OTL logfile created on: 2010-12-06 02:35:05 - Run 9 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\O\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 87,03 Gb Free Space | 89,12% Space Free | Partition Type: NTFS Drive D: | 97,65 Gb Total Space | 92,18 Gb Free Space | 94,39% Space Free | Partition Type: NTFS Drive E: | 97,65 Gb Total Space | 84,04 Gb Free Space | 86,05% Space Free | Partition Type: NTFS Drive F: | 172,79 Gb Total Space | 143,33 Gb Free Space | 82,95% Space Free | Partition Type: NTFS Computer Name: ODRA1 | User Name: O | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-12-06 01:56:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\O\Pulpit\OTL.exe PRC - [2010-09-07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2009-09-23 15:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files\Panda USB Vaccine\USBVaccine.exe PRC - [2009-03-05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-06-18 09:31:02 | 000,067,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-12-06 01:56:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\O\Pulpit\OTL.exe MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-09-01 14:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-09-07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-09-07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-09-07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-09-07 15:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-09-07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-09-07 15:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009-07-21 17:30:48 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2008-04-14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008-04-13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2004-07-28 08:15:38 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2004-07-28 08:15:36 | 000,033,024 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2004-06-21 09:53:20 | 000,626,204 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2004-06-03 03:40:46 | 000,079,360 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus) DRV - [2004-02-24 04:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS) DRV - [2003-10-29 06:02:00 | 000,021,120 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 20:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) DRV - [1997-04-22 09:16:00 | 000,006,272 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASLM75.SYS -- (aslm75) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1757981266-57989841-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.0 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..network.proxy.http: "174.142.24.201" FF - prefs.js..network.proxy.http_port: 3128 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-31 16:57:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-26 12:20:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-08-02 02:10:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009-06-25 14:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\Mozilla\Extensions [2010-12-05 16:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\Mozilla\Firefox\Profiles\pmdzq2mk.default\extensions [2010-05-02 14:07:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\O\Dane aplikacji\Mozilla\Firefox\Profiles\pmdzq2mk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-12-01 13:47:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\Mozilla\Firefox\Profiles\pmdzq2mk.default\extensions\firebug@software.joehewitt.com [2010-12-05 16:24:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-05-13 17:25:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-10-25 18:31:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-10-25 18:31:05 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-10-10 15:14:31 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-10-10 15:14:31 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-10-10 15:14:31 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-10-10 15:14:31 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-10-10 15:14:31 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-10-10 15:14:31 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-12-05 21:04:34 | 000,427,019 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 www.163ns.com O1 - Hosts: 127.0.0.1 163ns.com O1 - Hosts: 14707 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-1757981266-57989841-1417001333-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Documents and Settings\O\Menu Start\Programy\Autostart\PandaUSBVaccine.lnk = C:\Program Files\Panda USB Vaccine\USBVaccine.exe (Panda Security) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1757981266-57989841-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-23 18:02:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-12-06 01:56:15 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\O\Pulpit\OTL.exe [2010-12-06 01:24:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\O\Pulpit\tekstowe [2010-12-06 01:20:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\O\Recent [2010-11-18 18:21:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\O\Ustawienia lokalne\Dane aplikacji\S2 [2010-11-18 18:21:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\O\Moje dokumenty\S2 [2010-11-18 18:20:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\O\Dane aplikacji\SecuROM [2010-11-18 18:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\O\Moje dokumenty\Nowy folder [2010-11-15 19:37:41 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2010-11-09 06:26:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\O\amaya [2010-11-08 06:37:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\O\Dane aplikacji\Virtual Mechanics [2010-11-08 06:37:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Virtual Mechanics [2010-11-08 06:37:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\O\Moje dokumenty\My IMS Projects [2010-11-07 04:36:21 | 000,213,856 | ---- | C] (Incomedia - www.websitex5.com) -- C:\WINDOWS\System32\iwpsetup.exe [2010-11-07 04:36:21 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5STKIT.DLL [2005-06-29 06:09:08 | 000,192,512 | R--- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-12-06 01:56:41 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\O\Pulpit\q14oogdj.exe [2010-12-06 