:49 | 000,000,000 | ---D | C] -- C:\ARCHIWUM
[2012-12-10 22:02:17 | 000,000,000 | ---D | C] -- C:\BR
[2012-12-09 18:04:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\CrossLoop
[2012-12-09 18:04:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Menu Start\Programy\CrossLoop
[2012-12-09 18:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PostgreSQL 8.3
[2012-12-09 18:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Varico
[2012-12-09 13:04:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\firebird
[2012-12-09 13:04:18 | 000,548,864 | ---- | C] (Firebird Project) -- C:\WINDOWS\System32\FBCLIENT.DLL
[2012-12-08 18:53:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Pulpit\Praca
[2012-12-08 18:36:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\OpenOffice.org2
[2012-12-08 18:35:27 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OpenOffice.org 2.4
[2012-12-08 18:34:32 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 2.4
[2012-12-08 18:33:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Pulpit\OpenOffice.org 2.4 (pl) Installation Files
[2012-12-07 23:44:53 | 000,000,000 | ---D | C] -- C:\inetpub
[2012-12-06 20:10:21 | 000,548,864 | ---- | C] (Firebird Project) -- C:\WINDOWS\System32\GDS32.DLL
[2012-12-06 20:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Firebird 1.5
[2012-12-06 20:09:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\LeftHand
[2012-12-06 20:07:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012-12-06 20:07:21 | 000,000,000 | ---D | C] -- C:\SB4
[2012-12-06 12:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-12-05 00:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\PDF Architect
[2012-12-05 00:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\APP_NAME_NON_STRING
[2012-12-05 00:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Moje dokumenty\PDF Architect Files
[2012-12-05 00:06:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PDF Architect
[2012-12-05 00:06:40 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Architect
[2012-12-05 00:06:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PDFCreator
[2012-12-05 00:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\pdfforge
[2012-12-05 00:06:00 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2012-12-05 00:06:00 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX
[2012-12-05 00:06:00 | 000,088,576 | ---- | C] (pdfforge GbR) -- C:\WINDOWS\System32\pdfcmon.dll
[2012-12-05 00:05:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL
[2012-12-05 00:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2012-12-04 23:57:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\Clickteam
[2012-12-04 23:27:14 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2012-12-01 01:03:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Menu Start\Programy\Mała Księgowość Rzeczpospolitej
[2012-11-28 12:09:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\WINDOWS
[2012-11-28 12:09:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Formularze IPS
[2012-11-28 12:09:19 | 000,000,000 | ---D | C] -- C:\Program Files\IPSPI
[2012-11-22 00:07:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight
[2012-11-22 00:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012-11-21 17:22:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\Gadu-Gadu 10
[2012-11-21 17:22:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-11-21 17:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2012-11-21 16:40:49 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2012-11-21 16:40:44 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2012-11-18 22:37:37 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2012-11-18 22:36:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office
[2012-11-18 22:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012-11-18 22:35:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012-11-18 22:35:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2012-11-18 22:35:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012-11-18 22:30:38 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012-11-18 22:28:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DAEMON Tools Lite
[2012-11-18 22:28:26 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-11-18 22:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\DAEMON Tools Lite
[2012-11-18 22:28:05 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2012-11-18 22:27:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-11-18 19:10:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-12-18 17:50:54 | 000,359,284 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-12-18 17:50:54 | 000,314,842 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-12-18 17:50:54 | 000,051,166 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-12-18 17:50:54 | 000,041,170 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-12-18 17:46:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-12-17 21:41:17 | 000,000,132 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2012-12-17 21:41:15 | 000,001,943 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-12-16 21:29:52 | 000,001,418 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business SB4.LNK
[2012-12-16 21:29:52 | 000,001,416 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business BISTRO MULTI SB4.LNK
[2012-12-16 21:29:52 | 000,001,394 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business BISTRO SB4.LNK
[2012-12-16 21:29:52 | 000,001,386 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business PALMTOPY SB4.LNK
[2012-12-16 18:19:04 | 000,035,401 | ---- | M] () -- C:\Documents and Settings\Hanna\Moje dokumenty\Zestawienie faktur.HTML
[2012-12-16 16:37:53 | 000,005,504 | ---- | M] () -- C:\Documents and Settings\Hanna\maw32.lc
[2012-12-15 20:05:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-12-11 16:36:20 | 000,212,080 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-10 22:02:50 | 000,000,641 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Przewoźnik.lnk
[2012-12-10 22:02:50 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Kadrowiec.lnk
[2012-12-10 22:02:50 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\VATowiec.lnk
[2012-12-10 22:02:50 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Spedytor.lnk
[2012-12-10 22:02:50 | 000,000,612 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Celin.lnk
[2012-12-10 13:56:24 | 000,009,396 | ---- | M] () -- C:\Documents and Settings\Hanna\Moje dokumenty\praca.odt
[2012-12-09 18:04:48 | 000,002,346 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\CrossLoop Connect.lnk
[2012-12-08 18:36:46 | 000,000,876 | ---- | M] () -- C:\Documents and Settings\Hanna\Menu Start\Programy\Autostart\OpenOffice.org 2.4.lnk
[2012-12-08 17:54:34 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Hanna\Moje dokumenty\~$rodowe.rtf
[2012-12-05 18:20:04 | 000,062,075 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\VZM-1_C(2)(2011).pdf
