OTL logfile created on: 2011-09-30 16:42:28 - Run 2
OTL by OldTimer - Version 3.2.29.1     Folder = G:\Uratowaniowe
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,25 Gb Total Physical Memory | 2,82 Gb Available Physical Memory | 86,90% Memory free
5,09 Gb Paging File | 4,86 Gb Available in Paging File | 95,58% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 298,09 Gb Total Space | 160,72 Gb Free Space | 53,92% Space Free | Partition Type: NTFS
Drive D: | 149,04 Gb Total Space | 67,75 Gb Free Space | 45,46% Space Free | Partition Type: NTFS
Drive G: | 1,89 Gb Total Space | 0,47 Gb Free Space | 24,83% Space Free | Partition Type: FAT
 
Computer Name: DOMOWY | User Name: Roberto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011-09-29 15:44:58 | 000,582,656 | ---- | M] (OldTimer Tools) -- G:\Uratowaniowe\OTL.exe
PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- D:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe
PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- D:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2009-01-09 21:53:06 | 007,418,368 | ---- | M] (OpenOffice.org) -- D:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009-01-09 21:53:02 | 007,424,000 | ---- | M] (OpenOffice.org) -- D:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2007-05-16 10:27:38 | 001,209,904 | ---- | M] (Nero AG) -- D:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007-05-16 10:27:16 | 000,153,136 | ---- | M] (Nero AG) -- D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2009-03-25 17:15:00 | 000,094,720 | ---- | M] () -- D:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2008-07-29 14:55:14 | 000,969,728 | ---- | M] () -- D:\Program Files\OpenOffice.org 3\program\libxml2.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] --  -- (wuauserv)
SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- D:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009-01-18 15:10:03 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008-12-01 12:01:02 | 000,033,752 | ---- | M] (NOS Microsystems Ltd.) [Disabled | Stopped] -- D:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper) getPlus(R)
SRV - [2008-08-15 06:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008-05-02 00:40:44 | 003,032,360 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- D:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2000-05-24 16:20:36 | 000,015,360 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- D:\WINDOWS\system32\ATMsrvc.exe -- (ATMsrvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011-09-29 12:35:53 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009-08-04 13:04:28 | 000,102,656 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009-08-04 13:04:28 | 000,102,400 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ZTEusbnmeaext.sys -- (ZTEusbnmeaext)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008-10-14 09:10:30 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2008-10-02 20:01:46 | 004,878,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-06-16 10:13:46 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2008-05-02 08:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2008-05-02 08:48:37 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2008-03-17 22:14:52 | 000,015,144 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008-01-15 22:11:46 | 000,013,480 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2007-02-16 21:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007-02-16 02:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [2006-07-01 23:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-06-22 16:25:20 | 000,039,936 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Stopped] -- D:\Program Files\MSI\Core Center\RushTop.sys -- (RushTopDevice)
DRV - [2006-03-22 08:24:02 | 000,018,944 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-03-22 08:24:00 | 000,052,736 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005-12-06 17:11:18 | 000,035,328 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\sfsync03.sys -- (sfsync03) StarForce Protection Synchronization Driver (version 3.x)
