OTL logfile created on: 2011-10-15 11:13:21 - Run 2
OTL by OldTimer - Version 3.2.29.1     Folder = D:\czyszczenie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,99 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 71,61% Memory free
3,83 Gb Paging File | 3,39 Gb Available in Paging File | 88,49% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 99,95 Gb Total Space | 66,42 Gb Free Space | 66,45% Space Free | Partition Type: NTFS
Drive D: | 49,10 Gb Total Space | 48,63 Gb Free Space | 99,05% Space Free | Partition Type: NTFS
Drive E: | 118,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: COMPAQ17 | User Name: izas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011-10-13 13:43:48 | 000,582,656 | ---- | M] (OldTimer Tools) -- D:\czyszczenie\OTL.exe
PRC - [2011-01-12 14:42:22 | 000,526,336 | ---- | M] () -- C:\Program Files\CryptoTech\CryptoCard\CCMonitor.exe
PRC - [2010-12-10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) -- C:\Minibank24\MSDE_2005\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009-10-07 09:16:50 | 000,472,280 | ---- | M] (ESET) -- c:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009-10-07 09:15:42 | 001,461,080 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009-07-22 18:54:14 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2009-07-22 18:53:44 | 002,736,128 | ---- | M] (Firebird Project) -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-08-09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006-01-20 18:50:18 | 000,262,144 | ---- | M] (Gemplus) -- C:\Program Files\Gemplus\GemSafe Libraries\BIN\GCardSrv.exe
PRC - [2006-01-20 18:15:32 | 000,118,784 | ---- | M] (Gemplus) -- C:\Program Files\Gemplus\GemSafe Libraries\BIN\GCardSrvNT.exe
PRC - [2004-11-29 19:10:52 | 000,167,936 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) -- C:\WINDOWS\system32\MSTMON_Q.EXE
PRC - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011-01-12 14:42:22 | 000,526,336 | ---- | M] () -- C:\Program Files\CryptoTech\CryptoCard\CCMonitor.exe
MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2003-05-22 17:09:11 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL
MOD - [2001-10-28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - [2010-12-10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Minibank24\MSDE_2005\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MINIBANK24) SQL Server (MINIBANK24)
SRV - [2009-10-07 09:21:14 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- c:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-10-07 09:16:50 | 000,472,280 | ---- | M] (ESET) [Auto | Running] -- c:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009-07-22 18:54:14 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2009-07-22 18:53:44 | 002,736,128 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007-08-09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006-01-20 18:15:32 | 000,118,784 | ---- | M] (Gemplus) [Auto | Running] -- C:\Program Files\Gemplus\GemSafe Libraries\BIN\GCardSrvNT.exe -- (GemSAFE Card Server)
SRV - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
SRV - [1998-11-27 23:43:52 | 004,964,624 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Minibank24\MSDE\Binn\sqlservr.exe -- (MSSQLServer)
SRV - [1998-11-13 02:09:58 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Minibank24\MSDE\Binn\sqlagent.exe -- (SQLServerAgent)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2009-10-07 09:18:36 | 000,035,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009-10-07 09:12:22 | 000,054,184 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2009-10-07 09:11:10 | 000,040,824 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009-08-10 12:07:32 | 000,089,600 | ---- | M] (Gemalto) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GemCCID.sys -- (GemCCID)
DRV - [2008-04-13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007-10-17 23:11:00 | 000,056,448 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SCR3XX2K.sys -- (SCR3XX2K)
DRV - [2007-03-27 03:21:06 | 004,395,008 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-03-15 14:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2005-05-17 04:51:34 | 000,005,315 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2004-11-16 15:46:38 | 000,190,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004-08-14 02:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-08-04 10:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004-08-04 10:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004-08-03 19:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004-08-03 19:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004-08-03 19:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004-08-03 19:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004-08-03 19:29:46 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004-08-03 19:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004-08-03 19:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004-08-03 19:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004-08-03 19:29:42 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004-08-03 19:29:40 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004-08-03 19:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004-08-03 19:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004-08-03 19:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004-08-03 19:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004-08-03 19:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2004-02-04 12:34:16 | 000,051,584 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2003-07-22 16:44:18 | 000,018,848 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\MLPTDR_Q.SYS -- (MLPTDR_Q)
DRV - [2002-10-04 11:21:18 | 000,061,776 | ---- | M] (Gemplus) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTwinUSB.sys -- (GTwinUSB)
DRV - [2002-04-04 08:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0415/bl8.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3643535995-755428864-1777320320-1112\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0415/bl8.asp
IE - HKU\S-1-5-21-3643535995-755428864-1777320320-1112\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-3643535995-755428864-1777320320-1112\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
 
 
 
O1 HOSTS File: ([2004-08-04 10:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKU\S-1-5-21-3643535995-755428864-1777320320-1112\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [CryptoCard Suite Cert Monitor] C:\Program Files\CryptoTech\CryptoCard\CCMonitor.exe ()
O4 - HKLM..\Run: [egui] c:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [KONICA MINOLTA PagePro 1350WStatusDisplay] C:\WINDOWS\system32\MSTMON_Q.EXE (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3643535995-755428864-1777320320-1112\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: Tłumacz z polskiego na angielski - {7BFE183A-7A50-420C-84EE-6EFD2DA47994} - C:\Program Files\TransAng3\tren3ie_tlumacz2.htm ()
O9 - Extra 'Tools' menuitem : Tłumacz z polskiego na angielski - {7BFE183A-7A50-420C-84EE-6EFD2DA47994} - C:\Program Files\TransAng3\tren3ie_tlumacz2.htm ()
O9 - Extra Button: Tłumacz z angielskiego na polski - {7DE19680-4CF2-418B-BB5F-6374EDB40116} - C:\Program Files\TransAng3\tren3ie_tlumacz.htm ()
O9 - Extra 'Tools' menuitem : Tłumacz z angielskiego na polski - {7DE19680-4CF2-418B-BB5F-6374EDB40116} - C:\Program Files\TransAng3\tren3ie_tlumacz.htm ()
O9 - Extra Button: Opcje tłumaczenia (angielsko-polski) - {7F27B609-F13A-42FC-8D66-3AE87E5E01D8} - C:\Program Files\TransAng3\tren3ie_opcje.htm ()
O9 - Extra 'Tools' menuitem : Opcje tłumaczenia (angielsko-polski) - {7F27B609-F13A-42FC-8D66-3AE87E5E01D8} - C:\Program Files\TransAng3\tren3ie_opcje.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = KOWARY.DYWAN
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E185046-3B07-4248-98AE-731B5769B175}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0853169-71F1-4CC0-8EA2-F674CE273CED}: DhcpNameServer = 194.204.152.34 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\izas\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\izas\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-10-01 00:42:06 | 000,000,208 | RH-- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{7859b857-8396-11e0-a104-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{7859b857-8396-11e0-a104-806d6172696f}\Shell\AutoRun\command - "" = E:\BootCD\WinTools\Autorun.exe -- [2008-10-01 00:42:06 | 000,010,240 | R--- | M] ()
O33 - MountPoints2\{7859b857-8396-11e0-a104-806d6172696f}\Shell\Option1\Command - "" = E:\BootCD\WinTools\Autorun.exe -- [2008-10-01 00:42:06 | 000,010,240 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011-10-15 11:10:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\izas\Ustawienia lokalne\Dane aplikacji\Magentic
[2011-10-15 11:09:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\izas\Menu Start\Programy\Ad-Remover
