OTL logfile created on: 2012-05-15 09:07:51 - Run 1
OTL by OldTimer - Version 3.2.43.0     Folder = C:\Documents and Settings\Administrator\Pulpit\LOGI
Windows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
767,48 Mb Total Physical Memory | 647,21 Mb Available Physical Memory | 84,33% Memory free
1,21 Gb Paging File | 1,13 Gb Available in Paging File | 94,14% Paging File free
Paging file location(s): D:\pagefile.sys 512 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 10,00 Gb Total Space | 2,95 Gb Free Space | 29,50% Space Free | Partition Type: NTFS
Drive D: | 64,53 Gb Total Space | 47,11 Gb Free Space | 73,01% Space Free | Partition Type: NTFS
Drive T: | 74,53 Gb Total Space | 65,99 Gb Free Space | 88,54% Space Free | Partition Type: NTFS
 
Computer Name: INFO | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-05-15 07:50:08 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\LOGI\OTL.exe
PRC - [2003-07-08 13:00:00 | 000,243,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\explorer.exe
PRC - [2003-07-08 13:00:00 | 000,196,706 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wbem\winmgmt.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-01-08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011-07-18 23:04:08 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll
MOD - [2010-07-04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2012-04-10 12:16:58 | 000,074,512 | ---- | M] (SANDBOXIE L.T.D) [Auto | Stopped] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2005-06-03 06:25:36 | 000,122,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\mstask.exe -- (Schedule)
SRV - [2004-09-27 08:39:00 | 000,101,136 | ---- | M] () [On_Demand | Stopped] -- C:\ORANT\BIN\ONRSD80.EXE -- (OracleClientCache80)
SRV - [2003-07-08 13:00:00 | 000,196,706 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\wbem\winmgmt.exe -- (WinMgmt)
SRV - [2003-07-08 13:00:00 | 000,147,728 | ---- | M] (VERITAS Software Corp.) [On_Demand | Stopped] -- C:\WINNT\System32\dmadmin.exe -- (dmadmin)
SRV - [2003-07-08 13:00:00 | 000,095,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\faxsvc.exe -- (Fax)
SRV - [2003-07-08 13:00:00 | 000,068,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINNT\system32\regsvc.exe -- (RemoteRegistry)
SRV - [2003-07-08 13:00:00 | 000,062,224 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINNT\system32\stisvc.exe -- (StiSvc)
SRV - [2003-07-08 13:00:00 | 000,022,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\utilman.exe -- (UtilMan)
SRV - [1999-03-04 19:00:36 | 000,050,688 | ---- | M] () [Unavailable | Unknown] -- C:\WINNT\System32\ias.msc -- (IAS)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | Auto | Stopped] -- system32\drivers\Vsapint.sys -- (Vsapint)
DRV - File not found [Kernel | Auto | Stopped] -- system32\drivers\Tmfilter.sys -- (Tmfilter)
DRV - File not found [Kernel | System | Stopped] --  -- (tga)
DRV - File not found [Kernel | System | Stopped] --  -- (sglfb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINNT\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\ADMINI~1.INF\USTAWI~1\Temp\pgtdrpog.sys -- (pgtdrpog)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Recognizer | System | Unknown] --  -- (InCDFatRec)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012-04-10 12:16:58 | 000,135,440 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2011-01-19 11:46:56 | 000,010,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\ampa.sys -- (ampa)
DRV - [2010-11-06 23:24:30 | 000,019,056 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2010-08-25 15:45:28 | 000,395,464 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\WINNT\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2010-08-25 15:45:28 | 000,037,080 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Stopped] -- C:\WINNT\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010-02-16 23:45:06 | 000,019,320 | ---- | M] (REALiX(tm)) [Kernel | System | Stopped] -- C:\Program Files\HWiNFO32\HWiNFO32.SYS -- (HWiNFO32)
DRV - [2009-12-02 13:20:58 | 000,018,696 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\eufs.sys -- (EUFS)
DRV - [2009-12-02 13:20:58 | 000,014,216 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\eudskacs.sys -- (EUDSKACS)
DRV - [2009-12-02 13:20:56 | 000,026,248 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\eubakup.sys -- (EUBAKUP)
DRV - [2009-12-02 13:20:54 | 000,122,376 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\EuDisk.sys -- (EuDisk)
DRV - [2009-05-05 03:58:30 | 000,013,976 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\videX32.sys -- (videX32)
DRV - [2006-03-08 09:57:18 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\usb8023y.sys -- (usb_rndisy)
DRV - [2006-01-25 05:52:31 | 001,478,656 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005-03-23 16:56:00 | 000,009,038 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\viausb.sys -- (viafilter)
DRV - [2004-07-09 03:58:10 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\mpe.sys -- (MPE)
DRV - [2004-06-03 15:24:52 | 000,167,168 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2003-07-08 13:00:00 | 000,369,104 | ---- | M] (VERITAS Software Corp.) [Kernel | Disabled | Stopped] -- C:\WINNT\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2003-07-08 13:00:00 | 000,137,936 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\dmio.sys -- (dmio)
DRV - [2003-07-08 13:00:00 | 000,060,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\parallel.sys -- (Parallel)
DRV - [2003-07-08 13:00:00 | 000,032,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\uhcd.sys -- (uhcd)
DRV - [2003-07-08 13:00:00 | 000,027,440 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINNT\System32\drivers\efs.sys -- (EFS)
DRV - [2003-07-08 13:00:00 | 000,021,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\rca.sys -- (RCA)
DRV - [2003-07-08 13:00:00 | 000,009,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\netdtect.sys -- (NetDetect)