DRV - [2005-11-24 20:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005-11-21 07:48:20 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2005-08-10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005-05-16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004-05-13 15:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-05-13 13:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003-09-06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2001-08-17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/ig"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: es-AR@dictionaries.addons.mozilla.org:2.5
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.13
FF - prefs.js..extensions.enabledItems: 
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {9D6218B8-03C7-4b91-AA43-680B305DD35C}:1.7.9.7
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: D:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: D:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: D:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: D:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011-09-07 09:25:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011-06-20 15:31:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2011-06-22 14:02:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: D:\Program Files\Mozilla Thunderbird\plugins [2011-06-20 15:31:20 | 000,000,000 | ---D | M]
 
[2011-06-16 17:14:49 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Roberto\Dane aplikacji\Mozilla\Extensions
[2011-06-16 17:14:49 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Roberto\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011-09-28 10:17:48 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Roberto\Dane aplikacji\Mozilla\Firefox\Profiles\4bd03v5y.default\extensions
[2011-09-24 14:05:12 | 000,000,000 | ---D | M] (Flagfox) -- D:\Documents and Settings\Roberto\Dane aplikacji\Mozilla\Firefox\Profiles\4bd03v5y.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011-09-28 10:09:36 | 000,000,000 | ---D | M] (gry Community Toolbar) -- D:\Documents and Settings\Roberto\Dane aplikacji\Mozilla\Firefox\Profiles\4bd03v5y.default\extensions\{8532a8b7-c06a-41bb-936a-8ce73e4711ed}(2)
[2009-01-26 14:38:33 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- D:\Documents and Settings\Roberto\Dane aplikacji\Mozilla\Firefox\Profiles\4bd03v5y.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2011-06-27 16:42:36 | 000,000,000 | ---D | M] (United States English Spellchecker) -- D:\Documents and Settings\Roberto\Dane aplikacji\Mozilla\Firefox\Profiles\4bd03v5y.default\extensions\en-US@dictionaries.addons.mozilla.org
[2011-01-30 21:53:53 | 000,000,000 | ---D | M] (Diccionario español Argentina) -- D:\Documents and Settings\Roberto\Dane aplikacji\Mozilla\Firefox\Profiles\4bd03v5y.default\extensions\es-AR@dictionaries.addons.mozilla.org
[2011-06-14 10:23:25 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2011-06-14 10:23:25 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- D:\DOCUMENTS AND SETTINGS\ROBERTO\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\4BD03V5Y.DEFAULT\EXTENSIONS\{9D6218B8-03C7-4B91-AA43-680B305DD35C}.XPI
[2009-08-08 22:31:40 | 000,000,000 | ---D | M] (Java Quick Starter) -- D:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-09-07 09:25:16 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- D:\Program Files\mozilla firefox\plugins\npwachk.dll
[2007-03-10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- D:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2011-05-14 20:39:10 | 000,002,767 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-05-14 20:39:10 | 000,001,406 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-05-14 20:39:10 | 000,000,917 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-05-14 20:39:10 | 000,000,858 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-05-14 20:39:10 | 000,001,183 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-05-14 20:39:10 | 000,001,683 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2011-09-30 16:29:36 | 000,000,098 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O4 - HKLM..\Run: [Adobe_ID0ENQBO] D:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] D:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Anti-Trojan-Watch] D:\Program Files\Anti-Trojan-55\ATWatch.exe File not found
O4 - HKLM..\Run: [AT-Watch]  File not found
O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Program Files\OrangeBS\BEWInternet-PL-IEW\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] D:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] D:\WINDOWS\System32\nwiz.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - Startup: D:\Documents and Settings\Roberto\Menu Start\Programy\Autostart\OpenOffice.org 3.0.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) -D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) -  File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) -  File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-09-19 18:52:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 7 Days ==========[/color]
 
[2011-09-30 12:42:56 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2011-09-30 12:05:31 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\xircom
[2011-09-30 12:05:31 | 000,000,000 | ---D | C] -- D:\Program Files\xerox
[2011-09-30 12:05:30 | 000,000,000 | ---D | C] -- D:\Program Files\microsoft frontpage
[2011-09-30 11:13:22 | 000,518,144 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWREG.exe
[2011-09-30 11:13:22 | 000,406,528 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWSC.exe
[2011-09-30 11:13:22 | 000,212,480 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWXCACLS.exe
[2011-09-30 11:13:22 | 000,060,416 | ---- | C] (NirSoft) -- D:\WINDOWS\NIRCMD.exe
[2011-09-30 11:13:17 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERDNT
[2011-09-30 11:13:17 | 000,000,000 | ---D | C] -- D:\ComboFix
[2011-09-30 11:11:25 | 000,000,000 | ---D | C] -- D:\Qoobox
[2011-09-29 12:09:21 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-09-29 12:09:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Roberto\Dane aplikacji\Malwarebytes
[2011-09-29 12:09:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2011-09-28 18:58:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-09-28 18:58:30 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Roberto\Moje dokumenty\Simply Super Software
[2011-09-28 18:58:22 | 000,069,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ztvcabinet.dll
[2011-09-28 18:58:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Roberto\Dane aplikacji\Simply Super Software
[2011-09-28 18:58:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Simply Super Software
[2011-09-28 14:52:46 | 000,000,000 | ---D | C] -- D:\WINDOWS\CSC
[2011-09-28 10:00:52 | 000,000,000 | ---D | C] -- D:\WINDOWS\pss
[2011-09-24 15:13:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Roberto\Pulpit\world
 
[color=#E56717]========== Files - Modified Within 7 Days ==========[/color]
 
[2011-09-30 16:40:40 | 000,199,819 | ---- | M] () -- D:\WINDOWS\System32\nvapps.xml
[2011-09-30 16:29:36 | 000,000,098 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\Hosts
[2011-09-30 15:51:49 | 000,011,170 | ---- | M] () -- D:\sade vnr.xmp
[2011-09-29 12:35:53 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-09-28 15:59:26 | 000,000,094 | ---- | M] () -- D:\Documents and Settings\Roberto\default.pls
[2011-09-28 15:59:23 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2011-09-28 10:13:12 | 002,292,072 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2011-09-28 09:48:50 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011-09-30 11:13:22 | 000,256,000 | ---- | C] () -- D:\WINDOWS\PEV.exe
[2011-09-30 11:13:22 | 000,208,896 | ---- | C] () -- D:\WINDOWS\MBR.exe
[2011-09-30 11:13:22 | 000,098,816 | ---- | C] () -- D:\WINDOWS\sed.exe
[2011-09-30 11:13:22 | 000,080,412 | ---- | C] () -- D:\WINDOWS\grep.exe
[2011-09-30 11:13:22 | 000,068,096 | ---- | C] () -- D:\WINDOWS\zip.exe
[2011-09-28 18:58:22 | 000,162,304 | ---- | C] () -- D:\WINDOWS\System32\ztvunrar36.dll
[2011-09-28 18:58:22 | 000,153,088 | ---- | C] () -- D:\WINDOWS\System32\UNRAR3.dll
[2011-09-28 18:58:22 | 000,077,312 | ---- | C] () -- D:\WINDOWS\System32\ztvunace26.dll
[2011-09-28 18:58:22 | 000,075,264 | ---- | C] () -- D:\WINDOWS\System32\unacev2.dll
[2011-08-13 16:49:12 | 000,217,088 | ---- | C] () -- D:\WINDOWS\NVGfxOgl.dll
[2011-08-09 19:15:29 | 000,004,096 | ---- | C] () -- D:\WINDOWS\d3dx.dat
[2011-02-11 22:32:31 | 000,000,211 | ---- | C] () -- D:\WINDOWS\wininit.ini
[2010-12-05 17:30:10 | 000,092,576 | ---- | C] () -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-11-24 23:09:09 | 000,000,602 | ---- | C] () -- D:\WINDOWS\eReg.dat
[2010-11-11 19:58:33 | 000,000,316 | ---- | C] () -- D:\WINDOWS\game.ini
[2010-10-18 11:24:13 | 000,000,000 | ---- | C] () -- D:\WINDOWS\iPlayer.INI
[2010-08-26 15:14:30 | 000,063,488 | ---- | C] () -- D:\WINDOWS\xobglu16.dll
[2010-08-26 15:14:30 | 000,023,552 | ---- | C] () -- D:\WINDOWS\xobglu32.dll
[2010-05-17 22:34:07 | 000,165,376 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2010-05-17 22:34:07 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini
[2010-05-17 22:34:05 | 003,297,280 | ---- | C] () -- D:\WINDOWS\System32\x264vfw.dll
[2010-05-17 22:34:03 | 000,881,664 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2010-05-17 22:34:03 | 000,205,824 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2010-05-17 22:33:58 | 003,596,288 | ---- | C] () -- D:\WINDOWS\System32\qt-dx331.dll
[2010-05-17 22:33:57 | 000,085,504 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll
[2010-02-19 23:44:06 | 000,354,816 | ---- | C] () -- D:\WINDOWS\System32\psisdecd.dll
[2010-02-17 13:55:37 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\GTW32N50.dll
[2010-02-12 14:55:38 | 000,043,520 | ---- | C] () -- D:\WINDOWS\System32\CmdLineExt03.dll
[2010-01-19 20:54:24 | 000,000,064 | RHS- | C] () -- D:\WINDOWS\FADA046FBF80360B.bin
[2009-08-07 20:52:52 | 000,000,056 | -H-- | C] () -- D:\WINDOWS\System32\ezsidmv.dat
[2009-06-01 11:38:44 | 000,000,232 | ---- | C] () -- D:\WINDOWS\DVDFabGold.INI
[2009-02-23 17:11:31 | 000,000,085 | -HS- | C] () -- D:\Documents and Settings\All Users\Dane aplikacji\.zreglib
[2009-02-18 00:12:14 | 000,000,030 | ---- | C] () -- D:\WINDOWS\TextSpy.ini
[2009-02-03 15:52:05 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2009-01-19 22:21:24 | 002,292,072 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2009-01-18 14:27:13 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2009-01-18 14:17:53 | 000,004,293 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2009-01-18 14:13:20 | 000,123,392 | ---- | C] () -- D:\Documents and Settings\Roberto\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-01-18 13:32:48 | 000,050,105 | ---- | C] () -- D:\WINDOWS\activ.exe
[2009-01-18 13:30:00 | 000,021,856 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2008-05-03 09:24:01 | 000,000,082 | ---- | C] () -- D:\WINDOWS\System32\oeminfo.ini
[2008-04-14 23:16:20 | 000,001,804 | ---- | C] () -- D:\WINDOWS\System32\Dcache.bin
[2007-12-05 02:41:00 | 001,724,416 | ---- | C] () -- D:\WINDOWS\System32\nvwdmcpl.dll
[2007-12-05 02:41:00 | 001,657,376 | ---- | C] () -- D:\WINDOWS\System32\nwiz.exe
[2007-12-05 02:41:00 | 001,507,328 | ---- | C] () -- D:\WINDOWS\System32\nview.dll
[2007-12-05 02:41:00 | 001,346,080 | ---- | C] () -- D:\WINDOWS\System32\nvdspsch.exe
[2007-12-05 02:41:00 | 001,101,824 | ---- | C] () -- D:\WINDOWS\System32\nvwimg.dll
[2007-12-05 02:41:00 | 000,466,944 | ---- | C] () -- D:\WINDOWS\System32\nvshell.dll
[2007-12-05 02:41:00 | 000,449,056 | ---- | C] () -- D:\WINDOWS\System32\nvappbar.exe
[2007-12-05 02:41:00 | 000,436,768 | ---- | C] () -- D:\WINDOWS\System32\keystone.exe
[2007-12-05 02:41:00 | 000,286,720 | ---- | C] () -- D:\WINDOWS\System32\nvnt4cpl.dll
[2007-10-12 23:20:06 | 000,151,417 | ---- | C] () -- D:\WINDOWS\System32\xlive.dll.cat
[2006-12-31 08:57:08 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2001-10-26 18:15:16 | 000,490,284 | ---- | C] () -- D:\WINDOWS\System32\perfh015.dat
[2001-10-26 18:15:16 | 000,313,828 | ---- | C] () -- D:\WINDOWS\System32\perfi015.dat
[2001-10-26 18:15:16 | 000,083,660 | ---- | C] () -- D:\WINDOWS\System32\perfc015.dat
[2001-10-26 18:15:16 | 000,034,990 | ---- | C] () -- D:\WINDOWS\System32\perfd015.dat
[2001-08-23 15:00:00 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2001-08-23 15:00:00 | 000,004,463 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2001-08-17 23:30:24 | 000,432,356 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2001-08-17 23:30:24 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2001-08-17 23:30:24 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2001-08-17 23:30:22 | 000,067,312 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2001-08-17 23:15:38 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2001-07-22 00:36:48 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2001-07-22 00:36:04 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2001-07-22 00:24:16 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat
[2000-09-12 12:58:26 | 000,160,256 | ---- | C] () -- D:\WINDOWS\System32\ShrLk21.dll
[2000-01-28 01:00:00 | 000,061,440 | ---- | C] () -- D:\WINDOWS\System32\wrkgadm.exe
[2000-01-28 01:00:00 | 000,012,288 | ---- | C] () -- D:\WINDOWS\System32\HLINKPRX.DLL

< End of report >