OTL logfile created on: 9/13/2011 11:59:33 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Microsoft Windows XP Dodatek Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 107.42 Gb Total Space | 83.89 Gb Free Space | 78.10% Space Free | Partition Type: NTFS Drive D: | 125.45 Gb Total Space | 113.76 Gb Free Space | 90.68% Space Free | Partition Type: NTFS Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand] -- -- (AppMgmt) SRV - [2010/09/10 06:05:58 | 001,098,312 | ---- | M] (G Data Software AG) [Auto] -- C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2010/08/25 19:28:53 | 001,330,792 | ---- | M] () [Auto] -- C:\Program Files\G Data\AntiVirus\AVK\AVKWCtl.exe -- (AVKWCtl) SRV - [2010/08/25 18:51:59 | 000,340,552 | ---- | M] (G Data Software AG) [On_Demand] -- C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan) SRV - [2010/07/20 07:27:24 | 000,410,696 | ---- | M] (G Data Software AG) [Auto] -- C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe -- (AVKService) SRV - [2010/04/07 08:57:42 | 000,099,896 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPSIsvc.exe -- (HPSIService) SRV - [2009/07/07 08:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice) SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand] -- -- (MBAMSwissArmy) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | System] -- -- (i2omgmt) DRV - File not found [Kernel | System] -- -- (Changer) DRV - File not found [Kernel | On_Demand] -- -- (adiusbaw) DRV - [2011/09/12 09:25:50 | 000,068,976 | ---- | M] (G Data Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GRD.sys -- (GRD) DRV - [2011/09/02 13:26:36 | 000,062,024 | ---- | M] (G Data Software AG) [Kernel | System] -- C:\WINDOWS\system32\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV - [2011/09/02 13:26:36 | 000,038,600 | ---- | M] (G Data Software AG) [Kernel | System] -- C:\WINDOWS\system32\drivers\HookCentre.sys -- (HookCentre) DRV - [2011/09/02 13:26:36 | 000,033,480 | ---- | M] (G Data Software AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\GDBehave.sys -- (GDBehave) DRV - [2011/06/08 07:39:07 | 000,051,400 | ---- | M] (G Data Software AG) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys -- (GDTdiInterceptor) DRV - [2009/08/02 07:57:38 | 000,724,736 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870) DRV - [2009/07/07 08:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis) DRV - [2009/07/07 08:48:44 | 000,025,392 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp) DRV - [2008/07/10 09:29:52 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2006/11/06 22:35:00 | 000,047,488 | R--- | M] (SCM Microsystems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SCR3XX2K.sys -- (SCR3xx USB Smart Card Reader) DRV - [2006/07/12 09:38:30 | 000,020,480 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006/07/12 09:38:28 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2005/10/11 12:07:38 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2004/10/27 10:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\XP_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\XP_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\XP_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)" FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?babsrc=HP_ss&affID=19946&mntrId=287aaf9d00000000000000259cbca9cca9cc" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:21.1.. FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.8 FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss&mntrId=287aaf9d00000000000000259cbca9cc&tlver=1.4.31.2&instlRef=sst&affID=19946&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/30 04:05:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/30 04:05:24 | 000,000,000 | ---D | M] [2010/05/07 01:48:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dane aplikacji\mozilla\Extensions [2011/08/11 02:23:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\XP\Dane aplikacji\mozilla\Firefox\Profiles\b8x2inni.default\extensions [2011/06/03 04:18:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\XP\Dane aplikacji\mozilla\Firefox\Profiles\b8x2inni.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/07/15 04:07:26 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\XP\Dane aplikacji\mozilla\Firefox\Profiles\b8x2inni.default\extensions\ffxtlbr@babylon.com [2011/08/11 02:23:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/09/02 13:15:33 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2011/05/04 08:10:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/05/04 08:09:49 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011/05/04 08:09:47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/07/07 09:26:51 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011/07/15 04:07:02 | 000,002,291 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2011/07/07 09:26:51 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011/07/07 09:26:51 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011/07/07 09:26:51 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011/07/07 09:26:51 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011/07/07 09:26:51 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006/03/02 08:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\Webfilter\AvkWebIE.dll (G Data Software AG) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\Webfilter\AvkWebIE.dll (G Data Software AG) O3 - HKU\XP_ON_C\..