01:56:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\O\Pulpit\OTL.exe [2010-12-06 01:29:52 | 000,001,461 | ---- | M] () -- C:\WINDOWS\brydz3.ini [2010-12-06 01:29:52 | 000,000,009 | ---- | M] () -- C:\WINDOWS\osoba3.cfg [2010-12-06 01:19:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-12-06 01:19:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-06 01:18:26 | 009,175,040 | -H-- | M] () -- C:\Documents and Settings\O\NTUSER.DAT [2010-12-06 01:18:26 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\O\ntuser.ini [2010-12-05 21:04:34 | 000,427,019 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-12-05 17:07:30 | 000,427,019 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101205-210434.backup [2010-12-03 16:08:36 | 000,427,019 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101205-170730.backup [2010-12-03 14:51:04 | 000,000,593 | ---- | M] () -- C:\WINDOWS\win.ini [2010-12-03 14:51:04 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-12-03 14:51:04 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010-12-02 22:04:00 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-12-02 11:39:42 | 000,427,019 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101203-160836.backup [2010-12-01 13:57:02 | 000,427,019 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101202-113942.backup [2010-12-01 13:24:23 | 000,427,019 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101201-135702.backup [2010-11-30 16:37:29 | 000,426,329 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101201-132423.backup [2010-11-30 12:47:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-11-29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-11-29 12:58:05 | 000,426,329 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101130-163729.backup [2010-11-28 16:43:46 | 000,426,329 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101129-125805.backup [2010-11-27 17:19:09 | 000,426,329 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101128-164346.backup [2010-11-26 14:08:17 | 000,426,329 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101127-171909.backup [2010-11-26 12:03:16 | 000,426,329 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101126-140817.backup [2010-11-26 11:47:14 | 000,426,329 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101126-120316.backup [2010-11-26 10:35:11 | 000,426,329 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101126-114714.backup [2010-11-25 20:17:29 | 000,057,558 | ---- | M] () -- C:\Documents and Settings\O\.recently-used.xbel [2010-11-25 11:48:42 | 000,426,329 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101126-103511.backup [2010-11-25 11:23:15 | 000,001,663 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FileZilla Client.lnk [2010-11-25 11:23:05 | 004,251,204 | ---- | M] () -- C:\Documents and Settings\O\Pulpit\FileZilla_3.3.5.1_win32-setup.exe [2010-11-25 11:12:17 | 000,002,890 | ---- | M] () -- C:\Documents and Settings\O\wincmd.ini [2010-11-24 15:03:43 | 000,426,329 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101125-114842.backup [2010-11-24 12:09:05 | 000,426,251 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101124-150343.backup [2010-11-23 17:27:47 | 000,426,251 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101124-120905.backup [2010-11-22 11:10:47 | 000,426,251 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101123-172747.backup [2010-11-20 11:25:06 | 000,426,251 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101122-111047.backup [2010-11-20 10:49:26 | 000,426,251 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101120-112506.backup [2010-11-19 19:57:40 | 000,426,251 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101120-104926.backup [2010-11-18 19:42:07 | 002,637,728 | -H-- | M] () -- C:\Documents and Settings\O\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-11-18 07:02:24 | 000,426,251 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101119-195740.backup [2010-11-17 21:09:43 | 000,426,251 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101118-070224.backup [2010-11-17 21:09:34 | 000,426,251 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101117-210943.backup [2010-11-17 11:36:09 | 000,425,805 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101117-210934.backup [2010-11-16 09:22:19 | 000,425,805 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101117-113609.backup [2010-11-15 19:35:54 | 000,425,805 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101116-092219.backup [2010-11-15 19:23:47 | 000,425,805 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101115-193554.backup [2010-11-15 18:06:09 | 000,425,805 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101115-192347.backup [2010-11-15 08:40:51 | 000,425,805 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101115-180609.backup [2010-11-15 05:08:02 | 000,425,805 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101115-084051.backup [2010-11-13 09:57:42 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\O\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-10 19:45:48 | 000,425,805 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101115-050802.backup [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-12-06 01:56:41 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\O\Pulpit\q14oogdj.exe [2010-11-25 20:17:29 | 000,057,558 | ---- | C] () -- C:\Documents and Settings\O\.recently-used.xbel [2010-11-25 11:23:00 | 004,251,204 | ---- | C] () -- C:\Documents and Settings\O\Pulpit\FileZilla_3.3.5.1_win32-setup.exe [2010-11-07 04:36:21 | 000,006,114 | ---- | C] () -- C:\WINDOWS\System32\SHELLLNK.TLB [2010-08-02 02:17:50 | 000,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys [2010-08-02 02:17:50 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\5A1319F6CC.sys [2010-02-14 21:28:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\O\Dane aplikacji\downloads.m3u [2009-09-09 06:52:00 | 000,001,461 | ---- | C] () -- C:\WINDOWS\brydz3.ini [2009-09-02 04:49:35 | 000,018,976 | ---- | C] () -- C:\Documents and Settings\O\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-09-01 03:26:38 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\O\Dane aplikacji\default.rss [2009-09-01 03:25:54 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-07-13 