[2012-12-05 16:10:39 | 000,405,722 | ---- | M] () -- C:\Documents and Settings\Hanna\Moje dokumenty\Zwrot VAT za materiały budowlane. Odzyskasz pieniądze za parkiet, za farby - już nie - Prawo - Muratordom.mdi
[2012-12-05 00:21:30 | 000,062,710 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\VZM-1_B(4)(2011).pdf
[2012-12-05 00:07:16 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\PDF Architect.lnk
[2012-12-05 00:06:06 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PDFCreator.lnk
[2012-12-01 01:03:08 | 000,000,335 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Mała Księgowość Rzeczpospolitej wersja sieciowa.lnk
[2012-12-01 01:03:08 | 000,000,330 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Mała Księgowość Rzeczpospolitej.lnk
[2012-12-01 01:03:08 | 000,000,320 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Oferty i Zamówienia Rzeczpospolitej.lnk
[2012-12-01 01:03:08 | 000,000,315 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Biuro Rachunkowe Rzeczpospolitej.lnk
[2012-11-28 12:09:21 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\DRUKI IPS.lnk
[2012-11-26 03:25:59 | 000,035,539 | ---- | M] () -- C:\Documents and Settings\Hanna\Moje dokumenty\WPŁATY ZA FAKTURY.rtf
[2012-11-21 17:22:05 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-11-21 17:22:05 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-11-19 00:53:21 | 000,134,432 | ---- | M] () -- C:\Documents and Settings\Hanna\Moje dokumenty\Ewidencja sprzedaży VAT 01.11.2012 - 30.11.2012.xml
[2012-11-18 22:37:50 | 000,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012-11-18 22:29:36 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-11-18 22:28:27 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-12-16 18:19:04 | 000,035,401 | ---- | C] () -- C:\Documents and Settings\Hanna\Moje dokumenty\Zestawienie faktur.HTML
[2012-12-11 19:14:11 | 000,005,504 | ---- | C] () -- C:\Documents and Settings\Hanna\maw32.lc
[2012-12-10 22:02:50 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Przewoźnik.lnk
[2012-12-10 22:02:50 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Kadrowiec.lnk
[2012-12-10 22:02:50 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\VATowiec.lnk
[2012-12-10 22:02:50 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Spedytor.lnk
[2012-12-10 22:02:50 | 000,000,612 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Celin.lnk
[2012-12-10 13:53:13 | 000,009,396 | ---- | C] () -- C:\Documents and Settings\Hanna\Moje dokumenty\praca.odt
[2012-12-09 18:04:48 | 000,002,346 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\CrossLoop Connect.lnk
[2012-12-08 18:36:46 | 000,000,876 | ---- | C] () -- C:\Documents and Settings\Hanna\Menu Start\Programy\Autostart\OpenOffice.org 2.4.lnk
[2012-12-08 17:54:34 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Hanna\Moje dokumenty\~$rodowe.rtf
[2012-12-06 20:07:31 | 000,001,418 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business SB4.LNK
[2012-12-06 20:07:31 | 000,001,416 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business BISTRO MULTI SB4.LNK
[2012-12-06 20:07:31 | 000,001,394 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business BISTRO SB4.LNK
[2012-12-06 20:07:31 | 000,001,386 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business PALMTOPY SB4.LNK
[2012-12-05 16:10:34 | 000,405,722 | ---- | C] () -- C:\Documents and Settings\Hanna\Moje dokumenty\Zwrot VAT za materiały budowlane. Odzyskasz pieniądze za parkiet, za farby - już nie - Prawo - Muratordom.mdi
[2012-12-05 13:55:19 | 000,062,075 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\VZM-1_C(2)(2011).pdf
[2012-12-05 00:21:28 | 000,062,710 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\VZM-1_B(4)(2011).pdf
[2012-12-05 00:07:16 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\PDF Architect.lnk
[2012-12-05 00:06:06 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PDFCreator.lnk
[2012-12-01 01:03:08 | 000,000,335 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Mała Księgowość Rzeczpospolitej wersja sieciowa.lnk
[2012-12-01 01:03:08 | 000,000,330 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Mała Księgowość Rzeczpospolitej.lnk
[2012-12-01 01:03:08 | 000,000,320 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Oferty i Zamówienia Rzeczpospolitej.lnk
[2012-12-01 01:03:08 | 000,000,315 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Biuro Rachunkowe Rzeczpospolitej.lnk
[2012-11-28 12:09:21 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\DRUKI IPS.lnk
[2012-11-25 22:37:36 | 000,035,539 | ---- | C] () -- C:\Documents and Settings\Hanna\Moje dokumenty\WPŁATY ZA FAKTURY.rtf
[2012-11-21 17:22:05 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-11-21 17:22:05 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-11-21 17:21:43 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk
[2012-11-19 00:53:20 | 000,134,432 | ---- | C] () -- C:\Documents and Settings\Hanna\Moje dokumenty\Ewidencja sprzedaży VAT 01.11.2012 - 30.11.2012.xml
[2012-11-18 22:37:50 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012-11-18 22:28:27 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2012-11-15 20:18:54 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWIZARD.INI
[2012-11-15 19:25:30 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2012-11-15 16:07:07 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-11-15 16:07:06 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2012-11-15 16:07:04 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012-11-15 16:07:00 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012-11-15 16:04:32 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012-11-15 15:43:51 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012-11-14 22:42:24 | 000,000,132 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2012-11-14 03:06:22 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-11-14 03:05:04 | 000,212,080 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-11-14 01:20:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-11-14 01:14:05 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004-08-03 23:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012-11-18 22:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-12-16 16:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\firebird
[2012-11-21 17:22:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-12-05 00:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\APP_NAME_NON_STRING
[2012-12-04 23:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\Clickteam
[2012-11-18 22:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\DAEMON Tools Lite
[2012-11-22 01:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\Gadu-Gadu 10
[2012-12-06 20:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\LeftHand
[2012-12-05 00:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\PDF Architect
[2012-12-05 00:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\pdfforge

========== Purity Check ==========



< End of report >

Mam to wykonać dla tego pendrivea którym przenosiłem pliki?

W temacie: Logi - Aktywowanie okien i programów po przejechaniu kursorem

18 12 2012 - 19:54

OTL Extras logfile created on: 2012-12-18 18:03:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Hanna\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd


1,99 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 78,83% Memory free
3,84 Gb Paging File | 3,39 Gb Available in Paging File | 88,09% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27,95 Gb Total Space | 17,97 Gb Free Space | 64,32% Space Free | Partition Type: NTFS
Drive D: | 27,93 Gb Total Space | 27,64 Gb Free Space | 98,96% Space Free | Partition Type: FAT32
Drive E: | 650,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 7,47 Gb Total Space | 0,22 Gb Free Space | 2,99% Space Free | Partition Type: NTFS
Drive G: | 19,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: X-397C000E44DE4 | User Name: Hanna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1482476501-1767777339-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5432:TCP" = 5432:TCP:*:Enabled:Varico PostgreSQL
"5910:TCP" = 5910:TCP:*:Enabled:vnc5910
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\CrossLoop\vncviewer.exe" = C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\CrossLoop\vncviewer.exe:*:Enabled:vncviewer.exe -- (UltraVNC)
"C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\CrossLoop\tvnserver.exe" = C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\CrossLoop\tvnserver.exe:*:Enabled:tvnserver.exe -- (GlavSoft LLC.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}" = PDF Architect
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.0 - Polish
"{ADD5600C-CEBF-4A9C-B4E8-4AB734B96FD9}_is1" = Varico PostgreSQL 1.1.0.3
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3
"{E33DB440-A008-4928-8A4E-5FC5ADDED608}" = OpenOffice.org 2.4
"{EEE90C2D-8ACE-4007-9CF6-B07D0516F6B9}" = Intel® PRO Network Connections 12.0.40.0
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"2BFA56D22F9A1E3382C6C22AC377F97932ABB3FD" = Windows Driver Package - Intel (NETw4x32) net (11/27/2007 11.5.0.36)
"AA50C5938456EF4A1C98D24E2FB458C653208D15" = Windows Driver Package - Intel net (11/27/2007 11.5.0.36)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CNXT_MODEM_HDA_HSF" = ThinkPad Modem
"CrossLoop_is1" = CrossLoop 2.82
"DAEMON Tools Lite" = DAEMON Tools Lite
"DRUKI IPS_is1" = DRUKI IPS
"EFD65E7CD7A28D00217941F33C5CA55964F96136" = Windows Driver Package - Intel (w29n51) net (07/25/2007 9.0.4.37)
"FBDBServer_1_5_is1" = Firebird 1.5.6
"Gadu-Gadu 10" = Gadu-Gadu 10
"HDMI" = Intel® Graphics Media Accelerator Driver
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"Mała Księgowość Rzeczpospolitej" = Mała Księgowość Rzeczpospolitej
"Mozilla Firefox 17.0.1 (x86 pl)" = Mozilla Firefox 17.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"VATowiec Komplet_is1" = VATowiec 3.91
"Winamp" = Winamp (remove only)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2012-12-17 17:32:56 | Computer Name = X-397C000E44DE4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd faktura.exe, wersja 1.0.26.0, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.2180, adres błędu 0x0001eb33.