[2011-10-15 11:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011-10-13 14:15:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\izas\InstallAnywhere
[2011-10-13 07:38:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\izas\Pulpit\WARTA
[2011-10-05 13:45:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\izas\Pulpit\polak
[2011-10-05 13:45:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\izas\Pulpit\justyna
[2011-10-03 13:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\izas\Menu Start\Programy\Advanced Access Password Recovery
[2011-10-03 13:10:13 | 000,000,000 | ---D | C] -- C:\Program Files\ACPR
[2011-10-03 13:09:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\7-Zip
[2011-10-03 13:09:21 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011-10-03 11:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SchCache
[2011-10-03 11:53:57 | 000,246,552 | ---- | C] (ForensiT Limited) -- C:\WINDOWS\User Profile Migration Service.exe
[2011-09-28 07:32:47 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011-09-26 11:41:54 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaccrc.dll
[2011-09-26 11:41:20 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleacc.dll
[2011-09-24 13:03:54 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011-09-20 14:09:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PDFCreator
[2011-09-20 14:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\izas\Dane aplikacji\pdfforge
[2011-09-20 14:09:46 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2011-09-20 14:09:46 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX
[2011-09-20 14:09:44 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL
[2011-09-20 14:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2009-06-17 13:01:53 | 001,542,558 | ---- | C] (Zakład Usług Informatycznych PALOMAR                        ) -- C:\Program Files\kowary.exe
[2009-05-15 13:29:51 | 000,045,312 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Program Files\SETUP.EXE
[2009-05-15 13:29:51 | 000,006,128 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Program Files\_SETUP.DLL
[2009-05-15 13:29:50 | 000,008,192 | ---- | C] (Stirling Technologies, Inc.) -- C:\Program Files\_ISDEL.EXE
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011-10-15 11:09:30 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\izas\Pulpit\Ad-Remover.lnk
[2011-10-15 11:08:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-10-15 11:08:18 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-10-15 11:07:50 | 2137,116,672 | -HS- | M] () -- C:\hiberfil.sys
[2011-10-15 11:07:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-10-15 09:42:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-10-14 12:39:45 | 000,002,475 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\enova.lnk
[2011-10-14 12:10:42 | 000,002,217 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BOSS PRO, PRESTIŻ.lnk
[2011-10-13 14:15:20 | 000,001,843 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011-10-13 12:28:50 | 000,000,459 | ---- | M] () -- C:\Documents and Settings\izas\Pulpit\Iza skanowanie.lnk
[2011-10-13 09:58:59 | 000,002,299 | ---- | M] () -- C:\Documents and Settings\izas\intlname.ols
[2011-10-13 07:40:32 | 000,002,557 | ---- | M] () -- C:\Documents and Settings\izas\Pulpit\Microsoft Office Excel 2003.lnk
[2011-10-13 07:10:41 | 000,332,280 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-10-12 15:26:05 | 000,604,820 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-10-12 15:26:05 | 000,545,466 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-10-12 15:26:05 | 000,131,416 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-10-12 15:26:05 | 000,113,362 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-10-12 15:22:46 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-10-11 10:49:03 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\izas\Pulpit\Microsoft Office Word 2003.lnk
[2011-10-03 13:32:51 | 000,001,766 | -H-- | M] () -- C:\Documents and Settings\izas\Moje dokumenty\Default.rdp
[2011-10-03 13:15:15 | 000,000,282 | ---- | M] () -- C:\WINDOWS\acpr.ini
[2011-10-03 11:53:57 | 000,246,552 | ---- | M] (ForensiT Limited) -- C:\WINDOWS\User Profile Migration Service.exe
[2011-10-03 11:50:44 | 000,002,958 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011-09-30 21:07:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\hpmnwun.ini
