OTL logfile created on: 2010-09-12 22:48:40 - Run 1 OTL by OldTimer - Version 3.2.12.0 Folder = D:\viru Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 502,00 Mb Total Physical Memory | 154,00 Mb Available Physical Memory | 31,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 65,00% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 52,96 Gb Total Space | 39,06 Gb Free Space | 73,75% Space Free | Partition Type: NTFS Drive D: | 7,45 Gb Total Space | 2,62 Gb Free Space | 35,18% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ACER Current User Name: dom Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-09-12 22:40:24 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\viru\OTL.exe PRC - [2010-03-25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe PRC - [2009-12-21 13:07:54 | 000,446,464 | ---- | M] () -- C:\Program Files\iPlus\iPlusChecker.exe PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008-05-16 17:39:16 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdrcoms.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-12-20 11:48:42 | 000,204,800 | ---- | M] (OptionNV) -- C:\Program Files\iPlus\Drivers\Driver2k\GTMax3.6\GtDetectSc.exe PRC - [2007-12-20 11:48:42 | 000,204,800 | ---- | M] (Option) -- C:\Program Files\iPlus\Drivers\Driver2k\GTMax3.6\GtFlashSwitch.exe PRC - [2005-06-06 19:08:58 | 001,273,344 | ---- | M] (OSA Technologies Inc.) -- C:\Acer\eManager\anbmServ.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-09-12 22:40:24 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\viru\OTL.exe MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010-03-25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc) SRV - [2008-05-16 17:39:16 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdrcoms.exe -- (lxdr_device) SRV - [2008-05-16 17:39:04 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdrserv.exe -- (lxdrCATSCustConnectService) SRV - [2007-12-20 11:48:42 | 000,204,800 | ---- | M] (OptionNV) [Auto | Running] -- C:\Program Files\iPlus\Drivers\Driver2k\GTMax3.6\GtDetectSc.exe -- (GtDetectSc) SRV - [2007-12-20 11:48:42 | 000,204,800 | ---- | M] (Option) [Auto | Running] -- C:\Program Files\iPlus\Drivers\Driver2k\GTMax3.6\GtFlashSwitch.exe -- (GtFlashSwitch) SRV - [2005-06-06 19:08:58 | 001,273,344 | ---- | M] (OSA Technologies Inc.) [Auto | Running] -- C:\Acer\eManager\anbmServ.exe -- (anbmService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\PCAMPR5.SYS -- (PCAMPR5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\CnxTgNW.sys -- (CnxTgNW) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\CnxEtU.sys -- (CnxEtU) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\CnxEtP.sys -- (CnxEtP) DRV - [2010-03-25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MpFilter.sys -- (MpFilter) DRV - [2008-04-14 00:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008-04-14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008-04-14 00:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp) DRV - [2008-04-14 00:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp) DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2007-12-20 11:48:36 | 000,095,744 | ---- | M] (Option NV) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Gt51Ip.sys -- (GT72NDISIPXP) DRV - [2007-12-20 11:48:36 | 000,051,968 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt72ubus.sys -- (GT72UBUS) DRV - [2007-12-20 11:48:36 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtptser.sys -- (GTPTSER) DRV - [2006-05-25 16:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb) DRV - [2005-08-24 19:53:34 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr) DRV - [2005-08-09 16:43:00 | 003,855,360 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005-06-30 16:58:24 | 000,007,296 | ---- | M] (OSA Technologies, An Avocent Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio) DRV - [2005-06-30 15:16:58 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2005-06-30 15:16:06 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2005-06-30 15:16:02 | 000,716,416 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005-04-07 18:08:46 | 000,078,208 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd) DRV - [2005-03-04 11:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp) DRV - [2005-01-14 15:57:16 | 000,004,010 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osanbm.sys -- (osanbm) DRV - [2005-01-13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\acer\eRecovery\int15.sys -- (int15.sys) DRV - [2005-01-10 15:47:14 | 000,449,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211) DRV - [2005-01-07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService) DRV - [2004-12-17 17:14:44 | 000,013,952 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper) DRV - [2004-12-08 14:10:00 | 000,016,896 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr) DRV - [2004-11-16 12:06:00 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Sterownik