OTL logfile created on: 2012-07-29 10:34:59 - Run 5 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\Home\Moje dokumenty Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,25 Gb Total Physical Memory | 0,51 Gb Available Physical Memory | 40,65% Memory free 2,98 Gb Paging File | 2,43 Gb Available in Paging File | 81,56% Paging File free Paging file location(s): C:\pagefile.sys 1920 3840 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 18,64 Gb Total Space | 2,09 Gb Free Space | 11,21% Space Free | Partition Type: NTFS Drive D: | 18,65 Gb Total Space | 2,95 Gb Free Space | 15,82% Space Free | Partition Type: NTFS Drive E: | 18,65 Gb Total Space | 12,89 Gb Free Space | 69,13% Space Free | Partition Type: NTFS Drive F: | 18,59 Gb Total Space | 3,33 Gb Free Space | 17,90% Space Free | Partition Type: FAT32 Computer Name: HOME-077055C1DE | User Name: Home | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-27 20:08:32 | 000,605,184 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home\Moje dokumenty\OTL.exe PRC - [2012-07-19 10:52:54 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-11-15 01:15:16 | 000,197,288 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Browsing Protection\adawarebp.exe PRC - [2011-07-22 19:23:26 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2011-07-22 19:23:25 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe PRC - [2011-07-22 19:23:25 | 000,032,256 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE PRC - [2010-07-07 10:46:46 | 012,382,816 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2009-02-26 18:36:46 | 000,030,040 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-07-28 12:00:39 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll MOD - [2012-07-19 10:52:52 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-04-04 07:54:04 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL MOD - [2010-07-07 10:47:48 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll MOD - [2010-07-07 10:47:46 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2010-07-07 10:47:44 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll MOD - [2010-07-07 10:47:40 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll MOD - [2010-07-07 10:47:38 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll MOD - [2010-03-23 12:01:00 | 008,806,400 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll MOD - [2010-03-19 09:34:20 | 013,545,472 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll MOD - [2010-03-19 09:34:20 | 003,334,144 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXmlPatterns4.dll MOD - [2010-03-19 09:34:20 | 002,400,256 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll MOD - [2010-03-19 09:34:20 | 001,511,424 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll MOD - [2010-03-19 09:34:20 | 001,036,288 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll MOD - [2010-03-19 09:34:20 | 000,389,120 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll MOD - [2010-03-19 09:34:20 | 000,323,584 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll MOD - [2010-03-19 09:33:46 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2010-03-19 09:33:46 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2010-03-19 09:33:46 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2010-03-19 09:33:46 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2010-03-19 09:33:46 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2010-03-19 09:33:38 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll MOD - [2009-08-16 17:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2008-04-14 23:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service) SRV - File not found [Auto | Stopped] -- F:\Program Files\SolidWorks\COSMOS\FloWorks\binCFW\StandAloneSlv.exe -- (Remote Solver for COSMOSFloWorks 2006) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\qagentrt.dll -- (napagent) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\kmsvc.dll -- (hkmsvc) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\eapsvc.dll -- (EapHost) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\dot3svc.dll -- (Dot3svc) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012-07-28 15:38:22 | 000,871,424 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv) SRV - [2012-07-28 12:00:48 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-07-19 10:52:52 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011-07-22 19:23:25 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default) SRV - [2011-07-22 19:23:25 | 000,032,256 | ---- | M] (C-Dilla Ltd) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE -- (C-DillaSrv) SRV - [2011-03-08 17:10:57 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-09-07 21:04:52 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP) SRV - [2010-03-11 10:01:02 | 000,153,736 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2009-02-26 18:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [File_System | On_Demand | Stopped] -- C:\Program Files\Anti Trojan Elite\ATEPMon.sys -- (ATE_PROCMON) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a2blr61e) DRV - [2012-07-28 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2011-02-27 22:35:12 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt) DRV - [2010-06-09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2) DRV - [2010-06-09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (KL1) DRV - [2010-05-07 12:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2010-03-09 21:51:45 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2010-03-01 11:43:16 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) DRV - [2010-03-01 11:43:12 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2010-03-01 11:43:12 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) DRV - [2010-03-01 11:43:12 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex) DRV - [2010-03-01 11:43:12 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2010-03-01 11:43:10 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) DRV - [2010-03-01 11:43:10 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) DRV - [2010-02-11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2009-11-02 20:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-09-17 08:05:02 | 000,092,712 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\sentinel.sys -- (Sentinel) DRV - [2007-05-02 12:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2007-05-02 12:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2007-05-02 12:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) DRV - [2006-07-24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-03-14 04:06:01 | 000,028,672 