DRV - [2003-07-08 13:00:00 | 000,007,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\diskperf.sys -- (Diskperf)
DRV - [2003-07-08 13:00:00 | 000,007,312 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\dmload.sys -- (dmload)
DRV - [2003-07-01 22:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2003-06-19 13:05:04 | 000,049,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\usbhub20.sys -- (usbhub20)
DRV - [2003-06-19 13:05:04 | 000,024,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\openhci.sys -- (openhci)
DRV - [2003-06-19 13:05:04 | 000,009,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003-03-24 06:19:00 | 000,088,960 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\viaudio.sys -- (VIAudio) VIA AC'97 Audio Controller (WDM)
DRV - [2002-07-17 09:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\WINNT\System32\drivers\Aspi32.sys -- (ASPI32)
DRV - [2000-12-04 15:35:44 | 000,008,800 | ---- | M] (Freecom Technologies) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\FCUSB.sys -- (FCUSB)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\SYSTEM32\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-682003330-842925246-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKU\S-1-5-21-682003330-842925246-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINNT\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINNT\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-24 10:10:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-01-12 08:32:31 | 000,000,000 | ---D | M]
 
[2010-03-16 08:58:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator.INFO\Dane aplikacji\Mozilla\Firefox\Profiles\hmzjzhs1.default\extensions
[2010-03-16 08:58:38 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\Administrator.INFO\Dane aplikacji\Mozilla\Firefox\Profiles\hmzjzhs1.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012-05-02 10:10:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-05-02 10:10:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012-04-21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-05-02 10:09:58 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012-04-21 04:18:44 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-21 04:18:44 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-21 04:18:44 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-21 04:18:44 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-21 04:18:44 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-21 04:18:44 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2011-10-05 08:54:58 | 000,000,754 | ---- | M]) - C:\WINNT\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1		gemius.pl
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Antirun] C:\Program Files\Antirun\antirun.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKU\.DEFAULT..\Run: [internat.exe] C:\WINNT\System32\internat.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-682003330-842925246-839522115-500..\Run: [RivChat] C:\Program Files\RivChat2\RivChat.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\SyncBack.lnk = C:\Program Files\SyncBack\SyncBack.exe (2BrightSparks)
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\VirtuaWin.lnk = T:\TOMEK\VirtuaWinPortable\App\virtuawin\VirtuaWin.exe (VirtuaWin)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00  [binary data]
O7 - HKU\S-1-5-21-682003330-842925246-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 124
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINNT\system32\rnr20.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38111.1522569444 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.4.1/jinstall-1_4_1_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = GSP.lokalna
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18948DEA-D29B-4EAA-ACBC-401A7E40812A}: NameServer = 194.204.152.34,194.204.159.1
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\system32\msdxm.ocx (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream - No CLSID value found
O18 - Protocol\Filter\application/x-complus - No CLSID value found
O18 - Protocol\Filter\application/x-msdownload - No CLSID value found
O18 - Protocol\Filter\Class Install Handler - No CLSID value found
O18 - Protocol\Filter\deflate - No CLSID value found
O18 - Protocol\Filter\gzip - No CLSID value found
O18 - Protocol\Filter\lzdhtml - No CLSID value found
O18 - Protocol\Filter\text/webviewhtml - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINNT\system32\userinit.exe) - C:\WINNT\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ActiveSync: DllName - (WcesWlgn.dll) - C:\WINNT\System32\WcesWlgn.dll (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINNT\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\wzcnotif: DllName - (wzcdlg.dll) - C:\WINNT\System32\wzcdlg.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004-03-02 15:47:58 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-07-04 07:57:38 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-07-04 07:57:41 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-07-04 07:57:43 | 000,000,000 | RHSD | M] - T:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-05-15 09:04:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.INFO\Dane aplikacji\Notepad++
[2012-05-02 10:31:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TightVNC
[2012-05-02 10:20:11 | 000,000,000 | ---D | C] -- C:\WINNT\ShellNew
[2012-05-02 10:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\LibreOffice 3.5
[2012-05-02 10:10:16 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINNT\System32\javaws.exe
[2012-05-02 10:10:16 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINNT\System32\javaw.exe
[2012-05-02 10:10:16 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINNT\System32\java.exe
[2012-05-02 10:10:16 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINNT\System32\javacpl.cpl
[2012-05-02 10:09:47 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-05-02 09:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2012-05-02 09:24:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2012-04-26 07:56:26 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-05-15 08:06:57 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_224.dat
[2012-05-15 07:22:20 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_228.dat
[2012-05-11 14:59:53 | 000,921,586 | -H-- | M] () -- C:\WINNT\ShellIconCache
[2012-05-11 07:19:56 | 000,173,872 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT
[2012-05-02 10:09:58 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINNT\System32\javaws.exe
[2012-05-02 10:09:58 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINNT\System32\javaw.exe
[2012-05-02 10:09:58 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINNT\System32\java.exe
[2012-05-02 10:09:58 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINNT\System32\javacpl.cpl
[2012-05-02 10:09:57 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINNT\System32\deployJava1.dll
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-05-15 08:06:57 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_224.dat
[2012-05-15 07:22:20 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_228.dat
[2012-03-30 12:16:40 | 000,716,813 | ---- | C] () -- C:\WINNT\unins000.exe
[2012-03-30 10:08:53 | 000,297,417 | ---- | C] () -- C:\WINNT\unins000.dat
[2012-02-28 15:54:19 | 001,098,680 | ---- | C] () -- C:\WINNT\ampa.exe
[2012-02-28 15:54:19 | 000,010,936 | ---- | C] () -- C:\WINNT\System32\ampa.sys
[2011-12-27 10:47:36 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_244.dat
[2011-12-27 10:32:22 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_23c.dat
[2011-11-24 12:27:44 | 000,080,896 | ---- | C] () -- C:\WINNT\System32\ff_vfw.dll
[2011-09-16 11:06:34 | 000,001,823 | ---- | C] () -- C:\WINNT\iris.ini
[2011-08-25 09:49:57 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_214.dat
[2011-06-01 09:24:35 | 000,645,632 | ---- | C] () -- C:\WINNT\System32\xvidcore.dll
[2011-06-01 09:24:35 | 000,240,640 | ---- | C] () -- C:\WINNT\System32\xvidvfw.dll
[2011-04-27 08:29:57 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_28c.dat
[2011-01-28 12:27:44 | 000,001,666 | ---- | C] () -- C:\WINNT\Sandboxie.ini
[2010-12-17 14:07:54 | 000,000,621 | ---- | C] () -- C:\WINNT\System32\hppapr09.dat
[2010-08-24 06:56:14 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_250.dat
[2010-07-12 07:38:38 | 000,000,649 | ---- | C] () -- C:\WINNT\StarBurn.INI
[2010-06-21 09:16:12 | 000,000,051 | ---- | C] () -- C:\WINNT\wininit.ini
[2010-06-09 14:00:50 | 000,156,160 | ---- | C] () -- C:\WINNT\System32\ERUNT.EXE
[2010-06-09 14:00:33 | 000,005,239 | ---- | C] () -- C:\WINNT\System32\CHOICE.COM
[2010-05-18 10:18:03 | 000,116,224 | ---- | C] () -- C:\WINNT\System32\redmonnt.dll
[2010-05-18 10:18:03 | 000,045,056 | ---- | C] () -- C:\WINNT\System32\unredmon.exe
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-03-13 14:25:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ArcaVirMicroScan
[2012-03-27 07:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\CrystalIdea Software
[2012-05-08 07:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FileZilla
[2012-04-24 11:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\foobar2000
[2010-03-31 13:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FreeFLVConverter
[2010-04-02 06:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ImgBurn
[2010-10-26 12:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\inkscape
[2012-05-02 09:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IObit
[2011-05-18 08:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\JPEGView
[2012-05-02 10:40:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\LibreOffice
[2010-04-15 09:29:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mael
[2011-11-14 08:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\MiTeC
[2011-10-10 07:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mkvtoolnix
[2012-02-29 09:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\NapiProjekt
[2012-03-27 10:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Notepad++
[2010-10-05 08:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PhotoScape
[2004-05-28 13:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PLSQL Developer
[2010-05-18 10:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Scan2PDF
[2011-06-02 08:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Softland
[2011-10-11 10:54:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\SpringPublisher
[2012-05-02 08:54:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\TeamViewer
[2012-01-24 13:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\TightVNC
[2010-11-03 09:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Unizeto
[2012-02-29 08:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2012-05-15 09:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.INFO\Dane aplikacji\Notepad++
[2010-06-30 12:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2BrightSparks
[2010-07-05 07:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Applications
[2012-05-02 08:52:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2011-03-29 10:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GNU
[2011-01-24 11:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\launcher
[2011-09-02 09:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2010-08-16 09:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Newsoft
[2012-01-04 14:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2012-05-02 10:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TightVNC
[2011-03-29 10:27:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\gnupg
[2011-06-03 10:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\Softland
[2010-11-16 09:15:13 | 000,000,388 | ---- | M] () -- C:\WINNT\Tasks\SyncBack documents.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1CA73D29

< End of report >