[2011-09-28 07:32:47 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011-09-26 11:41:54 | 000,614,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uiautomationcore.dll
[2011-09-26 11:41:54 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oleaccrc.dll
[2011-09-26 11:41:54 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaccrc.dll
[2011-09-26 11:41:20 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleacc.dll
[2011-09-24 13:29:54 | 203,048,448 | ---- | M] () -- C:\WINDOWS\System32\24092011_Jarek
[2011-09-20 14:20:43 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2011-09-20 14:09:51 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PDFCreator.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011-10-15 11:09:30 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\izas\Pulpit\Ad-Remover.lnk
[2011-10-14 12:10:00 | 2137,116,672 | -HS- | C] () -- C:\hiberfil.sys
[2011-10-13 07:32:58 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\izas\Moje dokumenty\Program Pit 2009 - rozliczenie roczne.lnk
[2011-10-03 13:12:36 | 000,000,282 | ---- | C] () -- C:\WINDOWS\acpr.ini
[2011-10-03 13:10:13 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\Acpr.ini
[2011-10-03 11:50:44 | 000,002,958 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011-09-24 13:29:38 | 203,048,448 | ---- | C] () -- C:\WINDOWS\System32\24092011_Jarek
[2011-09-20 14:20:43 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 9.lnk
[2011-09-20 14:20:43 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2011-09-20 14:09:51 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PDFCreator.lnk
[2011-09-20 14:09:46 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011-05-23 10:10:16 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\izas\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2011-05-21 13:39:28 | 000,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2011-05-21 13:39:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-05-21 13:33:31 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2011-01-07 15:47:10 | 000,000,079 | ---- | C] () -- C:\WINDOWS\pit2010.ini
[2010-11-22 15:16:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpmnwun.ini
[2010-04-23 11:15:33 | 000,189,480 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2010-04-23 11:14:27 | 000,001,165 | ---- | C] () -- C:\WINDOWS\VID55.INI
[2010-04-23 11:14:27 | 000,000,362 | ---- | C] () -- C:\WINDOWS\VTEL55.INI
[2010-04-23 11:14:27 | 000,000,124 | ---- | C] () -- C:\WINDOWS\DIALUP55.INI
[2010-01-11 16:08:35 | 000,000,079 | ---- | C] () -- C:\WINDOWS\pit2009.ini
[2009-07-06 11:20:34 | 000,001,282 | ---- | C] () -- C:\WINDOWS\MxGrid.INI
[2009-07-06 11:12:39 | 000,000,066 | ---- | C] () -- C:\WINDOWS\mxreader.INI
[2009-07-06 11:09:59 | 000,002,055 | R--- | C] () -- C:\WINDOWS\BTI.INI
[2009-05-15 13:29:51 | 000,320,411 | ---- | C] () -- C:\Program Files\_INST32I.EX_
[2009-05-15 13:29:51 | 000,070,711 | ---- | C] () -- C:\Program Files\SETUP.INS
[2009-05-15 13:29:51 | 000,002,665 | ---- | C] () -- C:\Program Files\SETUP.PKG
[2009-05-15 13:29:51 | 000,000,025 | ---- | C] () -- C:\Program Files\SETUP.INI
[2009-05-15 13:29:51 | 000,000,005 | ---- | C] () -- C:\Program Files\DISK1.ID
[2009-05-15 13:29:50 | 002,571,056 | ---- | C] () -- C:\Program Files\_SETUP.1
[2009-05-15 13:29:50 | 000,505,975 | ---- | C] () -- C:\Program Files\_SETUP.LIB
[2009-05-15 13:27:31 | 003,403,540 | ---- | C] () -- C:\Program Files\kasa.exe
[2009-05-14 15:29:30 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2009-01-20 13:44:19 | 000,000,079 | ---- | C] () -- C:\WINDOWS\pit2008.ini
[2008-09-24 10:37:50 | 000,692,865 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2008-09-24 10:37:50 | 000,012,245 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2008-02-20 11:11:16 | 000,035,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2008-01-09 09:13:54 | 000,000,079 | ---- | C] () -- C:\WINDOWS\pit2007.ini
[2007-07-20 09:57:36 | 000,079,752 | ---- | C] () -- C:\WINDOWS\System32\SigSWait.exe
[2007-04-12 13:01:49 | 000,005,378 | ---- | C] () -- C:\WINDOWS\Mini Intrastat Deinstal.dat
[2007-03-19 12:58:54 | 000,005,203 | ---- | C] () -- C:\WINDOWS\IntrastatIB Deinstal.dat
[2007-03-19 12:41:58 | 000,399,363 | ---- | C] () -- C:\WINDOWS\UninstallHS.exe
[2005-12-03 16:42:52 | 000,000,731 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2005-06-30 12:29:16 | 000,000,104 | ---- | C] () -- C:\WINDOWS\DFUWIN32.INI
[2005-06-10 17:42:52 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\jst.dll
[2005-06-10 17:42:52 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PMLJNI.dll
[2005-06-10 17:41:31 | 000,001,271 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2005-06-10 17:41:17 | 000,192,512 | R--- | C] () -- C:\WINDOWS\System32\HPB1320V.DLL
[2005-06-10 17:41:17 | 000,000,319 | R--- | C] () -- C:\WINDOWS\System32\HPB1320V.DAT
[2005-06-10 17:40:36 | 000,012,675 | ---- | C] () -- C:\WINDOWS\hplj1320.ini
[2005-05-20 09:05:46 | 000,000,080 | ---- | C] () -- C:\WINDOWS\hppta.ini
[2005-03-04 14:01:24 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\ArcaOnlineUninstall.exe
[2005-02-23 20:27:43 | 000,086,528 | R--- | C] () -- C:\WINDOWS\System32\KONWERT.DLL
[2005-02-23 19:55:52 | 000,000,856 | ---- | C] () -- C:\WINDOWS\hplj1300.ini
[2005-02-23 19:53:44 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\Bot.dll
[2005-02-23 19:53:44 | 000,000,098 | ---- | C] () -- C:\WINDOWS\PSXLPR.INI
[2005-02-23 19:50:16 | 000,002,176 | ---- | C] () -- C:\WINDOWS\FONTSMRT.INI
[2005-02-23 19:50:03 | 000,000,415 | ---- | C] () -- C:\WINDOWS\prntname.ini
[2005-02-23 19:49:19 | 000,000,075 | ---- | C] () -- C:\WINDOWS\tmprn.ini
[2005-02-23 18:45:29 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005-02-03 17:19:50 | 000,000,685 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005-02-03 08:37:51 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005-02-03 08:30:39 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2004-09-14 04:42:52 | 000,015,200 | ---- | C] () -- C:\WINDOWS\MSTMON_Q.INI
[2004-09-13 12:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004-09-13 12:03:52 | 000,604,820 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2004-09-13 12:03:52 | 000,545,466 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004-09-13 12:03:52 | 000,131,416 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2004-09-13 12:03:52 | 000,113,362 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004-09-13 12:00:04 | 000,332,280 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004-09-13 11:53:02 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004-09-13 11:48:14 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004-08-04 10:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004-08-04 10:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2004-08-04 10:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004-08-04 10:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004-08-04 10:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004-08-04 10:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2004-08-04 10:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004-08-04 10:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-08-04 10:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004-08-04 10:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003-07-28 19:04:22 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\setupw2k.dll
[2003-07-14 12:53:56 | 000,011,521 | ---- | C] () -- C:\WINDOWS\MSUMLT_Q.INI
[2003-05-22 17:09:11 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2003-03-25 13:32:28 | 000,062,976 | ---- | C] () -- C:\WINDOWS\System32\SkanerOnlineUninstall.exe
[2002-05-28 10:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002-05-28 10:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-10-04 15:40:54 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\nwslog32.dll
[2001-07-07 03:00:02 | 000,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-05-23 10:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\.k3d
[2011-05-30 14:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Soneta
[2006-11-04 12:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\TransAng3
[2011-07-15 11:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2008-07-02 08:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2011-06-07 07:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IM
[2011-06-07 07:47:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IncrediMail
[2008-09-24 10:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sigillum
[2011-07-15 11:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\izas\Dane aplikacji\Canneverbe Limited
[2011-09-20 14:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\izas\Dane aplikacji\pdfforge
[2011-10-14 15:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\izas\Dane aplikacji\Soneta
[2011-09-24 13:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\izas.KOWARY\Dane aplikacji\Soneta
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >