OTL logfile created on: 2012-10-17 19:28:41 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = G:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2600.0000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1023,48 Mb Total Physical Memory | 353,59 Mb Available Physical Memory | 34,55% Memory free
2,40 Gb Paging File | 1,82 Gb Available in Paging File | 75,75% Paging File free
Paging file location(s): D:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 28,51 Gb Total Space | 20,78 Gb Free Space | 72,89% Space Free | Partition Type: FAT32
Drive D: | 27,36 Gb Total Space | 0,10 Gb Free Space | 0,37% Space Free | Partition Type: FAT32
Drive G: | 7,35 Gb Total Space | 7,01 Gb Free Space | 95,25% Space Free | Partition Type: FAT32
 
Computer Name: PC | User Name: serwis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-10-17 18:29:14 | 000,302,592 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\trcnndkl.exe
PRC - [2012-10-16 21:51:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\OTL.com
PRC - [2012-09-07 15:29:44 | 000,129,648 | ---- | M] (ArcaBit) -- D:\Program Files\ArcaBit\Common\ArcaTasksService.exe
PRC - [2012-08-21 22:33:32 | 000,510,576 | ---- | M] (ArcaBit) -- D:\Program Files\ArcaBit\ArcaVir\AVMenu.exe
PRC - [2012-05-28 17:02:40 | 000,159,232 | ---- | M] (ArcaBit) -- D:\Program Files\ArcaBit\ArcaVir\ArcaMainSV.exe
PRC - [2012-05-28 17:02:36 | 000,555,632 | ---- | M] () -- D:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe
PRC - [2012-04-14 12:35:28 | 000,129,616 | ---- | M] (ArcaBit) -- D:\Program Files\ArcaBit\ArcaUpdate\update.exe
PRC - [2012-02-08 14:54:20 | 000,186,960 | ---- | M] (ArcaBit) -- D:\Program Files\ArcaBit\ArcaTools\ArcaBackup\ArcaBackupService.exe
PRC - [2012-01-09 13:38:18 | 000,141,904 | ---- | M] (ArcaBit) -- D:\Program Files\ArcaBit\Common\ArcaConfSV.exe
PRC - [2010-04-16 11:32:48 | 000,058,936 | ---- | M] (Hewlett-Packard Company) -- D:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe
PRC - [2010-04-12 09:13:08 | 000,142,336 | ---- | M] (HP) -- D:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2008-04-14 22:51:42 | 000,073,796 | ---- | M] (Smart Link) -- D:\WINDOWS\system32\slserv.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-10-17 18:29:14 | 000,302,592 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\trcnndkl.exe
MOD - [2012-06-18 21:34:42 | 003,186,688 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012-06-18 21:34:40 | 000,970,752 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
MOD - [2012-06-18 21:34:38 | 000,425,984 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2012-06-18 21:34:36 | 004,550,656 | ---- | M] () -- D:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2012-06-18 21:34:32 | 000,630,784 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012-06-18 21:34:32 | 000,303,104 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012-06-18 21:34:30 | 000,131,072 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
MOD - [2012-06-18 21:34:28 | 002,048,000 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2012-06-18 21:34:26 | 000,114,688 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2012-06-18 21:34:24 | 000,010,752 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2012-06-18 21:34:18 | 005,025,792 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012-06-18 21:34:10 | 005,246,976 | ---- | M] () -- D:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2012-05-28 17:02:36 | 000,555,632 | ---- | M] () -- D:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe
MOD - [2010-04-16 11:29:52 | 000,119,864 | ---- | M] () -- D:\Program Files\HP\ToolboxFX\bin\NativeUtils.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] -- D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - File not found [On_Demand | Stopped] -- D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2012-09-07 15:29:44 | 000,129,648 | ---- | M] (ArcaBit) [Auto | Running] -- D:\Program Files\ArcaBit\Common\ArcaTasksService.exe -- (AVTasks2)
SRV - [2012-08-22 16:33:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-05-28 17:02:40 | 000,159,232 | ---- | M] (ArcaBit) [Auto | Running] -- D:\Program Files\ArcaBit\ArcaVir\ArcaMainSV.exe -- (ABMainSV)
SRV - [2012-05-28 17:02:36 | 000,555,632 | ---- | M] () [Auto | Running] -- D:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe -- (ArcaRemoteService)
SRV - [2012-04-14 12:35:28 | 000,129,616 | ---- | M] (ArcaBit) [Auto | Running] -- D:\Program Files\ArcaBit\ArcaUpdate\update.exe -- (AVUpdate)
SRV - [2012-02-08 14:54:20 | 000,186,960 | ---- | M] (ArcaBit) [Auto | Running] -- D:\Program Files\ArcaBit\ArcaTools\ArcaBackup\ArcaBackupService.exe -- (AVBackup)
SRV - [2012-01-09 13:38:18 | 000,141,904 | ---- | M] (ArcaBit) [Auto | Running] -- D:\Program Files\ArcaBit\Common\ArcaConfSV.exe -- (ABConfSV)
SRV - [2010-04-12 09:13:08 | 000,142,336 | ---- | M] (HP) [Auto | Running] -- D:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2008-04-14 22:51:42 | 000,073,796 | ---- | M] (Smart Link) [Auto | Running] -- D:\WINDOWS\System32\slserv.exe -- (SLService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\WSTCODEC.SYS -- (WSTCODEC)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\NTACCESS.SYS -- (WEBNTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\StreamIP.sys -- (streamip)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SLIP.sys -- (SLIP)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\8412021.sys -- (setup_9.0.0.722_22.02.2012_22-43drv)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\4140440.sys -- (setup_9.0.0.722_07.02.2011_14-06drv)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Program Files\ArcaBit\ArcaVir\ps_drv.sys -- (ps_drv)
DRV - File not found [Kernel | On_Demand | Unknown] -- D:\DOCUME~1\serwis\USTAWI~1\Temp\pgtdapow.sys -- (pgtdapow)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\NdisIP.sys -- (NdisIP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\NABTSFEC.sys -- (NABTSFEC)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\MSTEE.sys -- (MSTEE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Documents and Settings\Lidia\Pulpit\aaida\aida32.sys -- (FUTUREX)
DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\CCDECODE.sys -- (CCDECODE)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\cam1210.sys -- (CAM1210)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\84120212.sys -- (84120212)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\84120211.sys -- (84120211)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\41404402.sys -- (41404402)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\41404401.sys -- (41404401)
DRV - [2011-09-30 10:29:36 | 000,062,544 | ---- | M] (ArcaBit) [File_System | On_Demand | Running] -- D:\Program Files\ArcaBit\ArcaVir\ABFLT.sys -- (ABFLT)
DRV - [2011-02-21 15:56:58 | 000,037,968 | ---- | M] (ArcaBit) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\abndis.sys -- (ABndisMP)
DRV - [2011-02-21 15:56:58 | 000,037,968 | ---- | M] (ArcaBit) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\abndis.sys -- (ABndis)
DRV - [2010-10-26 13:04:30 | 000,051,280 | ---- | M] (ArcaBit) [Kernel | System | Running] -- D:\Program Files\ArcaBit\ArcaVir\ABTDI.sys -- (ABTDI)
DRV - [2010-04-22 21:58:56 | 000,021,528 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\hppcfaxio.sys -- (HPFXFAX)
DRV - [2010-04-22 21:58:56 | 000,020,504 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\hppcbulkio.sys -- (HPFXBULKLEDM)
DRV - [2008-04-14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-13 23:53:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2008-04-13 23:53:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2008-04-13 23:53:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2008-04-13 23:53:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Stopped] -- D:\WINDOWS\system32\drivers\recagent.sys -- (RecAgent)
DRV - [2008-04-13 23:53:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2008-04-13 23:53:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2008-04-13 23:53:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2007-03-08 14:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1993962763-113007714-1801674531-1004\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL (Microsoft Corporation)
IE - HKU\S-1-5-21-1993962763-113007714-1801674531-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1993962763-113007714-1801674531-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1993962763-113007714-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\WINDOWS\system32\Adobe\Director\np32dsw.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\3.0.40723.0\npctrl.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012-02-26 11:07:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012-02-26 11:07:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins
 
[2012-02-27 16:51:52 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\serwis\Dane aplikacji\Mozilla\Extensions
[2012-05-07 08:15:52 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\serwis\Dane aplikacji\Mozilla\Firefox\Profiles\wk5kyzng.default\extensions
[2006-06-07 17:55:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-02-19 17:58:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\arcabit@www.arcabit.pl
[2007-03-31 08:36:38 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2012-02-25 08:47:24 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2012-02-25 08:47:24 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2012-02-25 08:47:24 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2012-02-25 08:47:24 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll
[2012-02-25 08:47:24 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll
[2006-06-07 17:57:18 | 001,312,392 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2012-02-25 08:47:32 | 000,000,904 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-25 08:47:32 | 000,000,926 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-02-25 08:47:32 | 000,000,866 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-25 08:47:32 | 000,001,198 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-25 08:47:32 | 000,001,693 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
[2012-02-25 08:47:32 | 000,001,419 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
 
O1 HOSTS File: ([2007-10-29 12:00:00 | 000,000,742 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NAVShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NAVShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\msdxm.ocx (Microsoft Corporation)
O3 - HKU\S-1-5-21-1993962763-113007714-1801674531-1004\..\Toolbar\ShellBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM\BROWSEUI.DLL (Microsoft Corporation)
O3 - HKU\S-1-5-21-1993962763-113007714-1801674531-1004\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NAVShExt.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" File not found
O4 - HKLM..\Run: [AvMenu] D:\Program Files\ArcaBit\ArcaVir\AVMenu.exe (ArcaBit)
O4 - HKLM..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe File not found
O4 - HKLM..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime File not found
O4 - HKLM..\Run: [ToolboxFX] D:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [trmbfni] rundll32.exe "D:\Program Files\Internet Explorer\cfgnm.dll",kmrduil File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1993962763-113007714-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00  [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ArcaVir >> - {40525A66-DB98-480D-BCF9-7AF88C1AF438} - D:\Program Files\ArcaBit\WebExtensions\ie\ArcaIEExt.dll (ArcaBit sp. z o.o)
O9 - Extra 'Tools' menuitem : ArcaVir >> - {40525A66-DB98-480D-BCF9-7AF88C1AF438} - D:\Program Files\ArcaBit\WebExtensions\ie\ArcaIEExt.dll (ArcaBit sp. z o.o)
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\WEB\RELATED.HTM ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\WEB\RELATED.HTM ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\SYSTEM\dajava.cab (Reg Error: Key error.)
O16 - DPF: Internet Explorer Classes for Java file://C:\WINDOWS\SYSTEM\iejava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso4.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{87769B5F-6953-448F-8281-75AFA4F0C295}: DhcpNameServer = 62.179.1.63 62.179.1.62
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SYSTEM\URLMON.DLL (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\URLMON.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\URLMON.DLL (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\URLMON.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\URLMON.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\URLMON.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\URLMON.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SYSTEM\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM\URLMON.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - D:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL File not found
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL File not found
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\SYSTEM\MSHTML.DLL (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM\MSHTML.DLL (Microsoft Corporation)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\SYSTEM\msdxm.ocx (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\SYSTEM\URLMON.DLL (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM\URLMON.DLL (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM\URLMON.DLL (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM\URLMON.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\SYSTEM\SHDOC401.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\SYSTEM\WEBCHECK.DLL (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Moduł wstępnego ładowania interfejsu Browseui - C:\WINDOWS\SYSTEM\BROWSEUI.DLL (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Demon buforu kategorii składników - C:\WINDOWS\SYSTEM\BROWSEUI.DLL (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\serwis\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\serwis\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-06-11 16:29:14 | 000,000,238 | ---- | M] () - C:\AutoExec.bat -- [ FAT32 ]
O32 - AutoRun File - [2012-10-16 20:21:14 | 000,000,000 | ---D | M] - G:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-10-17 18:56:24 | 000,000,000 | ---D | C] -- D:\WINDOWS\LastGood
[2012-10-16 21:18:28 | 000,000,000 | --SD | C] -- D:\ComboFix
[2012-10-16 20:43:49 | 000,518,144 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWREG.exe
[2012-10-16 20:43:49 | 000,406,528 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWSC.exe
[2012-10-16 20:43:49 | 000,212,480 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWXCACLS.exe
[2012-10-16 20:43:49 | 000,060,416 | ---- | C] (NirSoft) -- D:\WINDOWS\NIRCMD.exe
[2012-10-16 20:43:39 | 000,000,000 | ---D | C] -- D:\Qoobox
[2012-10-16 20:43:36 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2012-10-16 20:43:36 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2012-10-16 20:43:36 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2012-10-16 20:43:11 | 000,000,000 | ---D | C] -- D:\WINDOWS\erdnt
[2012-10-16 20:33:44 | 004,981,258 | R--- | C] (Swearware) -- D:\Documents and Settings\All Users\Pulpit\ComboFix.exe
[2012-10-16 20:03:18 | 000,000,000 | -HSD | C] -- D:\FOUND.004
[6 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-10-17 19:33:02 | 000,000,930 | ---- | M] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-10-17 19:32:44 | 000,000,016 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\trcnndkl.bat
[2012-10-17 19:23:02 | 000,001,080 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-113007714-1801674531-1003Core1cd65d28a701070.job
[2012-10-17 18:55:38 | 000,013,646 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2012-10-17 18:55:26 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2012-10-17 18:29:14 | 000,302,592 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\trcnndkl.exe
[2012-10-16 21:46:46 | 000,000,956 | ---- | M] () -- D:\WINDOWS\WINCMD.INI
[2012-10-16 19:57:00 | 004,981,258 | R--- | M] (Swearware) -- D:\Documents and Settings\All Users\Pulpit\ComboFix.exe
[6 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-10-17 19:22:48 | 000,000,016 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\trcnndkl.bat
[2012-10-17 18:38:53 | 000,302,592 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\trcnndkl.exe
[2012-10-16 21:12:33 | 000,000,956 | ---- | C] () -- D:\WINDOWS\WINCMD.INI
[2012-10-16 20:43:49 | 000,256,000 | ---- | C] () -- D:\WINDOWS\PEV.exe
[2012-10-16 20:43:49 | 000,208,896 | ---- | C] () -- D:\WINDOWS\MBR.exe
[2012-10-16 20:43:49 | 000,098,816 | ---- | C] () -- D:\WINDOWS\sed.exe
[2012-10-16 20:43:49 | 000,080,412 | ---- | C] () -- D:\WINDOWS\grep.exe
[2012-10-16 20:43:49 | 000,068,096 | ---- | C] () -- D:\WINDOWS\zip.exe
[2012-09-07 18:39:09 | 000,512,670 | ---- | C] () -- D:\WINDOWS\System32\prfh0415.dat
[2012-09-07 18:39:09 | 000,091,934 | ---- | C] () -- D:\WINDOWS\System32\prfc0415.dat
[2012-08-24 21:07:38 | 000,003,584 | ---- | C] () -- D:\Documents and Settings\serwis\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-02-29 16:33:51 | 000,002,816 | ---- | C] () -- D:\WINDOWS\wininit.ini
[2012-02-27 22:27:31 | 000,000,608 | -HS- | C] () -- D:\WINDOWS\System32\winzvprt5.sys
[2012-02-27 22:27:31 | 000,000,256 | ---- | C] () -- D:\WINDOWS\System32\hppfaxprinter5.ini
[2012-02-26 18:19:18 | 000,175,616 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2012-02-26 17:08:12 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012-02-26 16:36:44 | 000,000,139 | ---- | C] () -- D:\WINDOWS\Readiris.ini
[2012-02-26 13:04:51 | 000,003,072 | ---- | C] () -- D:\WINDOWS\System32\iacenc.dll
[2012-02-26 12:59:44 | 000,000,427 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2012-02-26 12:05:05 | 000,049,152 | R--- | C] () -- D:\WINDOWS\System32\ChCfg.exe
[2012-02-26 12:04:26 | 000,147,456 | R--- | C] () -- D:\WINDOWS\System32\RtlCPAPI.dll
[2012-02-26 12:04:14 | 000,000,164 | R--- | C] () -- D:\WINDOWS\avrack.ini
[2012-02-26 10:48:52 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2012-02-26 10:39:48 | 000,021,856 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012-02-26 10:26:35 | 000,004,293 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2012-02-26 10:25:21 | 000,154,768 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2004-05-27 09:34:01 | 000,011,232 | -H-- | C] () -- C:\Program Files\folder.htt
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2012-02-26 16:44:30 | 000,000,227 | RHS- | M] () -- D:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011-12-19 09:53:28 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-14 22:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-02-26 16:57:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ArcaBit
[2012-06-14 11:00:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Dane aplikacji\.#
[2012-03-20 12:34:08 | 000,000,000 | -HSD | M] -- D:\Documents and Settings\serwis\Dane aplikacji\.#
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >