OTL logfile created on: 2010-10-09 20:25:28 - Run 1 OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 511,00 Mb Total Physical Memory | 147,00 Mb Available Physical Memory | 29,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 20,00 Gb Total Space | 0,71 Gb Free Space | 3,53% Space Free | Partition Type: NTFS Drive D: | 27,26 Gb Total Space | 10,79 Gb Free Space | 39,59% Space Free | Partition Type: NTFS Drive E: | 27,26 Gb Total Space | 8,07 Gb Free Space | 29,61% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MARIANU Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-10-08 22:05:58 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-10-08 21:33:06 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe PRC - [2010-09-15 01:08:56 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-09-15 01:08:56 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-07-22 01:24:16 | 012,477,024 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-01-15 11:33:09 | 000,024,688 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE PRC - [2009-07-01 18:37:06 | 000,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2008-09-16 18:29:13 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-03-15 18:17:32 | 000,337,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe PRC - [2005-08-05 15:15:04 | 000,061,440 | ---- | M] (Vimicro) -- C:\WINDOWS\VM305_STI.exe PRC - [2005-05-04 01:33:42 | 000,032,768 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe PRC - [2004-06-11 05:15:18 | 000,083,968 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvraidservice.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-10-08 22:05:58 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-01-15 11:33:05 | 000,024,685 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL MOD - [2006-08-25 17:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-10-08 21:33:06 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP) SRV - [2007-08-09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-10-08 21:33:06 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2010-06-09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2) DRV - [2010-06-09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1) DRV - [2010-05-07 12:06:26 | 000,032,856 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2009-11-02 20:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2006-02-09 14:50:32 | 000,392,444 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbVM305.sys -- (ZSMC0305) DRV - [2005-05-04 04:28:34 | 001,133,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2004-12-22 11:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2004-08-03 23:14:18 | 000,143,360 | ---- | M] () [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat) DRV - [2004-07-29 00:15:38 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2004-07-29 00:15:36 | 000,033,024 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2004-06-03 04:40:50 | 000,068,224 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvraid.sys -- (nvraid) NVIDIA NForce(tm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1960408961-746137067-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1960408961-746137067-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1960408961-746137067-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-1960408961-746137067-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.pl/ IE - HKU\S-1-5-21-1960408961-746137067-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1960408961-746137067-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1960408961-746137067-725345543-500\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com) IE - HKU\S-1-5-21-1960408961-746137067-725345543-500\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found IE - HKU\S-1-5-21-1960408961-746137067-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1960408961-746137067-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://pl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1 FF - prefs.js..extensions.enabledItems: pl@dictionaries.addons.mozilla.org:1.0.20091103 FF - prefs.js..extensions.enabledItems: {bc03d92d-9a29-4663-a16b-26fb5538975c}:4.3 FF - prefs.js..extensions.enabledItems: zrzuta.eu@gmail.com:1.2 FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.2 FF - prefs.js..keyword.URL: "" FF - HKLM\software\mozilla\Firefox\extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\firefox\ [2010-01-15 11:33:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-09 16:13:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-10-09 16:13:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-10-08 21:02:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010-10-08 20:59:32 | 000,000,000 | ---D | M] [2009-01-29 23:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions [2010-10-09 00:35:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\3idqd7j0.default\extensions [2010-02-28 16:02:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\3idqd7j0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2008-08-02 00:05:33 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\3idqd7j0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2008-08-02 00:21:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\3idqd7j0.default\extensions\{bc03d92d-9a29-4663-a16b-26fb5538975c} [2008-08-01 22:57:11 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\3idqd7j0.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb} [2010-03-23 12:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\3idqd7j0.default\extensions\info@sciagaj.org [2010-04-01 20:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\3idqd7j0.default\extensions\pl@dictionaries.addons.mozilla.org [2010-05-23 14:18:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\3idqd7j0.default\extensions\searchrecs@veoh.com [2008-08-01 23:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\3idqd7j0.default\extensions\temp [2010-08-20 17:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\3idqd7j0.default\extensions\zrzuta.eu@gmail.com [2010-01-15 18:46:53 | 000,001,635 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\3idqd7j0.default\searchplugins\Ask.xml [2010-10-09 16:15:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-09-14 23:29:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-09-14 23:29:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-09-14 23:29:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-09-14 23:29:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-09-14 23:29:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-09-14 23:29:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml Hosts file not found O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com) O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.) O2 - BHO: (Browser Helper Object) - {AFD4AD01-58C1-47DB-A404-FBE00A6C5486} - C:\Program Files\Shared\lib.dll () O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll File not found O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-1960408961-746137067-725345543-500\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com) O3 - HKU\S-1-5-21-1960408961-746137067-725345543-500\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-1960408961-746137067-725345543-500\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE (Vimicro) O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe (NVIDIA Corporation) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [sw_updater] C:\Program Files\sw_updater\updater.exe File not found O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKU\S-1-5-21-1960408961-746137067-725345543-500..