karty Intel(R) DRV - [2004-10-08 14:33:46 | 000,185,824 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2004-08-04 20:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k) DRV - [2004-08-04 20:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2004-08-04 20:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2004-08-04 20:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280) DRV - [2004-08-04 20:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160) DRV - [2004-08-04 20:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080) DRV - [2004-08-04 20:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra) DRV - [2004-08-04 20:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx) DRV - [2004-08-04 20:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3) DRV - [2004-08-04 20:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi) DRV - [2004-08-04 20:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc) DRV - [2004-08-04 20:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow) DRV - [2004-08-04 20:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x) DRV - [2004-08-04 20:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810) DRV - [2004-08-04 20:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550) DRV - [2004-08-04 20:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde) DRV - [2004-08-04 20:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde) DRV - [2004-07-19 13:10:00 | 000,004,096 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd) DRV - [2003-08-12 15:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm) DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3400264527-2047350199-2406386279-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-3400264527-2047350199-2406386279-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-3400264527-2047350199-2406386279-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-3400264527-2047350199-2406386279-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008-05-05 22:02:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-09-11 23:58:59 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-09-11 23:58:42 | 000,000,000 | ---D | M] [2010-09-11 23:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\Mozilla\Extensions [2010-09-12 18:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\Mozilla\Firefox\Profiles\zclwmv14.default\extensions [2010-09-12 18:40:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\dom\Dane aplikacji\Mozilla\Firefox\Profiles\zclwmv14.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-09-11 23:58:42 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-09-11 21:37:26 | 000,419,169 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 14466 more lines... O2 - BHO: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll () O3 - HKLM\..\Toolbar: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKU\S-1-5-21-3400264527-2047350199-2406386279-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-3400264527-2047350199-2406386279-1005\..\Toolbar\WebBrowser: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O4 - HKLM..\Run: [iPlusManager] C:\Program Files\iPlus\iPlusChecker.exe () O4 - HKU\S-1-5-21-3400264527-2047350199-2406386279-1005..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Oprogramowanie Kodak EasyShare.lnk.disabled () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3400264527-2047350199-2406386279-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1273951619062 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} https://www.bph.pl/sezam/components/SignActivX.cab (SignActivX Control) O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005-08-24 19:54:08 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-09-12 00:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom\DoctorWeb [2010-09-12 00:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom\Moje dokumenty\Pobieranie [2010-09-11 23:58:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Mozilla [2010-09-11 23:58:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom\Dane aplikacji\Mozilla [2010-09-11 23:58:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010-09-11 23:48:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2010-09-11 23:46:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2010-09-11 23:45:22 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-09-11 21:46:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\dom\Recent [2010-09-11 21:42:26 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010-09-11 21:39:33 | 003,427,248 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\dom\Pulpit\ccsetup235.exe [2010-09-11 21:13:58 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010-09-11 21:13:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy [2010-09-04 19:58:49 | 000,000,000 | ---D | C] -- C:\spoolerlogs [2010-05-06 18:17:46 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDRhcp.dll [2010-05-06 18:17:44 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdrinpa.dll [2010-05-06 18:17:43 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdriesc.dll [2010-05-06 18:17:42 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdrusb1.dll [2010-05-06 18:17:41 | 001,069,056 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdrserv.dll [2010-05-06 18:17:40 | 000,651,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdrpmui.dll [2010-05-06 18:17:39 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdrlmpm.dll [2010-05-06 18:17:34 | 000,679,936 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdrhbn3.dll [2010-05-06 18:17:28 | 000,765,952 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdrcomc.dll [2010-05-06 18:17:28 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdrcomm.dll [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-09-12 22:47:08 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2010-09-12 22:41:05 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-09-12 22:40:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-09-12 22:40:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-09-12 22:40:32 | 526,503,936 | -HS- | M] () -- C:\hiberfil.sys [2010-09-12 22:40:32 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-09-12 21:59:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-09-12 17:55:31 | 008,126,464 | -H-- | M] () -- C:\Documents and Settings\dom\NTUSER.DAT [2010-09-12 17:55:18 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\dom\ntuser.ini [2010-09-12 17:55:00 | 002,205,544 | -H-- | M] () -- C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-09-12 00:19:00 | 049,369,808 | ---- | M] () -- C:\Documents and Settings\dom\Pulpit\8cttycwq.exe [2010-09-12 00:08:33 | 000,501,588 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-09-12 00:08:33 | 000,442,360 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-09-12 00:08:33 | 000,089,980 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-09-12 00:08:33 | 000,072,008 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-09-11 23:59:07 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2010-09-11 23:58:48 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-09-11 23:49:16 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-09-11 23:38:33 | 000,876,547 | ---- | M] () -- C:\logfile [2010-09-11 23:27:35 | 000,162,520 | ---- | M] () -- C:\Documents and Settings\dom\Moje dokumenty\cc_20100911_232729.reg [2010-09-11 21:47:42 | 033,230,848 | ---- | M] () -- C:\Documents and Settings\dom\Pulpit\OOo_3.2.1_Win_x86_install-wJRE_pl.exe [2010-09-11 21:41:11 | 003,427,248 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\dom\Pulpit\ccsetup235.exe [2010-09-11 21:37:26 | 000,419,169 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-09-11 20:51:21 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini [2010-09-11 20:49:20 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-09-10 21:35:13 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat [2010-08-17 14:09:14 | 001,108,014 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-09-12 17:56:17 | 526,503,936 | -HS- | C] () -- C:\hiberfil.sys [2010-09-12 00:39:11 | 049,369,808 | ---- | C] () -- C:\Documents and Settings\dom\Pulpit\8cttycwq.exe [2010-09-11 23:59:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-09-11 23:58:48 | 000,001,606 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-09-11 23:49:15 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-09-11 23:27:32 | 000,162,520 | ---- | C] () -- C:\Documents and Settings\dom\Moje dokumenty\cc_20100911_232729.reg [2010-09-11 21:42:35 | 033,230,848 | ---- | C] () -- C:\Documents and Settings\dom\Pulpit\OOo_3.2.1_Win_x86_install-wJRE_pl.exe [2010-08-07 19:21:33 | 001,253,376 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2010-08-07 19:21:33 | 001,032,192 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2010-08-07 19:21:33 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll [2010-08-07 19:21:32 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2010-07-10 19:42:27 | 000,045,056 | ---- | C] () -- C:\Program Files\GlobalUninst.exe [2010-07-10 19:42:25 | 005,151,748 | ---- | C] () -- C:\Program Files\muz.przeb.wav [2010-07-10 19:42:21 | 005,185,740 | ---- | C] () -- C:\Program Files\muz.menu.intr.outr.wav [2010-07-10 19:42:17 | 005,292,044 | ---- | C] () -- C:\Program Files\muz.czary.duchy.wav [2010-07-10 19:42:17 | 000,002,451 | ---- | C] () -- C:\Program Files\Licencja.txt [2010-07-10 19:42:17 | 000,000,051 | ---- | C] () -- C:\Program Files\am.url [2010-07-10 19:42:15 | 000,200,704 | ---- | C] () -- C:\Program Files\sndDLL.dll [2010-07-10 19:42:15 | 000,159,744 | ---- | C] () -- C:\Program Files\Uninstall.exe [2010-07-10 19:42:15 | 000,131,072 | ---- | C] () -- C:\Program Files\Kolorowanka.dll [2010-07-10 19:42:15 | 000,094,208 | ---- | C] () -- C:\Program Files\Syrenka.exe [2010-07-10 19:42:15 | 000,009,825 | ---- | C] () -- C:\Program Files\INSTALL.INI [2010-07-10 19:42:15 | 000,004,286 | ---- | C] () -- C:\Program Files\syrenka.ico [2010-07-10 19:42:15 | 000,000,045 | ---- | C] () -- C:\Program Files\BlooMoo.ini [2010-07-10 19:42:15 | 000,000,012 | ---- | C] () -- C:\Program Files\syrenka.ini [2010-07-10 19:42:15 | 000,000,000 | ---- | C] () -- C:\Program Files\Log.log [2010-07-10 19:42:15 | 000,000,000 | ---- | C] () -- C:\Program Files\BlooMoo.log [2010-07-10 19:42:13 | 001,626,112 | ---- | C] () -- C:\Program Files\BlooMooDLL.dll [2010-07-10 19:42:13 | 000,263,056 | ---- | C] () -- C:\Program Files\Install.bmp [2010-05-18 22:48:56 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll [2010-05-15 23:39:17 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-05-06 18:34:02 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdrvs.dll [2010-05-06 18:33:54 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\lxdrcoin.dll [2010-05-06 18:32:11 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdrcaps.dll [2010-05-06 18:32:10 | 001,036,288 | ---- | C] () -- C:\WINDOWS\System32\lxdrdrs.dll [2010-05-06 18:32:08 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdrcnv4.dll [2010-05-06 18:31:11 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMON.DLL [2010-05-06 18:31:11 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXF3FXPU.DLL [2010-05-06 18:30:51 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\lxf3oem.dll [2010-05-06 18:30:51 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMRC.DLL [2010-05-06 18:19:34 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdrrwrd.ini [2010-05-06 18:17:48 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\LXDRinst.dll [2010-05-06 18:17:33 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdrgrd.dll [2009-01-19 14:46:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI [2008-04-23 12:15:58 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache [2008-04-11 18:46:55 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll [2008-04-11 18:46:55 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll [2007-12-13 16:31:22 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini [2007-12-13 16:31:22 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini [2007-12-13 16:31:19 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys [2007-12-06 20:37:58 | 000,000,349 | ---- | C] () -- C:\WINDOWS\ka.ini [2006-09-02 17:22:39 | 000,000,125 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2006-09-02 16:46:25 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2006-05-21 18:11:36 | 000,000,194 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2006-02-01 19:18:51 | 000,002,581 | ---- | C] () -- C:\WINDOWS\Disney.ini [2005-12-09 23:50:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini [2005-12-09 23:49:26 | 000,000,082 | ---- | C] () -- C:\WINDOWS\ALaunch.ini [2005-12-09 23:46:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NT.INI [2005-08-25 13:51:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005-08-25 13:31:25 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Acer.ini [2005-08-25 13:31:23 | 000,000,332 | ---- | C] () -- C:\WINDOWS\uninstall.ini [2005-08-24 19:54:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll [2005-08-24 19:54:18 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys [2005-08-24 19:53:36 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll [2005-08-24 19:53:36 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll [2005-08-24 19:53:36 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll [2005-08-24 19:53:36 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll [2005-08-24 19:41:04 | 000,000,750 | ---- | C] () -- C:\WINDOWS\PowerOption.ini [2005-08-24 19:40:37 | 000,037,776 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005-08-24 19:33:40 | 000,003,619 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2005-08-09 20:34:56 | 000,002,772 | ---- | C] () -- C:\WINDOWS\ANTIV.INI [2001-12-26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll [2001-09-03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll [2001-07-30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll [2001-07-23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll [color=#E56717]========== LOP Check ==========[/color] [2010-07-02 18:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ThumbnailCache4R [2007-12-06 20:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Vivendi Universal Games [2008-06-24 20:48:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\iPlus [2010-05-15 15:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\Lexmark Productivity Studio [2010-05-23 12:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\OpenOffice.org [2005-12-09 18:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\OpenOffice.ux.pl2 [2010-05-15 23:30:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\Windows Desktop Search [2010-09-12 22:47:08 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job [color=#E56717]========== Purity Check ==========[/color] < End of report >