Error - 2012-12-17 17:32:56 | Computer Name = X-397C000E44DE4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd faktura.exe, wersja 1.0.26.0, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.2180, adres błędu 0x0001eb33.

Error - 2012-12-17 17:32:57 | Computer Name = X-397C000E44DE4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd faktura.exe, wersja 1.0.26.0, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.2180, adres błędu 0x0001eb33.

Error - 2012-12-17 17:32:57 | Computer Name = X-397C000E44DE4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd faktura.exe, wersja 1.0.26.0, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.2180, adres błędu 0x0001eb33.

Error - 2012-12-17 17:32:57 | Computer Name = X-397C000E44DE4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd faktura.exe, wersja 1.0.26.0, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.2180, adres błędu 0x0001eb33.

Error - 2012-12-17 17:32:57 | Computer Name = X-397C000E44DE4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd faktura.exe, wersja 1.0.26.0, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.2180, adres błędu 0x0001eb33.

Error - 2012-12-17 17:32:58 | Computer Name = X-397C000E44DE4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd faktura.exe, wersja 1.0.26.0, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.2180, adres błędu 0x0001eb33.

Error - 2012-12-17 17:32:59 | Computer Name = X-397C000E44DE4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd faktura.exe, wersja 1.0.26.0, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.2180, adres błędu 0x0001eb33.

Error - 2012-12-17 17:32:59 | Computer Name = X-397C000E44DE4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd faktura.exe, wersja 1.0.26.0, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.2180, adres błędu 0x0001eb33.

Error - 2012-12-17 17:33:00 | Computer Name = X-397C000E44DE4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd faktura.exe, wersja 1.0.26.0, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.2180, adres błędu 0x0001eb33.

[ System Events ]
Error - 2012-12-18 12:33:33 | Computer Name = X-397C000E44DE4 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi
netman z argumentami „” w celu uruchomienia serwera: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2012-12-18 12:34:04 | Computer Name = X-397C000E44DE4 | Source = Service Control Manager | ID = 7001
Description = Usługa Klient DHCP zależy od usługi NetBios przez TCP/IP, której nie
można uruchomić z powodu następującego błędu: %%31

Error - 2012-12-18 12:34:04 | Computer Name = X-397C000E44DE4 | Source = Service Control Manager | ID = 7001
Description = Usługa Klient DNS zależy od usługi Sterownik protokołu TCP/IP, której
nie można uruchomić z powodu następującego błędu: %%31

Error - 2012-12-18 12:34:04 | Computer Name = X-397C000E44DE4 | Source = Service Control Manager | ID = 7001
Description = Usługa Pomoc TCP/IP NetBIOS zależy od usługi AFD, której nie można
uruchomić z powodu następującego błędu: %%31

Error - 2012-12-18 12:34:04 | Computer Name = X-397C000E44DE4 | Source = Service Control Manager | ID = 7001
Description = Usługa Usługi IPSEC zależy od usługi Sterownik IPSEC, której nie można
uruchomić z powodu następującego błędu: %%31

Error - 2012-12-18 12:34:04 | Computer Name = X-397C000E44DE4 | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: AFD avgio avipbb Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss ssmdrv
Tcpip

Error - 2012-12-18 12:37:23 | Computer Name = X-397C000E44DE4 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi
netman z argumentami „” w celu uruchomienia serwera: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2012-12-18 12:38:42 | Computer Name = X-397C000E44DE4 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi
netman z argumentami „” w celu uruchomienia serwera: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2012-12-18 12:45:36 | Computer Name = X-397C000E44DE4 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi
EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2012-12-18 12:46:56 | Computer Name = X-397C000E44DE4 | Source = PlugPlayManager | ID = 12
Description = Urządzenie 'Intel® PRO/1000 PL Network Connection' (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0)
zniknęło z systemu bez uprzedniego przygotowania go do usunięcia.


