OTL logfile created on: 2010-10-09 01:23:34 - Run 1 OTL by OldTimer - Version 3.2.10.0 Folder = H:\AV nowe Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,00 Mb Total Physical Memory | 439,00 Mb Available Physical Memory | 57,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): C:\pagefile.sys 512 512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WIN_XP | %ProgramFiles% = C:\Program Files Drive C: | 25,69 Gb Total Space | 3,04 Gb Free Space | 11,83% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 24,41 Gb Total Space | 4,42 Gb Free Space | 18,09% Space Free | Partition Type: NTFS Drive H: | 1,87 Gb Total Space | 1,71 Gb Free Space | 91,26% Space Free | Partition Type: FAT I: Drive not present or media not loaded Computer Name: MARCIN Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-10-07 17:25:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- H:\AV nowe\OTL.exe PRC - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WIN_XP\explorer.exe PRC - [2006-02-17 11:14:22 | 000,163,840 | ---- | M] (A4Tech Co., Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-10-07 17:25:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- H:\AV nowe\OTL.exe MOD - [2006-08-25 17:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WIN_XP\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2004-08-24 08:43:52 | 000,036,864 | ---- | M] (A4Tech Co., Ltd.) -- C:\WIN_XP\system32\Amhooker.dll MOD - [2004-08-04 01:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WIN_XP\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\Program Files\UltraVNC\WinVNC.exe -- (winvnc) SRV - File not found [Disabled | Stopped] -- C:\WIN_XP\System32\hidserv.dll -- (HidServ) SRV - File not found [Disabled | Stopped] -- C:\Program Files\distributed.net\dnetc.exe -- (dnetc) SRV - [2004-12-25 10:03:35 | 000,054,784 | ---- | M] (Macrovision) [Disabled | Stopped] -- C:\WIN_XP\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA) SRV - [2003-04-04 14:54:50 | 000,077,824 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2001-10-26 23:29:54 | 000,056,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WIN_XP\system32\getmac.exe -- (Darvdpy) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2006-07-24 17:49:48 | 000,089,856 | ---- | M] (USB Generic Camera) [Kernel | On_Demand | Stopped] -- C:\WIN_XP\system32\drivers\cam1210.sys -- (CAM1210) DRV - [2006-06-27 17:42:14 | 003,972,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WIN_XP\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2006-05-09 10:26:06 | 000,013,312 | R--- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WIN_XP\system32\drivers\Amusbprt.sys -- (Amusbprt) DRV - [2006-01-11 08:33:32 | 000,008,704 | R--- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WIN_XP\system32\drivers\Amfilter.sys -- (Amfilter) DRV - [2005-08-08 14:44:04 | 000,006,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WIN_XP\system32\drivers\MouseCap.sys -- (MouseCap) DRV - [2004-12-25 10:03:32 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WIN_XP\system32\drivers\CdaC15BA.SYS -- (CdaC15BA) DRV - [2004-08-12 22:14:46 | 000,786,944 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WIN_XP\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WIN_XP\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WIN_XP\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2003-08-14 17:16:38 | 000,404,736 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Stopped] -- C:\WIN_XP\system32\drivers\ALCXSENS.SYS -- (ALCXSENS) DRV - [2003-04-04 15:07:20 | 000,030,336 | ---- | M] (Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\WIN_XP\system32\drivers\npf.sys -- (NPF) DRV - [2003-03-19 09:51:00 | 000,018,688 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WIN_XP\system32\DRIVERS\nv_agp.sys -- (nv_agp) DRV - [2002-11-27 