OTL logfile created on: 2012-06-26 22:16:00 - Run 3 OTL by OldTimer - Version 3.2.53.0 Folder = F:\ Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 446,05 Mb Total Physical Memory | 187,24 Mb Available Physical Memory | 41,98% Memory free 1,03 Gb Paging File | 0,54 Gb Available in Paging File | 52,84% Paging File free Paging file location(s): D:\pagefile.sys 672 1344 [binary data] %SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files Drive C: | 101,97 Mb Total Space | 97,14 Mb Free Space | 95,26% Space Free | Partition Type: NTFS Drive D: | 15,34 Gb Total Space | 4,16 Gb Free Space | 27,13% Space Free | Partition Type: NTFS Drive F: | 955,72 Mb Total Space | 951,89 Mb Free Space | 99,60% Space Free | Partition Type: FAT Drive G: | 498,24 Mb Total Space | 498,15 Mb Free Space | 99,98% Space Free | Partition Type: FAT32 Computer Name: MONIKA-98467D1B | User Name: monika | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-06-26 17:37:16 | 000,596,992 | ---- | M] (OldTimer Tools) -- F:\OTL1.exe PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011-04-14 16:07:58 | 000,156,992 | ---- | M] (Panda Security, S.L.) -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\TPSrv.exe PRC - [2011-04-13 17:06:56 | 001,000,768 | ---- | M] (Panda Security, S.L.) -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\ApVxdWin.exe PRC - [2010-10-20 15:49:18 | 000,202,048 | ---- | M] (Panda Security, S.L.) -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe PRC - [2010-08-16 14:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\psksvc.exe PRC - [2010-06-04 10:37:50 | 000,314,176 | ---- | M] (Panda Security, S.L.) -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe PRC - [2010-05-28 13:42:32 | 000,225,600 | ---- | M] (Panda Security, S.L.) -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\AVENGINE.EXE PRC - [2010-04-22 18:29:12 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\WebProxy.exe PRC - [2009-08-10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsCtrlS.exe PRC - [2008-06-19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe PRC - [2008-05-09 13:03:40 | 000,176,128 | ---- | M] (S3 Graphics Co., Ltd.) -- D:\WINDOWS\system32\S3Trayp.exe PRC - [2008-05-09 13:03:40 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- D:\WINDOWS\system32\VTTimer.exe PRC - [2008-02-04 17:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- D:\Program Files\Common Files\Panda Security\PavShld\PavPrSrv.exe PRC - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe PRC - [2006-03-06 16:55:32 | 000,086,016 | ---- | M] () -- D:\Program Files\Syntezator mowy\ivo\UniSpiker-2.6\uni_spiker-2.6.exe PRC - [2004-09-29 12:14:36 | 000,069,632 | ---- | M] (HP) -- D:\WINDOWS\system32\HPZipm12.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2007-02-14 13:55:12 | 000,165,424 | ---- | M] () -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\MiniCrypto.dll MOD - [2007-02-14 13:55:12 | 000,099,888 | ---- | M] () -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\APIcr.dll MOD - [2006-09-14 01:20:24 | 000,126,464 | ---- | M] () -- D:\Program Files\Program WinRAR 3.61 (KŚCD21l2006)\WinRAR\RarExt.dll MOD - [2006-05-05 10:26:55 | 000,741,376 | ---- | M] () -- D:\Program Files\Syntezator mowy\ivo\Ivona_Demo-1.0\ivona_sapi4_demo.dll MOD - [2006-04-26 15:51:09 | 000,094,208 | ---- | M] () -- D:\Program Files\Syntezator mowy\ivo\UniSpiker-2.6\voice_api.dll MOD - [2006-03-08 10:29:00 | 012,939,264 | ---- | M] () -- D:\Program Files\Syntezator mowy\ivo\Ivona_Demo-1.0\voices\voice_pl_jl16demo.dll MOD - [2006-03-06 16:55:46 | 000,049,152 | ---- | M] () -- D:\Program Files\Syntezator mowy\ivo\UniSpiker-2.6\plugins\clipboard.dll MOD - [2006-03-06 16:55:42 | 000,049,152 | ---- | M] () -- D:\Program Files\Syntezator mowy\ivo\UniSpiker-2.6\plugins\clock.dll MOD - [2006-03-06 16:55:40 | 000,053,248 | ---- | M] () -- D:\Program Files\Syntezator mowy\ivo\UniSpiker-2.6\plugins\keyboard.dll MOD - [2006-03-06 16:55:36 | 000,126,976 | ---- | M] () -- D:\Program Files\Syntezator mowy\ivo\UniSpiker-2.6\plugins\mail.dll MOD - [2006-03-06 16:55:32 | 000,086,016 | ---- | M] () -- D:\Program Files\Syntezator mowy\ivo\UniSpiker-2.6\uni_spiker-2.6.exe MOD - [2006-03-06 16:55:22 | 000,069,632 | ---- | M] () -- D:\Program Files\Syntezator mowy\ivo\UniSpiker-2.6\unispiker_api.dll MOD - [2004-05-19 11:33:12 | 000,507,904 | ---- | M] () -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\LIBXML2.DLL [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011-04-14 16:07:58 | 000,156,992 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\TPSrv.exe -- (TPSrv) SRV - [2010-10-20 15:49:18 | 000,202,048 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe -- (PAVFNSVR) SRV - [2010-08-16 14:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\psksvc.exe -- (PskSvcRetail) SRV - [2010-06-04 10:37:50 | 000,314,176 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe -- (PAVSRV) SRV - [2009-08-10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsCtrlS.exe -- (Panda Software Controller) SRV - [2008-06-19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- D:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe -- (PSIMSVC) SRV - [2008-02-04 17:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- D:\Program Files\Common Files\Panda Security\PavShld\PavPrSrv.exe -- (PavPrSrv) SRV - [2004-09-29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- D:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\PavTPK.sys -- (PavTPK.sys) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012-06-10 13:59:14 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF) DRV - [2012-04-04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011-02-21 14:38:32 | 000,037,448 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\ShlDrv51.sys -- (ShldDrv) DRV - [2010-06-22 18:13:00 | 000,026,696 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- D:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot) DRV - [2010-05-21 13:50:26 | 000,059,080 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\amm8651.sys -- (AmFSM) DRV - [2010-05-06 17:11:58 | 000,163,848 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\PavProc.sys -- (PavProc) DRV - [2008-05-09 13:06:14 | 000,470,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211) DRV - [2008-05-09 13:03:40 | 000,634,880 | ---- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\S3gIGPm.sys -- (S3GIGP) DRV - [2006-11-15 15:34:40 | 004,225,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- D:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-03-23 05:36:30 | 000,995,712 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2006-03-23 05:36:30 | 000,726,400 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2006-03-23 05:36:30 | 000,206,976 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2005-12-22 12:24:52 | 000,137,884 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2005-12-22 12:24:52 | 000,010,864 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2005-12-22 12:24:50 | 000,080,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2005-01-07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService) DRV - [2004-08-03 22:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nmnt.sys -- (nm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.encyklopedia.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1123561945-1604221776-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-1123561945-1604221776-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1123561945-1604221776-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1123561945-1604221776-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1123561945-1604221776-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) O1 HOSTS File: ([2001-10-26 17:45:16 | 000,000,742 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] D:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [APVXDWIN] D:\Program Files\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE (Panda Security, S.L.) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] D:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [S3Trayp] D:\WINDOWS\System32\S3Trayp.exe (S3 Graphics Co., Ltd.) O4 - HKLM..\Run: [SCANINICIO] D:\Program Files\Panda Security\Panda Antivirus Pro 2012\Inicio.exe (Panda Security, S.L.) O4 - HKLM..\Run: [Skrót do strony właściwości High Definition Audio] D:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider) O4 - HKLM..\Run: [VTTimer] D:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.) O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: D:\Documents and Settings\monika\Menu Start\Programy\Autostart\UniSpiker-2.6.lnk = D:\Program Files\Syntezator mowy\ivo\UniSpiker-2.6\uni_spiker-2.6.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1123561945-1604221776-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} http://www.eska.pl/streamplayers/OggX.ocx (OggX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: Microsoft XML Parser for Java file://D:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (d:\windows\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\avldr: DllName - (avldr.dll) - D:\WINDOWS\System32\avldr.dll (On-Access Anti-Malware Scanner Sync) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: D:\Documents and Settings\monika\Moje dokumenty\Moje obrazy\treehugger-wallpaper_1680x1050.bmp O24 - Desktop BackupWallPaper: D:\Documents and Settings\monika\Moje dokumenty\Moje obrazy\treehugger-wallpaper_1680x1050.