< End of report >

OTL logfile created on: 2012-12-18 18:03:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Hanna\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,99 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 78,83% Memory free
3,84 Gb Paging File | 3,39 Gb Available in Paging File | 88,09% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27,95 Gb Total Space | 17,97 Gb Free Space | 64,32% Space Free | Partition Type: NTFS
Drive D: | 27,93 Gb Total Space | 27,64 Gb Free Space | 98,96% Space Free | Partition Type: FAT32
Drive E: | 650,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 7,47 Gb Total Space | 0,22 Gb Free Space | 2,99% Space Free | Partition Type: NTFS
Drive G: | 19,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: X-397C000E44DE4 | User Name: Hanna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-12-18 17:58:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hanna\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2012-11-22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\HelperService.exe
PRC - [2012-11-22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\ConversionService.exe
PRC - [2012-11-15 18:14:56 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012-11-15 18:14:54 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012-01-06 08:35:22 | 000,569,072 | ---- | M] (CrossLoop) -- C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\CrossLoop\CrossLoopService.exe
PRC - [2011-07-04 18:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-08-02 16:09:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-10-06 01:05:06 | 001,532,000 | ---- | M] (The Firebird Project) -- d:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
PRC - [2009-10-06 01:05:06 | 000,065,536 | ---- | M] (The Firebird Project) -- d:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
PRC - [2009-02-03 03:23:38 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\Varico\VaricoPostgres\bin\pg_ctl.exe
PRC - [2009-02-03 03:22:04 | 003,678,208 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\Varico\VaricoPostgres\bin\postgres.exe
PRC - [2008-10-20 18:47:32 | 002,580,480 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.bin
PRC - [2008-10-20 18:47:30 | 002,363,392 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003-04-02 03:20:37 | 000,012,288 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe


========== Modules (No Company Name) ==========

MOD - [2012-11-15 21:03:12 | 014,586,808 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll
MOD - [2011-07-04 18:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 18:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 18:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 18:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 18:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-04-16 04:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-02-17 10:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 10:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 10:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 10:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 10:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 10:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 09:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 09:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 09:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 09:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 09:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 09:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll
MOD - [2010-06-17 15:27:22 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2007-12-19 15:04:24 | 000,828,416 | ---- | M] () -- C:\Program Files\OpenOffice.org 2.4\program\libxml2.dll
MOD - [2004-08-03 23:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003-04-02 03:20:37 | 000,012,288 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe


========== Services (SafeList) ==========

SRV - [2012-12-06 12:51:35 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-11-22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012-11-22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012-11-15 18:14:56 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012-11-15 18:14:54 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012-01-06 08:35:22 | 000,569,072 | ---- | M] (CrossLoop) [Auto | Running] -- C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\CrossLoop\CrossLoopService.exe -- (CrossLoopService)
SRV - [2010-07-21 07:50:26 | 000,814,080 | ---- | M] (GlavSoft LLC.) [On_Demand | Stopped] -- C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\CrossLoop\tvnserver.exe -- (tvnserver)
SRV - [2009-10-06 01:05:06 | 001,532,000 | ---- | M] (The Firebird Project) [On_Demand | Running] -- d:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2009-10-06 01:05:06 | 000,065,536 | ---- | M] (The Firebird Project) [Auto | Running] -- d:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2009-02-03 03:23:38 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\Varico\VaricoPostgres\bin\pg_ctl.exe -- (pgsql-8.3)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-11-18 22:29:36 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-11-15 18:14:56 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012-11-15 18:14:56 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-06-17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010-06-17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010-06-02 14:49:20 | 000,993,464 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2010-06-02 14:49:20 | 000,738,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2010-06-02 14:49:18 | 000,217,016 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007-11-26 23:37:00 | 002,236,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1482476501-1767777339-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2012-12-05 00:06:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-12-06 12:51:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012-11-15 18:19:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hanna\Dane aplikacji\Mozilla\Extensions
[2012-12-06 12:51:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-12-06 12:51:35 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-10-24 20:33:06 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-10-24 20:33:06 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-10-24 20:33:06 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-10-24 20:33:06 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-10-24 20:33:06 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-10-24 20:33:06 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-30 12:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\Winampa.exe ()
O4 - HKU\S-1-5-21-1482476501-1767777339-1801674531-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1482476501-1767777339-1801674531-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1482476501-1767777339-1801674531-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - Startup: C:\Documents and Settings\Hanna\Menu Start\Programy\Autostart\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1482476501-1767777339-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1482476501-1767777339-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A3FBF821-4904-4763-9D4B-6AECB4650D23}: DhcpNameServer = 192.168.1.1 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - about:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-11-14 01:17:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012-01-14 16:50:00 | 001,415,168 | R--- | M] (Us│ugi Informatyczne Andrzej Ciupi˝ski) - G:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2012-01-14 20:01:06 | 000,000,839 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell - "" = AutoRun
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\APPLET\COMMAND - "" = G:\Autorun.exe -- [2012-01-14 16:50:00 | 001,415,168 | R--- | M] (Us│ugi Informatyczne Andrzej Ciupi˝ski)
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2012-01-14 16:50:00 | 001,415,168 | R--- | M] (Us│ugi Informatyczne Andrzej Ciupi˝ski)
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\HTTPJL\COMMAND - "" = RUNDLL32.EXE URL.DLL,FileProtocolHandler http://www.jaslan.pl
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\HTTPRP\COMMAND - "" = RUNDLL32.EXE URL.DLL,FileProtocolHandler http://www.rp.pl/mala_ks
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\INSTALL\COMMAND - "" = G:\Setup.exe -- [2012-01-16 12:04:53 | 012,113,147 | R--- | M] ()
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\INSTRUKCJA\COMMAND - "" = HH.EXE INS.CHM
O33 - MountPoints2\{4772000a-318a-11e2-aa22-0018de9d1c77}\Shell\MAIL\COMMAND - "" = RUNDLL32.EXE URL.DLL,FileProtocolHandler mailto:biuro@jaslan.pl?Subject="Mała Księgowość Rzeczpospolitej" 2012
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-12-17 22:27:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Menu Start\Programy\Ewidencja Środków Trwałych Rzeczpospolitej
[2012-12-17 22:25:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2012-12-17 22:25:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Hanna\Moje dokumenty\Moje wideo
[2012-12-16 18:24:44 | 000,000,000 | ---D | C] -- C:\Instalki
[2012-12-10 22:06:40 | 000,000,000 | ---D | C] -- C:\MalaKsiegowosc
[2012-12-10 22:02:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\VATowiec
[2012-12-10 22:02:49 | 000,000,000 | ---D | C] -- C:\ARCHIWUM
[2012-12-10 22:02:17 | 000,000,000 | ---D | C] -- C:\BR
[2012-12-09 18:04:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Ustawienia lokalne\Dane aplikacji\CrossLoop
[2012-12-09 18:04:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Menu Start\Programy\CrossLoop
[2012-12-09 18:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PostgreSQL 8.3
[2012-12-09 18:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Varico
[2012-12-09 13:04:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\firebird
[2012-12-09 13:04:18 | 000,548,864 | ---- | C] (Firebird Project) -- C:\WINDOWS\System32\FBCLIENT.DLL
[2012-12-08 18:53:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Pulpit\Praca
[2012-12-08 18:36:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\OpenOffice.org2
[2012-12-08 18:35:27 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OpenOffice.org 2.4
[2012-12-08 18:34:32 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 2.4
[2012-12-08 18:33:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Pulpit\OpenOffice.org 2.4 (pl) Installation Files
[2012-12-07 23:44:53 | 000,000,000 | ---D | C] -- C:\inetpub