13:08:46 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2009-06-29 16:12:22 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\O\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-06-26 11:48:18 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-06-26 11:48:16 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-06-26 11:48:15 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-06-26 11:48:15 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-06-23 19:51:50 | 001,071,972 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-06-23 19:51:49 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009-06-23 19:51:25 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2009-06-23 18:24:17 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\O\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-06-23 18:21:31 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009-06-23 18:16:59 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS [2009-06-23 18:15:20 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2009-06-23 18:15:18 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2009-06-23 18:15:09 | 000,000,455 | ---- | C] () -- C:\WINDOWS\alsndmgr.ini [2009-06-23 18:13:17 | 002,637,728 | -H-- | C] () -- C:\Documents and Settings\O\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-06-23 18:11:52 | 000,004,839 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009-06-23 18:11:51 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009-06-23 18:07:53 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\O\Dane aplikacji\desktop.ini [2009-06-23 18:02:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2009-06-23 18:00:17 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2009-06-23 18:00:17 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2009-06-23 17:59:21 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2009-06-23 17:59:20 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2008-04-15 13:00:00 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2008-04-15 13:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2008-04-15 13:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll [2008-04-15 13:00:00 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2008-04-15 13:00:00 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll [2008-04-15 13:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2008-04-15 13:00:00 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2008-04-15 13:00:00 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2008-04-15 13:00:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2008-04-15 13:00:00 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2008-04-15 13:00:00 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2008-04-15 13:00:00 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2008-04-15 13:00:00 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2008-04-15 13:00:00 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2008-04-15 13:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2008-04-15 13:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2008-04-15 13:00:00 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2008-04-15 13:00:00 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2008-04-15 13:00:00 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2008-04-15 13:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2008-04-15 13:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2008-04-15 13:00:00 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2008-04-15 13:00:00 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2008-04-15 13:00:00 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2008-04-15 13:00:00 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2008-04-15 13:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2008-04-15 13:00:00 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2008-04-15 13:00:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [2008-04-15 13:00:00 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2008-04-15 13:00:00 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2008-04-15 13:00:00 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2008-04-15 13:00:00 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2008-04-15 13:00:00 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2008-04-15 13:00:00 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2008-04-15 13:00:00 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2008-04-15 13:00:00 | 000,000,593 | ---- | C] () -- C:\WINDOWS\win.ini [2008-04-15 13:00:00 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2008-04-15 13:00:00 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll [color=#E56717]========== LOP Check ==========[/color] [2009-10-12 22:03:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Notepad++ [2009-08-23 22:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2009-09-02 04:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Windows Search [2010-07-12 17:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2009-10-16 23:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security [2010-08-02 03:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems [2010-11-08 06:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Virtual Mechanics [2010-11-25 11:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\FileZilla [2009-09-01 20:43:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\Gadu-Gadu [2010-11-25 20:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\gtk-2.0 [2009-10-09 05:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\Notepad++ [2009-09-01 20:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\Nowe Gadu-Gadu [2009-06-25 15:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\OpenFM [2009-06-25 15:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\OpenOffice.org [2009-06-23 19:59:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\Opera [2009-09-01 21:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\Spik [2009-10-06 02:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\Thunderbird [2010-11-08 06:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\Virtual Mechanics [2009-08-26 20:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\O\Dane aplikacji\Windows Search [color=#E56717]========== Purity Check ==========[/color] < End of report >