\Toolbar\WebBrowser: (no name) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No CLSID value found. O4 - HKLM..\Run: [CryptoCard Suite Cert Monitor] C:\Program Files\CryptoTech\CryptoCard\CCMonitor.exe (CryptoTech Sp. z o.o.) O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider) O4 - HKLM..\Run: [Linksys Wireless Manager] C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKU\XP_ON_C..\Run: [MSMSGS] File not found O4 - HKU\XP_ON_C..\Run: [Samsung_AppInst] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\XP_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1195733084867 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.233.233.233 87.204.204.204 O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/11/22 15:02:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{1ccdb433-463f-11df-a7c8-4d6564696130}\Shell - "" = Autorun O33 - MountPoints2\{1ccdb433-463f-11df-a7c8-4d6564696130}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL start.exe O33 - MountPoints2\{4d30d116-ab1c-11e0-a597-00259cbca9cc}\Shell - "" = AutoRun O33 - MountPoints2\{4d30d116-ab1c-11e0-a597-00259cbca9cc}\Shell\AutoRun\command - "" = F:\SISetup.exe O33 - MountPoints2\{f3cb0f38-5784-11df-a7fa-001bfcd9ae21}\Shell - "" = AutoRun O33 - MountPoints2\{f3cb0f38-5784-11df-a7fa-001bfcd9ae21}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{fb6b6fa8-1c98-11e0-a9ba-00259cbca9cc}\Shell - "" = Autorun O33 - MountPoints2\{fb6b6fa8-1c98-11e0-a9ba-00259cbca9cc}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL start.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/09/13 16:46:25 | 000,000,000 | RH-D | C] -- C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne [2011/09/13 16:46:25 | 000,000,000 | RH-D | C] -- C:\WINDOWS\system32\config\systemprofile\SendTo [2011/09/13 16:46:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\system32\config\systemprofile\Szablony [2011/09/13 16:46:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\system32\config\systemprofile\Recent [2011/09/13 16:46:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\system32\config\systemprofile\PrintHood [2011/09/13 16:46:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\system32\config\systemprofile\NetHood [2011/09/13 16:46:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32\config\systemprofile\Ulubione [2011/09/13 16:46:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32\config\systemprofile\Pulpit [2011/09/13 16:46:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32\config\systemprofile\Moje dokumenty [2011/09/13 16:46:24 | 000,000,000 | --SD | C] -- C:\WINDOWS\system32\config\systemprofile\Dane aplikacji\Microsoft [2011/09/13 16:46:24 | 000,000,000 | RH-D | C] -- C:\WINDOWS\system32\config\systemprofile\Dane aplikacji [2011/09/13 16:46:24 | 000,000,000 | R--D | C] -- C:\WINDOWS\system32\config\systemprofile\Menu Start [2011/09/13 16:46:24 | 000,000,000 | -HSD | C] -- C:\WINDOWS\system32\config\systemprofile\Cookies [2011/09/12 17:47:09 | 000,000,000 | ---D | C] -- C:\czerwiec [2011/09/12 16:58:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\backup [2011/09/12 15:08:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\tmp3 [2011/09/12 14:43:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/09/12 14:40:55 | 000,000,000 | ---D | C] -- C:\config2 [2011/09/12 09:28:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config [2011/09/12 09:03:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\tmp2 [2011/09/12 09:00:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\tmp [2011/09/12 08:59:59 | 000,000,000 | ---D | C] -- C:\tmp2 [2011/09/12 08:51:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\tmp [2011/09/12 08:34:26 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll [2011/09/12 08:30:36 | 000,020,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys [2011/09/09 04:01:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Pulpit\bew-pol [2011/09/03 06:17:23 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2011/09/03 03:23:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\XP\Recent [2011/09/03 02:41:06 | 000,000,000 | ---D | C] -- C:\Program Files\totalcmd [2011/09/03 02:41:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dane aplikacji\GHISLER [2011/09/03 02:26:20 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011/09/03 02:18:23 | 000,000,000 | ---D | C] -- C:\Programy Serwisowe [2011/09/02 13:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\G Data AntiVirus 2011 [2011/09/02 13:15:31 | 000,038,600 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\HookCentre.sys [2011/08/20 03:15:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\LocalService\Recent [2011/08/20 03:15:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Pulpit [2011/08/20 03:15:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Menu Start [2011/08/20 03:15:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Menu Start\Programy\Autostart [2011/08/19 07:53:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\XP\Pulpit\exat [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/09/12 18:04:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/09/12 17:56:57 | 000,073,451 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011/09/12 17:56:52 | 000,000,298 | -HS- | M] () -- C:\WINDOWS\tasks\VRPB.job [2011/09/12 17:16:17 | 000,005,754 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/09/12 16:56:49 | 000,005,754 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak [2011/09/12 16:51:44 | 000,251,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/09/12 15:29:41 | 000,578,838 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011/09/12 15:29:41 | 000,514,886 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/09/12 15:29:41 | 000,118,002 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011/09/12 15:29:41 | 000,095,086 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/09/12 15:28:54 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2011/09/12 09:25:50 | 000,068,976 | ---- | M] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys [2011/09/09 05:37:05 | 000,279,317 | ---- | M] () -- C:\Documents and Settings\XP\Pulpit\FAKTURA.jpg [2011/09/08 09:45:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011/09/08 08:03:28 | 000,240,721 | ---- | M] () -- C:\Documents and Settings\XP\Pulpit\zaświadczenie 001.jpg [2011/09/07 02:25:00 | 000,023,212 | ---- | M] () -- C:\Documents and Settings\XP\Pulpit\WORKI.ods [2011/09/07 02:00:59 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/09/06 05:06:55 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011/09/06 03:44:50 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\XP\Moje dokumenty\Mój komputer (2).lnk [2011/09/06 03:44:48 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\XP\Moje dokumenty\Mój komputer.lnk [2011/09/06 01:54:07 | 000,233,983 | ---- | M] () -- C:\Documents and Settings\XP\Pulpit\CWA_Faktura_indywidualna_220-109-0950-2159_11_09_M.pdf [2011/09/03 06:17:23 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2011/09/03 03:09:15 | 003,932,214 | ---- | M] () -- C:\Documents and Settings\XP\Pulpit\screen.bmp [2011/09/03 02:41:08 | 000,000,708 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Total Commander.lnk [2011/09/02 13:26:36 | 000,062,024 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys [2011/09/02 13:26:36 | 000,038,600 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\HookCentre.sys [2011/09/02 13:26:36 | 000,033,480 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys [2011/09/02 13:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Start\Programy\G Data AntiVirus 2011 [2011/09/02 13:15:24 | 000,001,800 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\G Data AntiVirus.lnk [2011/08/31 09:15:48 | 000,018,311 | ---- | M] () -- C:\Documents and Settings\XP\Pulpit\SPECYFIKACJA sokpol 400x0,06 31-07-2011.ods [2011/08/23 05:40:56 | 000,461,386 | ---- | M] () -- C:\Documents and Settings\XP\Pulpit\aneks 001.jpg [2011/08/22 06:38:00 | 000,344,691 | ---- | M] () -- C:\Documents and Settings\XP\Pulpit\aneks.jpg [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/09/09 05:36:44 | 000,279,317 | ---- | C] () -- C:\Documents and Settings\XP\Pulpit\FAKTURA.jpg [2011/09/08 08:03:07 | 000,240,721 | ---- | C] () -- C:\Documents and Settings\XP\Pulpit\zaświadczenie 001.jpg [2011/09/06 03:44:50 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\XP\Moje dokumenty\Mój komputer (2).lnk [2011/09/06 03:44:48 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\XP\Moje dokumenty\Mój komputer.lnk [2011/09/06 01:54:07 | 000,233,983 | ---- | C] () -- C:\Documents and Settings\XP\Pulpit\CWA_Faktura_indywidualna_220-109-0950-2159_11_09_M.pdf [2011/09/03 03:09:15 | 003,932,214 | ---- | C] () -- C:\Documents and Settings\XP\Pulpit\screen.bmp [2011/09/03 02:41:08 | 000,000,708 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Total Commander.lnk [2011/09/03 02:41:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF [2011/09/03 02:41:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF [2011/09/03 02:41:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF [2011/09/03 02:41:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF [2011/09/03 02:41:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF [2011/09/03 02:41:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF [2011/09/03 02:41:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF [2011/09/02 13:15:24 | 000,001,800 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\G Data AntiVirus.lnk [2011/08/31 09:15:46 | 000,018,311 | ---- | C] () -- C:\Documents and Settings\XP\Pulpit\SPECYFIKACJA sokpol 400x0,06 31-07-2011.ods [2011/08/23 05:40:31 | 000,461,386 | ---- | C] () -- C:\Documents and Settings\XP\Pulpit\aneks 001.jpg [2011/08/22 06:37:35 | 000,344,691 | ---- | C] () -- C:\Documents and Settings\XP\Pulpit\aneks.jpg [2011/07/25 07:45:05 | 000,119,542 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2011/07/15 04:07:40 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [2011/07/10 13:47:46 | 001,511,424 | ---- | C] () -- C:\WINDOWS\System32\HP1100SM.EXE [2011/07/10 13:47:46 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\HP1100LM.DLL [2011/07/10 13:45:16 | 000,284,160 | ---- | C] () -- C:\WINDOWS\System32\mvhlewsi.DLL [2011/07/10 13:45:12 | 000,049,664 | ---- | C] () -- C:\WINDOWS\System32\HP1100SMs.dll [2011/05/09 03:37:02 | 000,118,272 | RHS- | C] () -- C:\WINDOWS\System32\chcpr.dll [2011/02/17 14:52:09 | 000,000,079 | ---- | C] () -- C:\WINDOWS\pit2010.ini [2011/02/17 14:52:09 | 000,000,021 | ---- | C] () -- C:\WINDOWS\pit2007.ini [2011/02/14 10:27:34 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011/02/04 02:40:00 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011/02/04 02:39:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2011/02/04 02:39:53 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011/02/04 02:39:53 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011/02/04 02:39:51 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010/12/23 09:08:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI [2010/10/03 05:59:56 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\atscie.msi [2010/10/03 05:55:35 | 000,013,931 | R--- | C] () -- C:\WINDOWS\System32\RaCoInst.dat [2010/08/23 02:39:23 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\XP\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/08/05 03:17:35 | 000,001,421 | ---- | C] () -- C:\Documents and Settings\XP\Certyfikat1.cer [2010/05/07 01:48:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010/04/26 03:22:39 | 000,036,080 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2010/04/19 02:14:19 | 000,000,238 | ---- | C] () -- C:\Documents and Settings\XP\intlname.ols [2010/04/17 03:06:29 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010/04/13 10:17:50 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\XP\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010/04/11 10:50:45 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2010/04/11 09:59:29 | 000,002,596 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Config.nt.bak [2010/04/11 09:59:29 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Autoexec.nt.bak [2010/04/11 09:59:29 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\hosts.bak [2010/04/11 09:50:01 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini [2010/04/11 09:35:13 | 000,000,046 | ---- | C] () -- C:\WINDOWS\adiras.ini [2009/04/01 04:48:16 | 000,053,478 | ---- | C] () -- C:\WINDOWS\mvtcpui.ini [2007/11/22 15:53:05 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2007/11/22 15:52:09 | 000,251,088 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2007/11/22 15:05:42 | 000,016,918 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2007/11/22 15:05:39 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2007/11/22 15:03:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2007/11/22 15:00:05 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2006/07/13 01:19:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006/07/13 01:19:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2006/07/13 01:19:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006/07/13 01:19:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2006/07/13 01:19:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006/07/13 01:19:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006/07/13 01:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006/07/13 01:19:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2006/07/13 01:19:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2006/07/13 01:19:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006/07/13 01:19:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006/05/05 19:14:38 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat [2006/03/02 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2006/03/02 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2006/03/02 08:00:00 | 000,578,838 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2006/03/02 08:00:00 | 000,514,886 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2006/03/02 08:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2006/03/02 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2006/03/02 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2006/03/02 08:00:00 | 000,118,002 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2006/03/02 08:00:00 | 000,095,086 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2006/03/02 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2006/03/02 08:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2006/03/02 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2006/03/02 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006/03/02 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2006/03/02 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2006/03/02 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2001/07/06 21:00:02 | 000,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [color=#E56717]========== LOP Check ==========[/color] [2010/04/12 09:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\.szafir [2011/07/15 04:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\Babylon [2011/07/15 05:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\BabylonToolbar [2011/09/03 02:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\GHISLER [2010/04/11 09:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\InterTrust [2010/05/04 09:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\iPlus [2011/05/04 08:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\OpenOffice.org [2011/04/14 09:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\Opera [2011/07/15 04:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon [2010/04/16 09:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Clarus [2011/01/12 03:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\e-file [2011/09/09 01:13:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\G DATA [2011/09/12 17:56:52 | 000,000,298 | -HS- | M] () -- C:\WINDOWS\Tasks\VRPB.job [color=#E56717]========== Purity Check ==========[/color] < End of report >