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1960408961-746137067-725345543-500..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG) O4 - HKU\S-1-5-21-1960408961-746137067-725345543-500..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ATI CATALYST – pasek zadań.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1960408961-746137067-725345543-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1960408961-746137067-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1960408961-746137067-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1960408961-746137067-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0 O7 - HKU\S-1-5-21-1960408961-746137067-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0 O7 - HKU\S-1-5-21-1960408961-746137067-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1 O7 - HKU\S-1-5-21-1960408961-746137067-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0 O7 - HKU\S-1-5-21-1960408961-746137067-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.) O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-5/myWebFaceInitialSetup1.0.1.3.cab (Reg Error: Key error.) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1104540680640 (WUWebControl Class) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} http://www.o2c.de/download/o2cplayer.cab (O2C-Player (ELECO Software GmbH)) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} https://java.sun.com/update/1.6.0/jinstall-6-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.113.224.36 217.113.224.35 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2005-01-01 02:24:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{44e07c88-691c-11db-bcc5-000fea3078dd}\Shell - "" = Autorun O33 - MountPoints2\{44e07c88-691c-11db-bcc5-000fea3078dd}\Shell\AutoRun\command - "" = H:\setup.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]AXIS TONS THE MP3[/b] - hkey= - key= - C:\Documents and Settings\All Users\Dane aplikacji\Readme Live Axis Tons\Style Load.exe File not found MsConfig - StartUpReg: [b]DAEMON Tools-1033[/b] - hkey= - key= - C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME) MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]MyWebSearch Email Plugin[/b] - hkey= - key= - C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com) MsConfig - StartUpReg: [b]NBJ[/b] - hkey= - key= - C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG) MsConfig - StartUpReg: [b]Odkurzacz-MCD[/b] - hkey= - key= - C:\Program Files\Odkurzacz\odk_mcd.exe File not found MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.) MsConfig - StartUpReg: [b]RemoteControl[/b] - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) MsConfig - StartUpReg: [b]Sony Ericsson PC Suite[/b] - hkey= - key= - C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe File not found MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) MsConfig - StartUpReg: [b]updateMgr[/b] - hkey= - key= - C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-10-09 16:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010-10-09 16:08:02 | 009,239,760 | ---- | C] (Mozilla) -- C:\Documents and Settings\Administrator\Pulpit\Firefox Setup 3.6.10.exe [2010-10-08 20:58:18 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2010-10-08 20:58:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab [2010-10-08 20:57:40 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010-10-08 20:45:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\ArcaVirMicroScan [2010-09-28 20:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\Shared [2010-09-20 18:46:29 | 000,000,000 | ---D | C] -- C:\Program Files\Samorost2 [2006-06-12 17:19:32 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys [2006-06-12 17:19:32 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-10-09 16:13:58 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-10-09 16:10:05 | 012,582,912 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat [2010-10-09 16:08:02 | 009,239,760 | ---- | M] (Mozilla) -- C:\Documents and Settings\Administrator\Pulpit\Firefox Setup 3.6.10.exe [2010-10-09 15:00:31 | 000,000,810 | -HS- | M] () -- C:\WINDOWS\KLIF.spi [2010-10-09 12:36:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-10-09 12:34:52 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-10-09 12:34:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-10-09 01:23:04 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010-10-08 23:31:24 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\bukartyk.doc [2010-10-08 21:33:06 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010-10-08 21:14:52 | 000,002,417 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-10-08 21:01:53 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2010-10-08 21:01:53 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2010-10-08 19:53:42 | 000,000,731 | ---- | M] () -- C:\WINDOWS\win.ini [2010-10-08 18:00:00 | 000,000,490 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Administrator.job [2010-10-08 00:05:38 | 000,326,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\tulipany.jpg [2010-10-06 00:32:49 | 000,043,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-10-05 23:30:21 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-10-02 21:05:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010-09-20 18:46:30 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Samorost2.lnk [2010-09-20 00:53:55 | 001,316,208 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\bilety 20.jpg [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-10-09 16:13:58 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-10-09 14:59:50 | 000,000,810 | -HS- | C] () -- C:\WINDOWS\KLIF.spi [2010-10-08 21:01:53 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2010-10-08 21:01:53 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2010-10-07 23:59:55 | 000,326,436 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\tulipany.jpg [2010-09-20 18:46:30 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Samorost2.lnk [2010-09-20 00:53:47 | 001,316,208 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\bilety 20.jpg [2010-03-30 17:21:22 | 000,002,596 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Config.nt.bak [2010-03-30 17:21:22 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Autoexec.nt.bak [2009-11-21 20:20:23 | 000,000,030 | ---- | C] () -- C:\WINDOWS\wininit.ini [2008-04-07 22:30:11 | 000,000,051 | ---- | C] () -- C:\WINDOWS\marscam.ini [2008-02-28 11:50:43 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat [2007-08-01 17:51:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI [2007-08-01 16:24:21 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache [2007-06-19 18:54:07 | 000,000,029 | ---- | C] () -- C:\WINDOWS\map.ini [2007-04-09 15:36:39 | 000,000,084 | ---- | C] () -- C:\WINDOWS\winamp.ini [2007-02-23 18:33:31 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini [2007-02-17 20:16:21 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2007-02-17 20:08:14 | 000,007,513 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2006-05-31 19:34:45 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2006-05-31 19:34:45 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2006-05-16 16:20:00 | 000,042,729 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\FASTWiz.log [2006-03-27 17:43:57 | 000,000,632 | ---- | C] () -- C:\WINDOWS\CoD.INI [2006-02-06 23:10:56 | 000,043,520 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-02-06 17:20:29 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini [2006-02-03 16:34:50 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006-02-01 16:52:08 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-02-01 16:09:28 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2005-10-21 00:58:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\vspxvfw.dll [2005-09-01 16:20:46 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\vspxcore.dll [2005-02-02 15:59:20 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys [2005-01-01 02:44:03 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2005-01-01 02:43:59 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2004-08-22 17:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll [2002-05-10 20:14:31 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll [2002-04-21 20:30:14 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2002-04-02 00:16:30 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll [2002-04-02 00:16:14 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2002-04-02 00:15:40 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2001-07-07 04:00:02 | 000,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [color=#E56717]========== LOP Check ==========[/color] [2010-10-08 20:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ArcaVirMicroScan [2006-11-29 17:53:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\AutoUpdate [2007-11-28 23:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Cream Software [2006-02-01 16:11:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\F-Secure [2007-07-12 23:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Flickr [2007-07-06 23:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FrostWire [2008-08-03 00:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu [2010-08-31 11:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu 10 [2007-10-01 22:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Groove Games [2010-05-21 19:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Image Zone Express [2010-09-11 09:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ipla [2010-01-22 20:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ITTerritory [2009-04-13 20:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Leadertech [2007-01-19 01:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Listonosz [2010-08-27 20:31:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu [2006-11-29 17:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Onet [2009-06-11 00:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM [2010-05-26 13:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Passware [2010-03-30 15:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Printer Info Cache [2010-05-30 02:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Software Informer [2010-02-25 20:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sony [2009-08-12 12:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Teleca [2006-02-06 21:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Thunderbird [2009-03-25 02:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\WinPatrol [2009-08-15 18:57:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ashampoo [2009-12-05 03:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2006-12-14 21:32:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CA [2008-08-04 00:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-04-05 01:37:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\G DATA [2010-08-31 11:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-09-01 13:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2008-11-12 02:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks [2010-01-16 19:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Readme Live Axis Tons [2010-02-25 20:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2008-06-03 23:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-03-18 17:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{755AC846-7372-4AC8-8550-C52491DAA8BD} [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2005-01-01 02:24:43 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-03-29 10:14:21 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2006-02-01 18:17:39 | 000,006,877 | ---- | M] () -- C:\caavsetup.log [2007-05-28 01:04:56 | 000,001,449 | ---- | M] () -- C:\caisslog.txt [2005-01-01 02:24:43 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2005-01-01 02:45:02 | 000,000,032 | ---- | M] () -- C:\csb.log [2005-01-01 02:24:43 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-08-06 01:57:55 | 000,060,704 | ---- | M] () -- C:\mksbasel.cpp.log [2005-01-01 02:24:43 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-03 22:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2010-10-09 20:12:25 | 876,609,536 | -HS- | M] () -- C:\pagefile.sys [1996-09-16 04:00:00 | 000,202,240 | -H-- | M] (DreamWorks Interactive) -- C:\setup95.exe [2008-12-13 11:56:01 | 000,000,510 | ---- | M] () -- C:\updatedatfix.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2009-12-22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys [2009-12-22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtUninstallKB952011$\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2008-04-14 19:21:45 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\userinit.exe [2004-08-04 00:44:30 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=BD768099B4C44AA631728CB74EB54396 -- C:\WINDOWS\system32\dllcache\userinit.exe [2004-08-04 00:44:30 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=BD768099B4C44AA631728CB74EB54396 -- C:\WINDOWS\system32\userinit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:7E95B6FD @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:364682BC @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 < End of report >