[2012-12-06 20:10:21 | 000,548,864 | ---- | C] (Firebird Project) -- C:\WINDOWS\System32\GDS32.DLL
[2012-12-06 20:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Firebird 1.5
[2012-12-06 20:09:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\LeftHand
[2012-12-06 20:07:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012-12-06 20:07:21 | 000,000,000 | ---D | C] -- C:\SB4
[2012-12-06 12:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-12-05 00:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\PDF Architect
[2012-12-05 00:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\APP_NAME_NON_STRING
[2012-12-05 00:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Moje dokumenty\PDF Architect Files
[2012-12-05 00:06:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PDF Architect
[2012-12-05 00:06:40 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Architect
[2012-12-05 00:06:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PDFCreator
[2012-12-05 00:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\pdfforge
[2012-12-05 00:06:00 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2012-12-05 00:06:00 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX
[2012-12-05 00:06:00 | 000,088,576 | ---- | C] (pdfforge GbR) -- C:\WINDOWS\System32\pdfcmon.dll
[2012-12-05 00:05:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL
[2012-12-05 00:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2012-12-04 23:57:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\Clickteam
[2012-12-04 23:27:14 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2012-12-01 01:03:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Menu Start\Programy\Mała Księgowość Rzeczpospolitej
[2012-11-28 12:09:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\WINDOWS
[2012-11-28 12:09:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Formularze IPS
[2012-11-28 12:09:19 | 000,000,000 | ---D | C] -- C:\Program Files\IPSPI
[2012-11-22 00:07:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight
[2012-11-22 00:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012-11-21 17:22:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\Gadu-Gadu 10
[2012-11-21 17:22:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-11-21 17:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2012-11-21 16:40:49 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2012-11-21 16:40:44 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2012-11-18 22:37:37 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2012-11-18 22:36:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office
[2012-11-18 22:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012-11-18 22:35:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012-11-18 22:35:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2012-11-18 22:35:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012-11-18 22:30:38 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012-11-18 22:28:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DAEMON Tools Lite
[2012-11-18 22:28:26 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-11-18 22:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanna\Dane aplikacji\DAEMON Tools Lite
[2012-11-18 22:28:05 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2012-11-18 22:27:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-11-18 19:10:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-12-18 17:50:54 | 000,359,284 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-12-18 17:50:54 | 000,314,842 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-12-18 17:50:54 | 000,051,166 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-12-18 17:50:54 | 000,041,170 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-12-18 17:46:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-12-17 21:41:17 | 000,000,132 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2012-12-17 21:41:15 | 000,001,943 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-12-16 21:29:52 | 000,001,418 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business SB4.LNK
[2012-12-16 21:29:52 | 000,001,416 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business BISTRO MULTI SB4.LNK
[2012-12-16 21:29:52 | 000,001,394 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business BISTRO SB4.LNK
[2012-12-16 21:29:52 | 000,001,386 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business PALMTOPY SB4.LNK
[2012-12-16 18:19:04 | 000,035,401 | ---- | M] () -- C:\Documents and Settings\Hanna\Moje dokumenty\Zestawienie faktur.HTML
[2012-12-16 16:37:53 | 000,005,504 | ---- | M] () -- C:\Documents and Settings\Hanna\maw32.lc
[2012-12-15 20:05:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-12-11 16:36:20 | 000,212,080 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-10 22:02:50 | 000,000,641 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Przewoźnik.lnk
[2012-12-10 22:02:50 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Kadrowiec.lnk
[2012-12-10 22:02:50 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\VATowiec.lnk
[2012-12-10 22:02:50 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Spedytor.lnk
[2012-12-10 22:02:50 | 000,000,612 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Celin.lnk
[2012-12-10 13:56:24 | 000,009,396 | ---- | M] () -- C:\Documents and Settings\Hanna\Moje dokumenty\praca.odt
[2012-12-09 18:04:48 | 000,002,346 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\CrossLoop Connect.lnk
[2012-12-08 18:36:46 | 000,000,876 | ---- | M] () -- C:\Documents and Settings\Hanna\Menu Start\Programy\Autostart\OpenOffice.org 2.4.lnk
[2012-12-08 17:54:34 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Hanna\Moje dokumenty\~$rodowe.rtf
[2012-12-05 18:20:04 | 000,062,075 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\VZM-1_C(2)(2011).pdf
[2012-12-05 16:10:39 | 000,405,722 | ---- | M] () -- C:\Documents and Settings\Hanna\Moje dokumenty\Zwrot VAT za materiały budowlane. Odzyskasz pieniądze za parkiet, za farby - już nie - Prawo - Muratordom.mdi
[2012-12-05 00:21:30 | 000,062,710 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\VZM-1_B(4)(2011).pdf
[2012-12-05 00:07:16 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\PDF Architect.lnk
[2012-12-05 00:06:06 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PDFCreator.lnk
[2012-12-01 01:03:08 | 000,000,335 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Mała Księgowość Rzeczpospolitej wersja sieciowa.lnk
[2012-12-01 01:03:08 | 000,000,330 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Mała Księgowość Rzeczpospolitej.lnk
[2012-12-01 01:03:08 | 000,000,320 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Oferty i Zamówienia Rzeczpospolitej.lnk
[2012-12-01 01:03:08 | 000,000,315 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\Biuro Rachunkowe Rzeczpospolitej.lnk
[2012-11-28 12:09:21 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\Hanna\Pulpit\DRUKI IPS.lnk
[2012-11-26 03:25:59 | 000,035,539 | ---- | M] () -- C:\Documents and Settings\Hanna\Moje dokumenty\WPŁATY ZA FAKTURY.rtf
[2012-11-21 17:22:05 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-11-21 17:22:05 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-11-19 00:53:21 | 000,134,432 | ---- | M] () -- C:\Documents and Settings\Hanna\Moje dokumenty\Ewidencja sprzedaży VAT 01.11.2012 - 30.11.2012.xml
[2012-11-18 22:37:50 | 000,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012-11-18 22:29:36 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-11-18 22:28:27 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-12-16 18:19:04 | 000,035,401 | ---- | C] () -- C:\Documents and Settings\Hanna\Moje dokumenty\Zestawienie faktur.HTML
[2012-12-11 19:14:11 | 000,005,504 | ---- | C] () -- C:\Documents and Settings\Hanna\maw32.lc
[2012-12-10 22:02:50 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Przewoźnik.lnk
[2012-12-10 22:02:50 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Kadrowiec.lnk
[2012-12-10 22:02:50 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\VATowiec.lnk
[2012-12-10 22:02:50 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Spedytor.lnk
[2012-12-10 22:02:50 | 000,000,612 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Celin.lnk
[2012-12-10 13:53:13 | 000,009,396 | ---- | C] () -- C:\Documents and Settings\Hanna\Moje dokumenty\praca.odt
[2012-12-09 18:04:48 | 000,002,346 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\CrossLoop Connect.lnk
[2012-12-08 18:36:46 | 000,000,876 | ---- | C] () -- C:\Documents and Settings\Hanna\Menu Start\Programy\Autostart\OpenOffice.org 2.4.lnk
[2012-12-08 17:54:34 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Hanna\Moje dokumenty\~$rodowe.rtf
[2012-12-06 20:07:31 | 000,001,418 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business SB4.LNK
[2012-12-06 20:07:31 | 000,001,416 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business BISTRO MULTI SB4.LNK
[2012-12-06 20:07:31 | 000,001,394 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business BISTRO SB4.LNK
[2012-12-06 20:07:31 | 000,001,386 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Small Business PALMTOPY SB4.LNK
[2012-12-05 16:10:34 | 000,405,722 | ---- | C] () -- C:\Documents and Settings\Hanna\Moje dokumenty\Zwrot VAT za materiały budowlane. Odzyskasz pieniądze za parkiet, za farby - już nie - Prawo - Muratordom.mdi
[2012-12-05 13:55:19 | 000,062,075 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\VZM-1_C(2)(2011).pdf
[2012-12-05 00:21:28 | 000,062,710 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\VZM-1_B(4)(2011).pdf
[2012-12-05 00:07:16 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\PDF Architect.lnk
[2012-12-05 00:06:06 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PDFCreator.lnk
[2012-12-01 01:03:08 | 000,000,335 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Mała Księgowość Rzeczpospolitej wersja sieciowa.lnk
[2012-12-01 01:03:08 | 000,000,330 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Mała Księgowość Rzeczpospolitej.lnk
[2012-12-01 01:03:08 | 000,000,320 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Oferty i Zamówienia Rzeczpospolitej.lnk
[2012-12-01 01:03:08 | 000,000,315 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\Biuro Rachunkowe Rzeczpospolitej.lnk
[2012-11-28 12:09:21 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\Hanna\Pulpit\DRUKI IPS.lnk
[2012-11-25 22:37:36 | 000,035,539 | ---- | C] () -- C:\Documents and Settings\Hanna\Moje dokumenty\WPŁATY ZA FAKTURY.rtf
[2012-11-21 17:22:05 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-11-21 17:22:05 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-11-21 17:21:43 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk
[2012-11-19 00:53:20 | 000,134,432 | ---- | C] () -- C:\Documents and Settings\Hanna\Moje dokumenty\Ewidencja sprzedaży VAT 01.11.2012 - 30.11.2012.xml
[2012-11-18 22:37:50 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012-11-18 22:28:27 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2012-11-15 20:18:54 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWIZARD.INI
[2012-11-15 19:25:30 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2012-11-15 16:07:07 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-11-15 16:07:06 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2012-11-15 16:07:04 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012-11-15 16:07:00 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012-11-15 16:04:32 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012-11-15 15:43:51 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012-11-14 22:42:24 | 000,000,132 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2012-11-14 03:06:22 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-11-14 03:05:04 | 000,212,080 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-11-14 01:20:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-11-14 01:14:05 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004-08-03 23:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012-11-18 22:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-12-16 16:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\firebird
[2012-11-21 17:22:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-12-05 00:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\APP_NAME_NON_STRING
[2012-12-04 23:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\Clickteam
[2012-11-18 22:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\DAEMON Tools Lite
[2012-11-22 01:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\Gadu-Gadu 10
[2012-12-06 20:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\LeftHand
[2012-12-05 00:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\PDF Architect
[2012-12-05 00:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanna\Dane aplikacji\pdfforge

========== Purity Check ==========



< End of report >

W temacie: Logi - Aktywowanie okien i programów po przejechaniu kursorem

18 12 2012 - 13:27

Najszybcej będę mógł to zrobić ok 16:30. Aktualnie pisze przez innego kompa a dopiero o rzeczonej godzinie bedę miał pena i zgram te programy na laptopa żeby wykonać te logi, bo gdybym tam neta załączył to nijak coś zrobić

  1. Forum Komputerowe Tweaks.pl
  2. Przeglądanie profilu: Posty: jakub995
  3. Polityka prywatności
  4. Szukaj
  5. Regulamin Forum ·