14:52:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WIN_XP\system32\drivers\NVENET.sys -- (NVENET) DRV - [2002-11-20 20:45:50 | 000,002,218 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WIN_XP\system32\drivers\vncdrv.sys -- (vncdrv) DRV - [2002-04-26 13:04:16 | 000,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Running] -- C:\WIN_XP\System32\drivers\KMM4XNT.SYS -- (Kmm4xNT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.onet.pl IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.onet.pl IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.onet.pl IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.onet.pl IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.onet.pl IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-57989841-839522115-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WIN_XP\system32\blank.htm IE - HKU\S-1-5-21-57989841-839522115-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pajacyk.pl/index.php3 IE - HKU\S-1-5-21-57989841-839522115-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.pajacyk.pl/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 4 FF - prefs.js..extensions.enabledItems: 9 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8 FF - prefs.js..network.proxy.backup.ftp: "proxy.icpnet.pl" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.gopher: "proxy.icpnet.pl" FF - prefs.js..network.proxy.backup.gopher_port: 8080 FF - prefs.js..network.proxy.backup.socks: "proxy.icpnet.pl" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "proxy.icpnet.pl" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "proxy.icpnet.pl" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.gopher: "proxy.icpnet.pl" FF - prefs.js..network.proxy.gopher_port: 8080 FF - prefs.js..network.proxy.http: "proxy.icpnet.pl" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "proxy.icpnet.pl" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "proxy.icpnet.pl" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-09-22 15:40:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-09-21 22:00:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-07-26 14:06:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010-08-31 17:37:45 | 000,000,000 | ---D | M] [2009-01-27 19:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions [2010-10-08 18:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\jzfykfrh.default\extensions [2010-07-26 17:46:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\jzfykfrh.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-09-23 20:26:49 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\jzfykfrh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-09-23 20:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\jzfykfrh.default\extensions\en-US@dictionaries.addons.mozilla.org [2010-03-09 07:32:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\jzfykfrh.default\extensions\firefox@tvunetworks.com [2010-09-23 20:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\jzfykfrh.default\extensions\personas@christopher.beard [2005-12-08 00:36:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\jzfykfrh.default\extensions\temp [2010-10-08 18:13:13 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-06-13 21:24:27 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2005-09-19 14:03:00 | 000,044,158 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\inspector.dll [2004-04-07 01:09:04 | 003,268,608 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npmapv32.dll [2010-09-21 22:00:14 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-09-21 22:00:14 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-09-21 22:00:14 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-09-21 22:00:15 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-09-21 22:00:15 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-09-21 22:00:15 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-07-24 22:38:27 | 000,414,980 | R--- | M]) - C:\WIN_XP\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 14331 more lines... O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKU\S-1-5-21-57989841-839522115-682003330-500\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-57989841-839522115-682003330-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-57989841-839522115-682003330-500\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co., Ltd.) O4 - HKU\.DEFAULT..\Run: [Symantec NetDriver Warning] C:\Program Files\SymNetDrv\SNDWarn.exe (Symantec Corporation) O4 - HKU\S-1-5-18..\Run: [Symantec NetDriver Warning] C:\Program Files\SymNetDrv\SNDWarn.exe (Symantec Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-57989841-839522115-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Pobierz używając Download &Express'a - C:\Program Files\Download Express\add_url.htm () O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.) O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl.sun.com/webapps/download/AutoDL?BundleId=29223 (Java Plug-in 1.6.0_13) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} http://bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab (MainControl Class) O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WIN_XP\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.21.99.95 192.168.0.1 O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\ic32pp {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WIN_XP\wc98pp.dll () O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WIN_XP\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WIN_XP\System32\ati2evxx.dll () O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O29 - HKLM SecurityProviders - (zwebauth.dll) - C:\WIN_XP\System32\ZWebAuth.dll () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004-10-12 14:23:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-09-23 10:34:56 | 000,000,016 | -H-- | M] () - H:\AUTORUN.INF -- [ FAT ] O32 - AutoRun File - [2010-10-08 00:24:14 | 000,000,000 | ---D | M] - H:\Autoruns -- [ FAT ] O33 - MountPoints2\{504e998e-a166-11df-b3cb-000d617fbfe8}\Shell\AutoRun\command - "" = H:\WebarooPortable\WebarooPortable.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-10-08 19:06:51 | 000,000,000 | ---D | C] -- C:\Symbols [2010-10-08 19:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86) [2010-10-06 00:55:51 | 000,000,000 | ---D | C] -- C:\4bb2e018a0c07d2f25aae2a6 [2010-10-05 21:53:34 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\WIN_XP\System32\drivers\tmcomm.sys [2010-10-05 21:26:51 | 000,000,000 | ---D | C] -- C:\WIN_XP\CSC [2010-09-19 19:51:47 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WIN_XP\System32\mucltui.dll [2010-09-19 19:51:47 | 000,017,776 | ---- | C] (Microsoft Corporation) -- C:\WIN_XP\System32\mucltui.dll.mui [2010-09-18 16:17:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2004-10-22 21:33:26 | 000,151,552 | R--- | C] ( ) -- C:\WIN_XP\System32\ATIDEMGR.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-10-09 01:17:25 | 000,000,006 | -H-- | M] () -- C:\WIN_XP\tasks\SA.DAT [2010-10-09 01:17:23 | 000,002,048 | --S- | M] () -- C:\WIN_XP\bootstat.dat [2010-10-09 01:15:31 | 000,000,000 | ---- | M] () -- C:\WIN_XP\MEMORY.DMP [2010-10-09 01:11:52 | 000,297,256 | ---- | M] () -- C:\WIN_XP\System32\FNTCACHE.DAT [2010-10-09 01:11:17 | 010,223,616 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010-10-09 01:11:17 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010-10-08 23:38:47 | 000,003,888 | ---- | M] () -- C:\WIN_XP\System32\drivers\NTHANDLE.SYS [2010-10-08 20:35:22 | 000,001,113 | ---- | M] () -- C:\WIN_XP\bestplayer.bbt [2010-10-08 20:35:22 | 000,001,104 | ---- | M] () -- C:\WIN_XP\bestplayer.ini [2010-10-08 20:35:22 | 000,000,000 | ---- | M] () -- C:\WIN_XP\bestplayer.bpp [2010-10-08 18:06:06 | 000,002,644 | ---- | M] () -- C:\WIN_XP\System32\config.nt [2010-10-07 17:56:47 | 000,002,206 | ---- | M] () -- C:\WIN_XP\System32\wpa.dbl [2010-10-05 21:35:06 | 000,001,324 | ---- | M] () -- C:\WIN_XP\System32\d3d9caps.dat [2010-10-05 21:32:33 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\housecall.guid.cache [2010-10-05 20:41:10 | 000,614,623 | ---- | M] () -- C:\WIN_XP\System32\drivers\fwdrv.err [2010-10-03 13:39:53 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\TEMATYKA JEDNOSTEK LEKCYJNYCH.doc [2010-10-01 16:58:40 | 000,000,059 | ---- | M] () -- C:\WIN_XP\dcmvwr.INI [2010-09-10 22:07:21 | 000,079,872 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\Życiorys Marcin Sternad.doc [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-10-05 21:32:33 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\housecall.guid.cache [2010-10-01 16:58:40 | 000,000,059 | ---- | C] () -- C:\WIN_XP\dcmvwr.INI [2010-09-10 22:07:10 | 000,065,024 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\TEMATYKA JEDNOSTEK LEKCYJNYCH.doc [2009-04-27 22:54:09 | 000,126,464 | ---- | C] () -- C:\WIN_XP\System32\lame_enc.dll [2009-01-02 16:17:45 | 000,000,097 | ---- | C] () -- C:\WIN_XP\System32\PICSDK.ini [2008-09-20 18:43:18 | 000,000,373 | ---- | C] () -- C:\WIN_XP\pdf2word.INI [2008-03-04 19:52:34 | 000,286,720 | ---- | C] () -- C:\WIN_XP\System32\libcurl.dll [2008-02-11 00:51:28 | 000,000,547 | ---- | C] () -- C:\WIN_XP\System32\ff_vfw.dll.manifest [2008-02-11 00:51:27 | 000,007,680 | ---- | C] () -- C:\WIN_XP\System32\ff_vfw.dll [2007-10-31 10:39:54 | 000,059,904 | ---- | C] () -- C:\WIN_XP\System32\zlib1.dll [2007-10-30 21:13:23 | 000,963,663 | ---- | C] () -- C:\Program Files\Kustom Appz Software.rar [2007-10-08 19:53:08 | 000,185,858 | ---- | C] () -- C:\WIN_XP\System32\Bmp2Jpeg.dll [2007-09-17 19:10:54 | 000,618,496 | ---- | C] () -- C:\WIN_XP\System32\stlpmt45.dll [2007-05-17 14:58:10 | 000,143,360 | ---- | C] () -- C:\WIN_XP\System32\libexpatw.dll [2007-04-28 21:58:58 | 000,000,376 | ---- | C] () -- C:\WIN_XP\settings.ini [2007-04-05 19:50:31 | 000,000,164 | ---- | C] () -- C:\WIN_XP\avrack.ini [2007-03-13 22:46:15 | 000,138,016 | ---- | C] () -- C:\WIN_XP\System32\drivers\PnkBstrK.sys [2006-09-15 18:17:55 | 000,143,360 | ---- | C] () -- C:\WIN_XP\System32\RtlCPAPI.dll [2006-09-03 12:58:05 | 000,000,047 | ---- | C] () -- C:\WIN_XP\CDCOPS.INI [2006-07-24 16:46:54 | 000,031,232 | ---- | C] () -- C:\WIN_XP\System32\cam1210.dll [2006-06-29 16:37:18 | 000,114,688 | ---- | C] () -- C:\WIN_XP\System32\Cam1210M.dll [2006-03-11 23:38:25 | 000,003,888 | ---- | C] () -- C:\WIN_XP\System32\drivers\NTHANDLE.SYS [2006-03-11 13:20:38 | 000,000,048 | ---- | C] () -- C:\WIN_XP\wpd99.drv [2006-03-11 13:18:36 | 000,143,410 | ---- | C] () -- C:\WIN_XP\System32\pdfmona.dll [2006-03-11 13:18:36 | 000,049,080 | ---- | C] () -- C:\WIN_XP\System32\pdf995mon.dll [2006-01-15 16:53:25 | 000,000,167 | ---- | C] () -- C:\WIN_XP\Puzzle.INI [2006-01-15 15:34:18 | 000,000,066 | ---- | C] () -- C:\WIN_XP\smok.ini [2006-01-15 15:33:54 | 000,000,066 | ---- | C] () -- C:\WIN_XP\ASYM.INI [2006-01-15 15:33:54 | 000,000,055 | ---- | C] () -- C:\WIN_XP\MTB40.INI [2006-01-08 14:16:36 | 000,000,000 | ---- | C] () -- C:\WIN_XP\SETUP32.INI [2005-12-04 10:29:00 | 000,040,114 | ---- | C] () -- C:\WIN_XP\System32\temp_list.ini [2005-11-12 13:54:40 | 000,000,213 | ---- | C] () -- C:\WIN_XP\KA.ini [2005-09-11 10:33:29 | 000,016,973 | ---- | C] () -- C:\WIN_XP\System32\ZWebAuth.dll [2005-08-08 14:44:04 | 000,006,640 | ---- | C] () -- C:\WIN_XP\System32\drivers\MouseCap.sys [2005-07-24 21:16:07 | 000,010,240 | ---- | C] () -- C:\WIN_XP\System32\vidx16.dll [2005-06-12 09:17:43 | 000,000,155 | ---- | C] () -- C:\WIN_XP\splendor.ini [2005-06-01 21:18:29 | 000,006,405 | ---- | C] () -- C:\WIN_XP\xnview.ini [2005-05-07 22:50:18 | 001,033,817 | R--- | C] () -- C:\Program Files\old_X-TEMP.utx [2005-04-05 22:04:21 | 000,001,479 | ---- | C] () -- C:\WIN_XP\cdplayer.ini [2005-04-05 21:55:54 | 000,155,648 | ---- | C] () -- C:\WIN_XP\System32\xvidvfw.dll [2005-03-13 22:39:22 | 000,108,032 | ---- | C] () -- C:\WIN_XP\System32\sh33w32.dll [2005-01-28 21:41:12 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2005-01-10 22:48:05 | 000,051,712 | ---- | C] () -- C:\WIN_XP\wc98pp.dll [2004-12-31 17:51:33 | 000,000,704 | ---- | C] () -- C:\WIN_XP\disney.ini [2004-11-22 19:58:43 | 000,000,204 | ---- | C] () -- C:\WIN_XP\RtlRack.ini [2004-11-06 19:23:40 | 000,158,720 | ---- | C] () -- C:\WIN_XP\Unrar.dll [2004-10-26 18:53:14 | 000,000,172 | ---- | C] () -- C:\WIN_XP\wininit.ini [2004-10-26 18:10:31 | 000,000,495 | ---- | C] () -- C:\WIN_XP\QTW.INI [2004-10-23 19:20:18 | 000,001,104 | ---- | C] () -- C:\WIN_XP\bestplayer.ini [2004-10-12 18:31:14 | 000,089,600 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2004-10-12 18:16:53 | 000,007,274 | ---- | C] () -- C:\WIN_XP\hpdj3740.ini [2004-10-12 18:16:25 | 000,000,414 | ---- | C] () -- C:\WIN_XP\hpbvspst.ini [2004-10-12 17:01:12 | 000,000,629 | ---- | C] () -- C:\WIN_XP\ODBC.INI [2004-10-12 16:54:56 | 000,000,155 | ---- | C] () -- C:\WIN_XP\winamp.ini [2004-10-12 16:53:07 | 000,210,944 | ---- | C] () -- C:\WIN_XP\System32\Msvcrt10.dll [2004-10-12 16:53:05 | 000,065,536 | ---- | C] () -- C:\WIN_XP\System32\adistres.dll [2003-12-02 15:55:14 | 000,086,016 | ---- | C] () -- C:\WIN_XP\System32\ati2evxx.dll [2003-04-16 17:40:12 | 000,389,120 | ---- | C] () -- C:\WIN_XP\System32\OpenQuicktimeLib.dll [2003-04-16 17:39:44 | 000,081,920 | ---- | C] () -- C:\WIN_XP\System32\libfaad.dll [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WIN_XP\System32\OUTLPERF.INI [2002-03-02 04:10:02 | 000,053,299 | ---- | C] () -- C:\WIN_XP\System32\pthreadVC.dll [1997-06-14 02:56:08 | 000,056,832 | ---- | C] () -- C:\WIN_XP\System32\iyvu9_32.dll [color=#E56717]========== LOP Check ==========[/color] [2006-11-21 21:20:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Autodesk [2005-09-22 17:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\AutoUpdate [2007-10-08 20:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\CyberPatrol Client [2005-04-23 11:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Dokumenty AFi [2009-02-15 16:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\EPSON [2007-08-15 00:31:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu [2008-02-21 21:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GetRightToGo [2007-11-23 18:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gslist [2004-10-12 16:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\InterTrust [2008-02-27 02:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\JBF Software [2010-07-24 22:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Kamerzysta [2004-10-22 18:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\MetaProducts [2009-12-27 15:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\SuperMemo World [2005-04-10 23:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Thunderbird [2008-03-16 17:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent [2006-11-21 21:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2009-01-02 16:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON [2007-09-07 17:43:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2006-01-08 14:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\The Learning Company [2010-07-24 09:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TmForever [2009-01-02 16:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL [2009-12-05 23:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Vivendi Universal Games [color=#E56717]========== Purity Check ==========[/color] < End of report >