OTL logfile created on: 2010-12-05 18:20:22 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = D:\FIREFOX POBRANE Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,30 Gb Total Space | 8,76 Gb Free Space | 29,91% Space Free | Partition Type: NTFS Drive D: | 24,42 Gb Total Space | 13,96 Gb Free Space | 57,15% Space Free | Partition Type: NTFS Drive E: | 20,81 Gb Total Space | 7,27 Gb Free Space | 34,94% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: ŻWIREK | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-12-05 18:18:09 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\FIREFOX POBRANE\OTL.exe PRC - [2010-12-04 23:18:46 | 000,788,880 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2010-12-04 23:18:45 | 001,181,328 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010-10-27 07:21:28 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-10-27 07:21:28 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-09-30 20:58:18 | 003,249,504 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe PRC - [2010-09-07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-07-12 07:52:50 | 000,548,864 | ---- | M] () -- C:\Program Files\Greenshot\Greenshot.exe PRC - [2010-05-25 15:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe PRC - [2009-11-03 15:48:54 | 000,874,768 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2009-11-03 15:45:52 | 000,348,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe PRC - [2009-11-03 15:45:48 | 001,372,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe PRC - [2009-11-03 15:42:00 | 000,909,312 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe PRC - [2009-11-03 15:35:14 | 001,202,448 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe PRC - [2009-11-03 15:33:48 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2008-09-12 18:21:22 | 001,345,376 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe PRC - [2007-07-09 08:39:12 | 002,119,104 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2007-06-13 14:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005-09-21 09:24:02 | 000,086,016 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-12-05 18:18:09 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\FIREFOX POBRANE\OTL.exe MOD - [2009-03-26 15:35:40 | 000,034,224 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\idmmkb.dll MOD - [2006-12-21 13:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll MOD - [2006-08-25 16:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010-12-04 23:18:45 | 001,181,328 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2009-11-03 15:48:54 | 000,874,768 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2009-11-03 15:45:52 | 000,348,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R) SRV - [2009-11-03 15:42:00 | 000,909,312 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel(R) SRV - [2009-11-03 15:33:48 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2006-05-11 17:40:06 | 000,358,008 | ---- | M] (Protection Technology (StarForce)) [Auto | Stopped] -- C:\WINDOWS\System32\sfrem02.exe -- (sfrem02) FrontLine Drivers Auto Removal (v2) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\WIREK~1\USTAWI~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\WIREK~1\USTAWI~1\Temp\catchme.sys -- (catchme) DRV - [2010-11-09 14:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135) DRV - [2010-09-29 21:53:36 | 000,078,328 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI) DRV - [2010-09-07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-09-07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-09-07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-09-07 15:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-09-07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-09-07 15:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010-07-12 14:49:18 | 000,060,104 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS) DRV - [2010-07-12 14:48:56 | 000,073,032 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K) DRV - [2010-07-09 13:18:54 | 000,020,328 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz134_x32.sys -- (cpuz134) DRV - [2010-05-02 22:48:51 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2010-03-29 20:51:40 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf) DRV - [2009-12-18 11:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv) DRV - [2009-09-23 13:55:23 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2009-03-25 13:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2008-11-23 10:23:06 | 000,097,792 | ---- | M] (T0r0 2008) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\NSHE.SYS -- (NSHE) DRV - [2008-08-13 16:23:56 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2008-01-07 13:36:16 | 002,216,064 | R--- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Sterownik karty Intel(R) DRV - [2007-01-13 09:33:18 | 005,672,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm) DRV - [2006-11-22 09:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock) DRV - [2006-11-20 07:48:40 | 000,506,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207) DRV - [2006-09-11 12:57:56 | 000,067,960 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv02.sys -- (sfdrv02) FrontLine Environment Driver (v2) DRV - [2006-08-11 17:09:28 | 000,059,776 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync05.sys -- (sfsync05) FrontLine Synchronization Driver (v5) DRV - [2005-09-23 17:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2004-10-27 15:21:36 | 000,138,240 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004-10-27 15:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1659004503-616249376-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gazeta.pl/0,0.html?sc=1 IE - HKU\S-1-5-21-1659004503-616249376-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1659004503-616249376-725345543-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gazeta.pl/0,0.html?sc=1 IE - HKU\S-1-5-21-1659004503-616249376-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1659004503-616249376-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b2 FF - prefs.js..extensions.enabledItems: guiconfig@slosd.net:1.1.2 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1 FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.1.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-04 22:14:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-04 22:14:25 | 000,000,000 | ---D | M] [2010-03-28 20:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Extensions [2010-12-04 23:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Firefox\Profiles\gr7f0qbt.default\extensions [2010-12-04 23:37:41 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Firefox\Profiles\gr7f0qbt.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-12-04 23:37:41 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Firefox\Profiles\gr7f0qbt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-12-04 23:37:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Firefox\Profiles\gr7f0qbt.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-12-04 23:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Firefox\Profiles\gr7f0qbt.default\extensions\fastdial@telega.phpnet.us [2010-12-04 23:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Firefox\Profiles\gr7f0qbt.default\extensions\guiconfig@slosd.net [2010-12-05 12:00:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Firefox\Profiles\laptop\extensions [2010-12-05 11:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Firefox\Profiles\Nowy folder\extensions [2010-12-04 23:40:40 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Firefox\Profiles\Nowy folder\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-12-04 23:40:45 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Firefox\Profiles\Nowy folder\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-12-04 23:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Firefox\Profiles\Nowy folder\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-12-04 23:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Firefox\Profiles\Nowy folder\extensions\fastdial@telega.phpnet.us [2010-12-04 23:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Mozilla\Firefox\Profiles\Nowy folder\extensions\guiconfig@slosd.net [2010-12-04 23:43:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-10-27 06:37:26 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-10-27 06:37:26 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-10-27 06:37:26 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-10-27 06:37:26 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-10-27 06:37:26 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-10-27 06:37:26 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-10-10 21:55:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1659004503-616249376-725345543-1005\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-1659004503-616249376-725345543-1005..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKU\S-1-5-21-1659004503-616249376-725345543-1005..\Run: [Greenshot] C:\Program Files\Greenshot\Greenshot.exe () O4 - HKU\S-1-5-21-1659004503-616249376-725345543-1005..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1659004503-616249376-725345543-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1659004503-616249376-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1659004503-616249376-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1659004503-616249376-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm () O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\ŻWIREK\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\ŻWIREK\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-03-27 23:13:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-12-05 11:53:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Greenshot [2010-12-05 11:53:13 | 000,000,000 | ---D | C] -- C:\Program Files\Greenshot [2010-12-04 23:39:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ŻWIREK\Pulpit\Nowy folder [2010-12-04 23:19:56 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2010-12-04 23:09:24 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} [2010-12-04 23:08:54 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2010-12-04 23:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft [2010-12-04 22:14:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010-12-02 21:55:10 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ŻWIREK\IECompatCache [2010-12-02 21:54:14 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ŻWIREK\PrivacIE [2010-12-02 20:36:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared [2010-12-02 20:35:16 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark [2010-12-02 20:02:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\IDM [2010-12-02 20:02:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\DMCache [2010-12-02 20:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager [2010-12-02 20:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender [2010-12-02 20:02:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ŻWIREK\Pulpit\Internet.Download.Manager.6.03.FULL [2010-12-02 10:23:19 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedswitchXP [2010-12-02 09:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2010-12-02 09:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2010-12-02 00:08:27 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2010-12-01 12:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeter [2010-11-30 09:16:14 | 000,021,992 | ---- | C] (CPUID) -- C:\WINDOWS\System32\drivers\cpuz135_x32.sys [2010-11-29 00:35:00 | 000,020,328 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\cpuz134_x32.sys [2010-11-28 23:37:49 | 000,000,000 | ---D | C] -- C:\PerfLogs [2010-11-26 21:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ŻWIREK\Pulpit\My Shared Folder [2010-11-26 17:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ŻWIREK\Pulpit\stol sosna+4 krzesla [2010-11-24 15:21:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\SWiSH Max4 [2010-11-24 15:06:38 | 000,000,000 | ---D | C] -- C:\Program Files\LameACM [2010-11-24 15:06:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWiSHzone.com [2010-11-24 15:05:55 | 000,000,000 | ---D | C] -- C:\Program Files\SWiSH Max4 [2010-11-24 14:40:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ŻWIREK\Application Data [2010-11-24 14:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\Selteco [2010-11-24 11:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe [2010-11-24 11:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player [2010-11-24 11:06:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ŻWIREK\Pulpit\Adobe CS5 [2010-11-23 20:38:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ŻWIREK\IETldCache [2010-11-23 14:12:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp [2010-11-23 14:12:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010-11-23 14:11:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2010-11-23 14:10:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010-11-23 14:10:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL [2010-11-23 14:06:28 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010-11-23 14:06:28 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010-11-23 14:06:25 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2010-11-23 14:06:24 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010-11-23 14:06:23 | 011,076,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010-11-22 22:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\HateML2 [2010-11-13 20:24:25 | 000,000,000 | RH-D | C] -- C:\AHCache [2010-11-13 17:44:54 | 000,000,000 | ---D | C] -- C:\ETCLIENT [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-12-05 18:14:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-05 17:29:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-12-05 17:26:03 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010-12-05 17:26:01 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job [2010-12-05 17:25:59 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job [2010-12-05 17:25:58 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job [2010-12-05 17:25:56 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job [2010-12-05 17:22:45 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-12-05 11:58:38 | 000,136,971 | ---- | M] () -- C:\Documents and Settings\ŻWIREK\Pulpit\Greenshot_2010-12-05_11-58-32.jpg [2010-12-05 11:57:08 | 000,170,778 | ---- | M] () -- C:\Documents and Settings\ŻWIREK\Pulpit\Greenshot_2010-12-05_11-56-43.jpg [2010-12-05 11:55:39 | 000,182,687 | ---- | M] () -- C:\Documents and Settings\ŻWIREK\Pulpit\Greenshot_2010-12-05_11-55-03.jpg [2010-12-05 11:19:17 | 000,458,260 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-12-05 11:19:17 | 000,079,606 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-12-05 11:19:16 | 000,401,398 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-12-05 11:19:16 | 000,062,678 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-12-05 10:12:27 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2010-12-04 23:19:40 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2010-12-04 23:09:21 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk [2010-12-04 18:17:41 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-12-04 12:30:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-12-03 07:30:27 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2010-12-02 21:48:17 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav [2010-12-02 21:48:17 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav [2010-12-02 18:52:59 | 004,988,799 | ---- | M] () -- C:\Documents and Settings\ŻWIREK\Pulpit\instrukcja philips odkurzacz.pdf [2010-12-02 10:23:19 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\ŻWIREK\Pulpit\SpeedswitchXP.lnk [2010-12-02 09:53:23 | 000,005,029 | ---- | M] () -- C:\WirelessDiagLog.csv [2010-12-01 22:44:59 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\ŻWIREK\Moje dokumenty\spider.sav [2010-11-30 09:16:15 | 000,000,778 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CPUID HWMonitor.lnk [2010-11-29 00:35:00 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CPUID CPU-Z.lnk [2010-11-26 22:27:00 | 000,083,778 | ---- | M] () -- C:\Documents and Settings\ŻWIREK\Pulpit\4575_1187_500.jpg [2010-11-26 22:02:22 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\ŻWIREK\Pulpit\6002734646583_1_eb290052.jpg.sha [2010-11-26 22:02:22 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\ŻWIREK\Pulpit\6002734646583_1_eb290052.jpg [2010-11-24 15:06:41 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SWiSH Max4.lnk [2010-11-24 14:37:53 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Alligator Flash Designer 8 PL.lnk [2010-11-24 13:22:52 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-11-24 12:36:35 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-LAPTOP-ŻWIREK.job [2010-11-23 14:11:33 | 000,000,873 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf [2010-11-22 23:22:16 | 000,495,809 | ---- | M] () -- C:\WINDOWS\auto sfullhd.jpg [2010-11-22 23:14:43 | 000,303,798 | ---- | M] () -- C:\WINDOWS\woda hd.jpg [2010-11-13 17:44:54 | 000,000,052 | ---- | M] () -- C:\WINDOWS\ETKINST.INI [2010-11-13 08:43:40 | 000,126,522 | ---- | M] () -- C:\test_sect.zip [2010-11-09 14:35:30 | 000,021,992 | ---- | M] (CPUID) -- C:\WINDOWS\System32\drivers\cpuz135_x32.sys [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-12-05 11:58:38 | 000,136,971 | ---- | C] () -- C:\Documents and Settings\ŻWIREK\Pulpit\Greenshot_2010-12-05_11-58-32.jpg [2010-12-05 11:56:52 | 000,170,778 | ---- | C] () -- C:\Documents and Settings\ŻWIREK\Pulpit\Greenshot_2010-12-05_11-56-43.jpg [2010-12-05 11:55:39 | 000,182,687 | ---- | C] () -- C:\Documents and Settings\ŻWIREK\Pulpit\Greenshot_2010-12-05_11-55-03.jpg [2010-12-04 23:32:27 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2010-12-04 23:22:07 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010-12-04 23:22:07 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job [2010-12-04 23:22:06 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job [2010-12-04 23:22:05 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job [2010-12-04 23:22:05 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job [2010-12-04 23:09:21 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk [2010-12-02 21:48:17 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav [2010-12-02 21:48:17 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav [2010-12-02 18:52:59 | 004,988,799 | ---- | C] () -- C:\Documents and Settings\ŻWIREK\Pulpit\instrukcja philips odkurzacz.pdf [2010-12-02 16:48:00 | 000,002,354 | ---- | C] () -- C:\Documents and Settings\ŻWIREK\keylog.log [2010-12-02 10:23:19 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\ŻWIREK\Pulpit\SpeedswitchXP.lnk [2010-11-30 09:16:15 | 000,000,778 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CPUID HWMonitor.lnk [2010-11-29 00:35:00 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CPUID CPU-Z.lnk [2010-11-26 22:27:00 | 000,083,778 | ---- | C] () -- C:\Documents and Settings\ŻWIREK\Pulpit\4575_1187_500.jpg [2010-11-26 22:02:22 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\ŻWIREK\Pulpit\6002734646583_1_eb290052.jpg.sha [2010-11-26 22:02:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ŻWIREK\Pulpit\6002734646583_1_eb290052.jpg [2010-11-24 15:06:41 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\SWiSH Max4.lnk [2010-11-24 14:37:53 | 000,001,821 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Alligator Flash Designer 8 PL.lnk [2010-11-24 12:36:35 | 000,000,344 | ---- | C] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-LAPTOP-ŻWIREK.job [2010-11-23 14:11:33 | 000,000,873 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf [2010-11-22 23:22:15 | 000,495,809 | ---- | C] () -- C:\WINDOWS\auto sfullhd.jpg [2010-11-22 23:14:42 | 000,303,798 | ---- | C] () -- C:\WINDOWS\woda hd.jpg [2010-11-13 17:31:11 | 000,000,052 | ---- | C] () -- C:\WINDOWS\ETKINST.INI [2010-11-11 13:28:01 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-10-23 21:50:28 | 000,000,009 | ---- | C] () -- C:\WINDOWS\wiatraczki.ini [2010-05-15 22:03:13 | 000,494,557 | ---- | C] () -- C:\WINDOWS\System32\dxgi.dll [2010-05-15 22:03:13 | 000,025,037 | ---- | C] () -- C:\WINDOWS\System32\Nucleus.dll [2010-05-15 22:03:12 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d_33.dll [2010-05-15 22:03:12 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d.dll [2010-05-15 22:03:11 | 000,566,624 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll [2010-05-08 18:21:38 | 000,000,048 | ---- | C] () -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\ItDb.enc [2010-04-11 23:21:21 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-04-11 22:59:07 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-04-11 22:59:06 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2010-04-02 19:14:30 | 000,207,360 | ---- | C] () -- C:\WINDOWS\System32\evrprop.dll [2010-04-02 19:13:30 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll [2010-04-02 19:13:29 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll [2010-03-29 20:51:40 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2010-03-28 21:57:02 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-03-28 21:24:42 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010-03-28 20:51:30 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2010-03-28 20:48:48 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll [2010-03-28 19:39:30 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\ŻWIREK\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-03-28 17:49:13 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\ŻWIREK\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-03-28 00:02:27 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-03-27 23:16:44 | 000,000,996 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2006-11-02 08:27:46 | 000,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini [1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2010-03-28 00:25:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-05-02 22:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-10-17 22:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PassMark [2010-11-24 12:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe [2010-12-04 21:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-12-04 23:09:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} [2010-03-29 16:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ANIA\Dane aplikacji\Gadu-Gadu [2010-04-10 22:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\AutoUpdate [2010-03-28 22:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\BESTplayer [2010-09-02 10:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010-05-02 23:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\DAEMON Tools Lite [2010-12-03 11:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\DMCache [2010-03-29 16:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Gadu-Gadu [2010-12-05 11:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Greenshot [2010-11-22 22:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\HateML2 [2010-12-02 20:37:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\IDM [2010-12-01 11:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\Kamerzysta [2010-11-24 15:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\SWiSH Max4 [2010-04-11 23:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ŻWIREK\Dane aplikacji\URSoft [2010-12-05 17:25:56 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job [2010-12-05 17:25:58 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job [2010-12-05 17:25:59 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job [2010-12-05 17:26:01 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job [2010-12-05 17:26:03 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1CE11B51 @Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:0E08FC17 < End of report >