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm) DRV - [2006-03-02 14:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2006-03-02 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2006-03-02 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2006-03-02 14:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2005-07-08 16:17:56 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec) DRV - [2005-07-08 16:17:54 | 000,099,584 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs) DRV - [2005-07-08 16:17:36 | 000,029,696 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass) DRV - [2005-05-04 11:28:36 | 001,133,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2004-11-05 12:08:06 | 000,670,208 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock) DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2003-10-31 09:47:30 | 000,061,056 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2400.sys -- (RT2400PCI) DRV - [2003-02-18 10:38:04 | 000,017,504 | R--- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x) DRV - [2002-10-23 04:40:44 | 000,007,560 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO) DRV - [2002-09-09 03:59:00 | 000,108,220 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\NVCAP.SYS -- (nvcap) DRV - [2002-09-09 03:59:00 | 000,015,968 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\NVTUNEP.SYS -- (nvTUNEP) DRV - [2002-09-09 03:59:00 | 000,013,776 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\NVTVSND.SYS -- (nvtvSND) DRV - [2002-09-09 03:59:00 | 000,010,366 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\NVXBAR.SYS -- (NVXBAR) DRV - [2002-07-24 04:30:00 | 000,032,128 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1) DRV - [2001-12-18 08:45:04 | 000,003,279 | ---- | M] (VIA Technologies. Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VIAPFD.SYS -- (VIAPFD) DRV - [2001-12-07 12:45:58 | 000,057,136 | ---- | M] (Macrovision) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANT.SYS -- (C-Dilla) DRV - [1997-04-22 10:16:00 | 000,006,272 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASLM75.SYS -- (aslm75) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wyborcza.pl/0.0.html?p=026 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.netscape.com/home/winsearch.html IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.netscape.com/home/winsearch200.html IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.netscape.com/home/winsearch.html IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = About:Blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.netscape.com/home/winsearch.html IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKCU\..\URLSearchHook: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - SOFTWARE\Classes\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}\InprocServer32 File not found IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\InprocServer32 File not found IE - HKCU\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=83A46F5C-24B5-45B2-863A-7D3D6500CB5A&apn_sauid=C565918F-2369-4E26-B0EF-0C639655F238 IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1708250 IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledItems: {E3BBAEEA-0113-4056-A470-DB3ED6E09A01}:1.0 FF - prefs.js..extensions.enabledItems: virtualKeyboard@kaspersky.ru:11.0.2.579 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.579 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=302398&p=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Home\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Home\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-19 10:52:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2012-07-28 11:06:26 | 000,000,000 | ---D | M] [2011-07-31 09:37:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Home\Dane aplikacji\Mozilla\Extensions [2012-07-27 22:18:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Home\Dane aplikacji\Mozilla\Firefox\Profiles\dwed4lu0.default\extensions [2012-01-03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Home\Dane aplikacji\Mozilla\Firefox\Profiles\dwed4lu0.default\searchplugins\askcom.xml [2012-07-28 11:13:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-08-21 14:54:51 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Program Files\Mozilla Firefox\extensions\{E3BBAEEA-0113-4056-A470-DB3ED6E09A01} [2012-07-28 11:13:42 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2012-07-19 10:52:55 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-11-11 16:45:42 | 000,002,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml [2012-06-18 20:04:26 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-01-10 21:27:53 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-06-18 20:04:26 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-18 20:04:26 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-18 20:04:26 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-06-18 20:04:26 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-18 20:04:26 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Home\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Home\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\20.0.1132.47\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Home\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\20.0.1132.47\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Home\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll O1 HOSTS File: ([2012-07-29 10:34:33 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 NtKrnlpa.info O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\prxtbFre0.dll (Conduit Ltd.) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\prxtbFre0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - Reg Error: Value error. File not found O3 - HKCU\..\Toolbar\ShellBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\prxtbFre0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\prxtbFre0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - Reg Error: Value error. File not found O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe :NO File not found O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [GrooveMonitor] F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (HP) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {1F831FAC-42FC-11D4-95A6-0080AD30DCE1} file://C:\Program Files\AutoCAD LT 2002 Plk\InstFred.ocx (InstaFred) O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file://C:\Program Files\AutoCAD LT 2002 Plk\AcDcToday.ocx (AcDcToday) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {AE56372C-B4F5-11D4-A415-00108302FDFD} file://C:\Program Files\AutoCAD LT 2002 Plk\InstBanr.ocx (NOXLATE-BANR) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file://C:\Program Files\AutoCAD LT 2002 Plk\AcPreview.ocx (AcPreview Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D8B49E6-F50F-4E5D-B432-7C27DF72E143}: NameServer = 80.48.254.129,80.50.50.50 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4DCE30B4-CB39-482C-9EFB-9D41D9F78F3C}: NameServer = 80.48.254.129,80.50.50.50 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll (Kaspersky Lab ZAO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Home\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Home\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-10-17 17:18:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{0992619a-c60d-11de-9b11-000df3031040}\Shell\AutoRun\command - "" = J:\s1.exe O33 - MountPoints2\{0992619a-c60d-11de-9b11-000df3031040}\Shell\open\Command - "" = J:\s1.exe O33 - MountPoints2\{93ba3b38-31e4-11e0-9ff5-000c6e2e5c42}\Shell - "" = AutoRun O33 - MountPoints2\{93ba3b38-31e4-11e0-9ff5-000c6e2e5c42}\Shell\AutoRun\command - "" = J:\Startme.exe O33 - MountPoints2\{96d039a0-c785-11de-9b1d-000df3031040}\Shell\AutoRun\command - "" = J:\6ruaqx.exe O33 - MountPoints2\{96d039a0-c785-11de-9b1d-000df3031040}\Shell\open\Command - "" = J:\6ruaqx.exe O33 - MountPoints2\{e04b37ce-777d-11e1-a3de-000c6e2e5c42}\Shell - "" = AutoRun O33 - MountPoints2\{e04b37ce-777d-11e1-a3de-000c6e2e5c42}\Shell\AutoRun\command - "" = J:\KODAK_Camera_Setup_App.exe O33 - MountPoints2\J\Shell - "" = AutoRun O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-07-28 13:39:33 | 000,364,544 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dcraarax.abj [2012-07-28 11:13:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kaspersky Anti-Virus 2011 [2012-07-28 11:02:39 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2012-07-28 10:58:43 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2012-07-27 21:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home\Moje dokumenty\FIX [2012-07-27 20:08:23 | 000,605,184 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Home\Moje dokumenty\OTL.exe [2012-07-23 21:31:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\6F638BBA000897693F7F32B381CB3F95 [2012-07-23 20:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GO4X [2012-07-23 20:55:44 | 000,000,000 | ---D | C] -- C:\Program Files\GO4X [2012-07-23 20:55:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MetaQuotes [2012-07-17 20:58:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell [2012-07-17 20:58:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm [2012-07-17 20:58:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy [2012-07-06 19:20:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home\Menu Start\Programy\Google Chrome [2012-06-29 18:30:38 | 000,000,000 | -HSD | C] -- C:\found.001 [2012-06-25 17:57:55 | 000,000,000 | -HSD | C] -- C:\found.000 [2012-06-19 13:48:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home\Dane aplikacji\wtxpcom [2012-06-12 17:14:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home\Menu Start\Programy\Minecraft Beta Cracked [2012-06-12 13:15:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home\Dane aplikacji\.minecraft [2012-06-07 21:01:08 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-05-30 16:50:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home\Menu Start\Programy\AVI WMV MPEG Converter [2012-05-30 16:50:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVI WMV MPEG Converter [2012-05-30 16:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home\Pulpit\filmy do prezentacji [7 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ] [243 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-07-29 10:15:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-07-28 15:39:09 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-07-28 15:35:37 | 000,364,544 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dcraarax.abj [2012-07-28 15:00:07 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-2025429265-682003330-1004UA.job [2012-07-28 14:57:35 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-07-28 12:00:40 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-07-28 12:00:40 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-07-28 11:12:58 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2012-07-28 11:12:58 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2012-07-28 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2012-07-27 20:21:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2012-07-27 20:08:32 | 000,605,184 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home\Moje dokumenty\OTL.exe [2012-07-23 21:33:37 | 000,002,240 | ---- | M] () -- C:\Documents and Settings\Home\Pulpit\Live Security Platinum.lnk [2012-07-23 20:55:52 | 000,001,508 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\GO4X.lnk [2012-07-22 23:13:11 | 000,001,794 | ---- | M] () -- C:\WINDOWS\wincmd.ini [2012-07-21 18:22:36 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012-07-20 21:24:44 | 000,400,632 | ---- | M] () -- C:\Documents and Settings\Home\Pulpit\skanuj.pdf [2012-07-19 16:00:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-2025429265-682003330-1004Core.job [2012-07-18 17:09:51 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Home\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-11 20:53:48 | 000,384,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-06-25 19:21:02 | 000,000,121 | ---- | M] () -- C:\WINDOWS\Winamp.ini [2012-06-25 18:12:17 | 000,002,391 | ---- | M] () -- C:\Documents and Settings\Home\Pulpit\Microsoft Office Word 2007.lnk [2012-06-23 14:10:36 | 000,050,452 | ---- | M] () -- C:\WINDOWS\System32\QuickTime.qtp [2012-06-14 22:04:40 | 000,494,562 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-06-14 22:04:40 | 000,440,832 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-06-14 22:04:40 | 000,085,200 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-06-14 22:04:40 | 000,069,476 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-06-12 17:14:41 | 000,001,011 | ---- | M] () -- C:\Documents and Settings\Home\Pulpit\Start Minecraft Beta Cracked.lnk [2012-06-06 21:48:38 | 000,002,389 | ---- | M] () -- C:\Documents and Settings\Home\Pulpit\Microsoft Office Excel 2007.lnk [2012-05-30 16:50:39 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\Home\Pulpit\AVI WMV MPEG Converter.lnk [2012-05-30 16:50:34 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [243 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-28 11:12:58 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2012-07-28 11:12:58 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2012-07-23 21:33:37 | 000,002,240 | ---- | C] () -- C:\Documents and Settings\Home\Pulpit\Live Security Platinum.lnk [2012-07-23 20:55:52 | 000,001,508 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\GO4X.lnk [2012-07-20 21:24:44 | 000,400,632 | ---- | C] () -- C:\Documents and Settings\Home\Pulpit\skanuj.pdf [2012-07-17 20:59:05 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb [2012-07-06 19:11:50 | 000,001,128 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-2025429265-682003330-1004UA.job [2012-07-06 19:11:48 | 000,001,076 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-2025429265-682003330-1004Core.job [2012-06-12 17:14:40 | 000,001,011 | ---- | C] () -- C:\Documents and Settings\Home\Pulpit\Start Minecraft Beta Cracked.lnk [2012-06-07 21:01:09 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-05-30 16:50:39 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\Home\Pulpit\AVI WMV MPEG Converter.lnk [2012-05-29 14:28:23 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Speed Video Converter.INI [2012-05-17 18:16:24 | 000,014,290 | ---- | C] () -- C:\Program Files\settings.dat [2012-02-28 12:40:01 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2012-02-28 12:39:27 | 000,087,540 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2012-02-27 13:14:26 | 000,005,968 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-02-16 10:23:08 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-01-04 23:42:38 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2012-01-04 23:42:38 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2011-12-22 13:54:32 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini [2011-07-21 11:45:59 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2011-07-21 11:45:18 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08b.dat [2011-05-24 18:25:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Home\DSC04415.JPG [2011-05-24 18:20:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Home\MOV04792.AVI [2011-04-24 18:47:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Home\hasacz.gif [2011-04-19 19:22:20 | 000,000,056 | ---- | C] () -- C:\WINDOWS\wininit.ini [2011-03-11 18:46:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Licenses.INI [2011-03-08 19:48:51 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2011-03-08 17:11:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI [2011-03-03 22:45:18 | 000,164,864 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE [2011-02-27 22:35:12 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys [2011-01-18 15:21:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\IFinst27.exe [2010-12-31 17:02:55 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI [2010-02-01 21:17:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2009-10-19 18:23:15 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\Home\pmtl631.dll [2009-10-18 22:08:48 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\Home\pmtl231.dll [2009-10-18 18:46:01 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Home\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-10-18 10:54:30 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Home\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-10-17 22:08:52 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe [color=#E56717]========== LOP Check ==========[/color] [2009-12-13 22:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\25177 [2012-07-28 15:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\6F638BBA000897693F7F32B381CB3F95 [2012-07-29 10:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Browsing Protection [2012-04-29 11:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ask [2011-03-10 20:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2012-01-10 21:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon [2010-03-09 21:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-07-09 11:41:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2011-12-25 13:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit [2011-12-21 15:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2012-07-23 20:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MetaQuotes [2012-06-07 19:28:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-12-21 15:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RDRM [2011-02-28 22:51:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SafeNet Sentinel [2010-12-26 00:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SweetIM [2009-12-27 20:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Wru [2012-06-12 17:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\.minecraft [2011-03-10 19:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\Autodesk [2012-01-10 21:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\Babylon [2009-11-15 18:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\cadenas [2010-01-19 12:41:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\ChomikBox [2010-11-15 14:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\CoffeeCup Software [2009-10-29 22:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\DAEMON Tools Lite [2011-03-23 19:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\DWGeditor [2009-10-18 19:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\EBookSys [2009-12-30 22:03:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\eMule [2011-12-13 21:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\Gadu-Gadu 10 [2009-11-14 23:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\GanymedeNet [2009-10-24 14:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\Gena01 [2011-12-22 11:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\InterTrust [2012-01-30 18:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\IObit [2011-12-21 16:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\ipla [2010-01-02 15:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\Nowe Gadu-Gadu [2011-05-29 22:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\OpenFM [2011-07-28 10:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\Opera [2011-03-20 22:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\pl-soft [2012-07-27 22:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\PriceGong [2011-03-17 22:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\Samsung [2012-01-10 21:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\SumatraPDF [2010-03-09 15:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\Thinstall [2012-06-19 13:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\wtxpcom [2010-06-20 16:45:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Dane aplikacji\Zoner [2012-07-27 20:21:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [color=#E56717]========== Purity Check ==========[/color] < End of report >