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007-06-01 23:30:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{572d94c0-e88a-11dd-bb2a-0040d0a98649}\Shell - "" = AutoRun O33 - MountPoints2\{572d94c0-e88a-11dd-bb2a-0040d0a98649}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{572d992e-e88a-11dd-bb2a-0040d0a98649}\Shell - "" = AutoRun O33 - MountPoints2\{572d992e-e88a-11dd-bb2a-0040d0a98649}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{a9a99d01-29a6-11de-bb9e-0040d0a98649}\Shell\AutoRun\command - "" = F:\/ -- File not found O33 - MountPoints2\{c1745154-0c87-11de-bb63-0040d0a98649}\Shell\AutoRun\command - "" = F:\/ -- File not found O33 - MountPoints2\{cfd02510-64e4-11df-bd70-0040d0a98649}\Shell - "" = AutoRun O33 - MountPoints2\{cfd02510-64e4-11df-bd70-0040d0a98649}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-06-26 21:47:48 | 000,000,000 | ---D | C] -- D:\TDSSKiller_Quarantine [2012-06-26 21:26:22 | 000,000,000 | ---D | C] -- D:\WINDOWS\pss [2012-06-14 22:46:46 | 000,000,000 | -HSD | C] -- D:\WINDOWS\CSC [2012-06-13 22:33:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware [2012-06-13 22:33:13 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys [2012-06-13 22:33:12 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malware [2012-06-13 19:44:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\monika\Dane aplikacji\Malwarebytes [2012-06-13 19:44:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2012-06-13 19:39:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\monika\Pulpit\Wykrywacz wirusów [2012-06-12 16:05:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\monika\Pulpit\EPD [2012-06-11 12:49:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\monika\Pulpit\Etui [2012-06-11 12:47:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\monika\Pulpit\GKL [2012-06-10 20:56:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\monika\Ustawienia lokalne\Dane aplikacji\Panda Security [2012-06-10 20:55:23 | 000,026,696 | ---- | C] (Panda Security, S.L.) -- D:\WINDOWS\System32\drivers\pavboot.sys [2012-06-10 20:54:59 | 000,054,832 | ---- | C] (Panda Software) -- D:\WINDOWS\System32\pavcpl.cpl [2012-06-10 20:54:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Panda Antivirus Pro 2012 [2012-06-10 20:54:45 | 000,446,464 | ---- | C] (eHelp Corporation.) -- D:\WINDOWS\System32\HHActiveX.dll [2012-06-10 20:54:38 | 000,520,000 | ---- | C] (Panda Security, S.L.) -- D:\WINDOWS\System32\PavSHook.dll [2012-06-10 20:54:38 | 000,193,344 | ---- | C] (Panda Security, S.L.) -- D:\WINDOWS\System32\TpUtil.dll [2012-06-10 20:54:38 | 000,107,568 | ---- | C] (Panda Software) -- D:\WINDOWS\System32\SYSTOOLS.DLL [2012-06-10 20:54:38 | 000,087,360 | ---- | C] (Panda Security, S.L.) -- D:\WINDOWS\System32\PavLspHook.dll [2012-06-10 20:54:38 | 000,055,616 | ---- | C] (Panda Security, S.L.) -- D:\WINDOWS\System32\pavipc.dll [2012-06-10 20:54:36 | 000,059,080 | ---- | C] (Panda Security, S.L.) -- D:\WINDOWS\System32\drivers\amm8651.sys [2012-06-10 20:54:36 | 000,055,552 | ---- | C] (On-Access Anti-Malware Scanner Sync) -- D:\WINDOWS\System32\avldr.dll [2012-06-10 20:54:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\PAV [2012-06-10 20:54:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\monika\Dane aplikacji\Panda Security [2012-06-10 20:54:34 | 000,000,000 | ---D | C] -- D:\Program Files\Panda Security [2012-06-10 20:54:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Panda Security [2012-06-10 20:53:40 | 000,163,848 | ---- | C] (Panda Security, S.L.) -- D:\WINDOWS\System32\drivers\PavProc.sys [2012-06-10 20:53:40 | 000,037,448 | ---- | C] (Panda Security, S.L.) -- D:\WINDOWS\System32\drivers\ShlDrv51.sys [2012-06-10 20:53:40 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Panda Security [2012-06-10 20:44:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\F-Secure [2012-06-10 18:39:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\529C50AB0005779B63354B8B8DB91C90 [2012-06-10 13:59:14 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- D:\WINDOWS\System32\wpcap.dll [2012-06-10 13:59:14 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- D:\WINDOWS\System32\Packet.dll [2012-06-10 13:59:14 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- D:\WINDOWS\System32\drivers\npf.sys [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-06-26 21:54:56 | 000,763,990 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI [2012-06-26 21:54:56 | 000,356,068 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat [2012-06-26 21:54:56 | 000,311,938 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat [2012-06-26 21:54:56 | 000,049,910 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat [2012-06-26 21:54:56 | 000,040,326 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat [2012-06-26 21:49:41 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT [2012-06-26 21:49:38 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat [2012-06-26 21:48:24 | 009,699,328 | -H-- | M] () -- D:\Documents and Settings\monika\NTUSER.DAT [2012-06-26 21:48:24 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\monika\ntuser.ini [2012-06-26 21:39:17 | 000,000,507 | ---- | M] () -- D:\WINDOWS\win.ini [2012-06-26 21:39:17 | 000,000,227 | ---- | M] () -- D:\WINDOWS\system.ini [2012-06-26 17:58:24 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl [2012-06-14 12:26:51 | 000,000,600 | ---- | M] () -- D:\Documents and Settings\monika\Ustawienia lokalne\Dane aplikacji\PUTTY.RND [2012-06-14 09:10:47 | 000,148,992 | ---- | M] () -- D:\Documents and Settings\monika\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-06-13 13:59:37 | 000,008,627 | ---- | M] () -- D:\WINDOWS\System32\PAV_FOG.OPC [2012-06-11 18:47:41 | 000,008,627 | ---- | M] () -- D:\Documents and Settings\monika\PAV_FOG.OPC [2012-06-10 20:55:41 | 000,000,250 | ---- | M] () -- D:\WINDOWS\System32\PavCPL.dat [2012-06-10 20:32:35 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT [2012-06-10 18:09:04 | 000,178,692 | ---- | M] () -- D:\WINDOWS\System32\c_7265195.nls [2012-06-10 13:59:14 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- D:\WINDOWS\System32\wpcap.dll [2012-06-10 13:59:14 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) -- D:\WINDOWS\System32\Packet.dll [2012-06-10 13:59:14 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) -- D:\WINDOWS\System32\drivers\npf.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-06-10 21:14:42 | 000,008,627 | ---- | C] () -- D:\Documents and Settings\monika\PAV_FOG.OPC [2012-06-10 21:03:12 | 000,008,627 | ---- | C] () -- D:\WINDOWS\System32\PAV_FOG.OPC [2012-06-10 20:55:41 | 000,000,250 | ---- | C] () -- D:\WINDOWS\System32\PavCPL.dat [2012-06-10 18:09:04 | 000,178,692 | ---- | C] () -- D:\WINDOWS\System32\c_7265195.nls [2011-10-24 23:34:47 | 000,000,600 | ---- | C] () -- D:\Documents and Settings\monika\Ustawienia lokalne\Dane aplikacji\PUTTY.RND [2011-09-07 15:48:13 | 000,006,550 | ---- | C] () -- D:\WINDOWS\jautoexp.dat [2011-09-03 15:54:42 | 000,077,824 | R--- | C] () -- D:\WINDOWS\System32\hpzids01.dll [2011-09-03 13:38:47 | 000,011,045 | ---- | C] () -- D:\WINDOWS\hpdj3500.ini [2011-07-14 15:37:00 | 000,017,408 | ---- | C] () -- D:\Documents and Settings\monika\Ustawienia lokalne\Dane aplikacji\WebpageIcons.db [2011-06-06 12:25:33 | 000,000,218 | ---- | C] () -- D:\Documents and Settings\monika\.recently-used.xbel [2008-05-24 17:04:03 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2008-02-25 17:18:03 | 000,000,600 | ---- | C] () -- D:\Documents and Settings\monika\PUTTY.RND [2008-01-29 15:48:44 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\monika\Dane aplikacji\AVSDVDPlayer.m3u [2008-01-11 20:48:39 | 000,148,992 | ---- | C] () -- D:\Documents and Settings\monika\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007-06-04 18:46:30 | 000,040,424 | ---- | C] () -- D:\Documents and Settings\monika\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2007-06-03 15:52:58 | 005,331,730 | -H-- | C] () -- D:\Documents and Settings\monika\Ustawienia lokalne\Dane aplikacji\IconCache.db [2007-06-03 15:45:36 | 022,537,784 | ---- | C] ( ) -- D:\Program Files\AdbeRdr705.exe [2007-06-03 15:43:22 | 000,000,188 | -HS- | C] () -- D:\Documents and Settings\monika\ntuser.ini [2007-06-03 15:43:20 | 009,699,328 | -H-- | C] () -- D:\Documents and Settings\monika\NTUSER.DAT [color=#E56717]========== LOP Check ==========[/color] [2012-06-13 22:47:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\529C50AB0005779B63354B8B8DB91C90 [2012-06-10 20:35:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2012-06-10 20:44:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\F-Secure [2010-04-19 22:22:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-05-10 15:08:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2012-06-10 20:54:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Panda Security [2011-09-07 18:27:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems [2011-01-27 13:01:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Gość\Dane aplikacji\Ulead Systems [2012-06-26 21:15:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\BabylonToolbar [2007-06-16 18:30:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\eSkiMoS R2 [2008-01-29 21:35:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\FrostWire [2007-06-05 14:05:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\Gadu-Gadu [2011-09-02 11:03:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\Gadu-Gadu 10 [2011-09-13 13:41:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\gretl [2011-06-06 12:25:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\gtk-2.0 [2008-03-21 17:49:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\InterVideo [2011-07-05 18:47:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\iPlus [2009-10-01 14:22:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\Nowe Gadu-Gadu [2010-05-10 15:08:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\OpenFM [2010-11-17 21:25:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\Opera [2012-06-10 20:54:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\Panda Security [2009-05-18 15:53:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\monika\Dane aplikacji\Samsung [color=#E56717]========== Purity Check ==========[/color] < End of report >