OTL logfile created on: 2012-08-13 14:30:55 - Run 2 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\Joker_PC\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 894,10 Mb Total Physical Memory | 568,61 Mb Available Physical Memory | 63,60% Memory free 2,11 Gb Paging File | 1,85 Gb Available in Paging File | 87,64% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 23,75 Gb Total Space | 7,48 Gb Free Space | 31,48% Space Free | Partition Type: NTFS Drive D: | 39,06 Gb Total Space | 4,82 Gb Free Space | 12,34% Space Free | Partition Type: NTFS Drive E: | 3,88 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: JOKER | User Name: Joker_PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 7 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-13 14:01:54 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Joker_PC\Moje dokumenty\Pobieranie\OTL.exe PRC - [2012-07-05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe PRC - [2012-01-23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- D:\Tools\TomTom HOME 2\TomTomHOMEService.exe PRC - [2011-03-21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2008-08-25 00:08:55 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe PRC - [2006-08-04 11:35:54 | 000,217,088 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe PRC - [2006-08-04 11:35:52 | 000,135,168 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnat.exe PRC - [2006-08-04 11:35:52 | 000,106,496 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnetdhcp.exe PRC - [2006-08-04 11:28:58 | 000,262,144 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-03-21 20:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011-03-21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe MOD - [2007-05-11 10:50:00 | 000,017,024 | ---- | M] () -- C:\tools\Adobe\reader\Reader\ViewerPS.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012-07-05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-06-30 11:46:09 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Start_Pending] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP) SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-01-23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- D:\Tools\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2012-01-05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv) SRV - [2010-06-24 23:16:51 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2006-08-04 11:35:54 | 000,217,088 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService) SRV - [2006-08-04 11:35:52 | 000,135,168 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service) SRV - [2006-08-04 11:35:52 | 000,106,496 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2006-08-04 11:28:58 | 000,262,144 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe -- (vmount2) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aepto94e) DRV - [2012-06-17 15:32:04 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2011-08-25 17:13:26 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K) DRV - [2010-10-01 11:37:50 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2010-08-16 16:31:08 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio) DRV - [2010-08-16 16:31:06 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio) DRV - [2010-07-28 11:19:28 | 000,058,112 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\silabser.sys -- (silabser) DRV - [2010-07-28 11:19:28 | 000,047,176 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\silabenm.sys -- (silabenm) DRV - [2010-06-09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2) DRV - [2010-06-09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (KL1) DRV - [2010-05-07 12:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2009-11-02 20:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2008-08-25 18:10:00 | 000,217,600 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u) DRV - [2008-08-25 18:07:54 | 000,891,008 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial) DRV - [2008-08-25 00:08:54 | 000,659,456 | ---- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\S3gIGPm.sys -- (S3GIGP) DRV - [2007-09-23 18:00:00 | 000,037,456 | R--- | M] (WCH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBSER34.SYS -- (USBSER34) DRV - [2006-09-18 19:42:48 | 000,141,824 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (HdAudAddService) DRV - [2006-08-04 11:35:56 | 000,023,296 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge) DRV - [2006-08-04 11:35:56 | 000,015,616 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif) DRV - [2006-08-04 11:35:56 | 000,009,600 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV - [2006-08-04 11:35:54 | 000,022,016 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon) DRV - [2006-08-04 11:35:52 | 000,094,848 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86) DRV - [2006-08-04 11:28:58 | 000,011,520 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys -- (vstor2) DRV - [2006-05-18 10:48:50 | 000,047,249 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.co.uk/ IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.5.0.12 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30 FF - prefs.js..network.proxy.ftp: "188.165.17.196" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.http: "188.165.17.196" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.ssl: "188.165.17.196" FF - prefs.js..network.proxy.ssl_port: 3128 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\tools\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\tools\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-09-05 18:06:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: D:\Tools\Mozilla Firefox\components [2012-03-11 15:11:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: D:\Tools\Mozilla Firefox\plugins [2012-08-07 14:13:16 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-09-05 18:06:15 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: D:\Tools\DAP\DAPFireFox [2011-02-23 22:43:44 | 000,000,000 | ---D | M] [2010-04-27 10:46:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Joker_PC\Dane aplikacji\Mozilla\Extensions [2010-04-27 10:46:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Joker_PC\Dane aplikacji\Mozilla\Extensions\home2@tomtom.com [2012-08-13 14:21:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Joker_PC\Dane aplikacji\Mozilla\Firefox\Profiles\b415q0ki.default\extensions O1 HOSTS File: ([2012-08-12 22:41:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found O3 - HKLM\..\Toolbar: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\tools\Adobe\reader\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.) O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [GefBwxse] C:\Documents and Settings\Joker_PC\Ustawienia lokalne\Dane aplikacji\xxnomxmn\gefbwxse.exe File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland) O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1272209808671 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A9CF173-790A-4D93-807C-7E7E280B1DD2}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Joker_PC\Ustawienia lokalne\Dane aplikacji\xxnomxmn\gefbwxse.exe) - C:\Documents and Settings\Joker_PC\Ustawienia lokalne\Dane aplikacji\xxnomxmn\gefbwxse.exe File not found O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-06-18 12:21:18 | 000,000,000 | ---D | M] - C:\Autodata -- [ NTFS ] O32 - AutoRun File - [2010-04-25 13:00:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-07-17 11:31:44 | 000,000,784 | ---- | M] () - C:\Auto_Bledy.txt -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 7 Days ==========[/color] [2063-01-01 01:00:00 | 000,891,008 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\System32\drivers\smserial.sys [2063-01-01 01:00:00 | 000,565,248 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe [2063-01-01 01:00:00 | 000,139,264 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\System32\sm56co.dll [2063-01-01 01:00:00 | 000,069,632 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\sm56eng.dll [2063-01-01 01:00:00 | 000,065,536 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\sm56ita.dll [2063-01-01 01:00:00 | 000,065,536 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\sm56ger.dll [2063-01-01 01:00:00 | 000,065,536 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\sm56fra.dll [2063-01-01 01:00:00 | 000,065,536 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\sm56esp.dll [2063-01-01 01:00:00 | 000,065,536 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\sm56brz.dll [2063-01-01 01:00:00 | 000,061,440 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\sm56dnk.dll [2063-01-01 01:00:00 | 000,053,248 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\sm56kor.dll [2063-01-01 01:00:00 | 000,053,248 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\sm56jpn.dll [2063-01-01 01:00:00 | 000,053,248 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\sm56cht.dll [2063-01-01 01:00:00 | 000,053,248 | ---- | C] (Motorola Inc.) -- C:\WINDOWS\sm56chs.dll [2012-08-13 14:18:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012-08-13 14:18:36 | 000,000,000 | ---D | C] -- C:\_OTL [2012-08-12 22:30:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012-08-12 22:30:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012-08-12 22:30:39 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012-08-12 22:30:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012-08-12 22:30:31 | 000,000,000 | ---D | C] -- C:\ComboFix_www.INSTALKI.pl [2012-08-12 20:44:47 | 000,000,000 | ---D | C] -- C:\LOGI [2012-08-12 18:51:23 | 000,000,000 | RHSD | C] -- C:\cmdcons [2012-08-12 18:49:03 | 000,000,000 | ---D | C] -- C:\Qoobox [2012-08-12 18:48:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt [2012-08-07 14:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader [2012-08-07 14:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-08-07 14:26:30 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2012-08-07 14:25:50 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012-08-07 14:25:50 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012-08-07 14:25:38 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012-08-07 14:25:38 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012-08-07 14:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\Java [color=#E56717]========== Files - Modified Within 7 Days ==========[/color] [2012-08-13 14:27:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2012-08-13 14:27:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-08-13 14:25:48 | 008,126,464 | ---- | M] () -- C:\Documents and Settings\Joker_PC\ntuser.dat [2012-08-13 14:25:48 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Joker_PC\ntuser.ini [2012-08-13 14:25:46 | 004,842,158 | -H-- | M] () -- C:\Documents and Settings\Joker_PC\Ustawienia lokalne\Dane aplikacji\IconCache.db [2012-08-13 09:46:43 | 000,100,855 | ---- | M] () -- C:\Documents and Settings\Joker_PC\Pulpit\bload_rootkit_0_access.JPG [2012-08-12 22:56:56 | 000,133,120 | ---- | M] () -- C:\Documents and Settings\Joker_PC\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-08-12 22:42:04 | 000,000,435 | ---- | M] () -- C:\WINDOWS\system.ini [2012-08-12 22:41:41 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2012-08-12 22:24:15 | 000,400,547 | ---- | M] () -- C:\Documents and Settings\Joker_PC\Pulpit\catchme.zip [2012-08-12 20:55:37 | 000,992,960 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2012-08-12 20:55:37 | 000,451,270 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-08-12 20:55:37 | 000,395,314 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-08-12 20:55:37 | 000,075,858 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-08-12 20:55:37 | 000,060,140 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-08-12 20:52:03 | 001,434,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-08-12 18:51:33 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2012-08-12 15:37:04 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2012-08-12 15:37:04 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2012-08-12 12:09:13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-08-07 14:31:49 | 000,001,694 | ---- | M] () -- C:\Documents and Settings\Joker_PC\Pulpit\JDownloader.lnk [2012-08-07 14:25:16 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012-08-07 14:25:16 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-13 09:46:43 | 000,100,855 | ---- | C] () -- C:\Documents and Settings\Joker_PC\Pulpit\bload_rootkit_0_access.JPG [2012-08-12 22:30:39 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2012-08-12 22:30:39 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2012-08-12 22:30:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2012-08-12 22:30:39 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2012-08-12 22:30:39 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2012-08-12 22:24:15 | 000,400,547 | ---- | C] () -- C:\Documents and Settings\Joker_PC\Pulpit\catchme.zip [2012-08-12 18:51:32 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2012-08-12 18:51:26 | 000,262,400 | RHS- | C] () -- C:\cmldr [2012-08-11 16:00:09 | 003,261,276 | ---- | C] () -- C:\Documents and Settings\Joker_PC\Pulpit\DSCN0341.JPG [2012-08-11 16:00:09 | 003,207,521 | ---- | C] () -- C:\Documents and Settings\Joker_PC\Pulpit\DSCN0342.JPG [2012-08-07 14:31:49 | 000,001,694 | ---- | C] () -- C:\Documents and Settings\Joker_PC\Pulpit\JDownloader.lnk [2012-08-07 14:31:36 | 000,001,658 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader.lnk [2012-08-07 14:31:36 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader Uninstaller.lnk [2012-08-07 14:31:36 | 000,001,581 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader Update.lnk [2012-06-30 00:18:50 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2012-06-30 00:18:50 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2012-04-23 09:22:38 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-02-17 21:47:54 | 008,126,464 | ---- | C] () -- C:\Documents and Settings\Joker_PC\ntuser.dat [2011-02-27 17:15:07 | 000,725,064 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe [2011-02-27 17:15:06 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys [2011-02-27 17:15:05 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys [2011-01-25 20:33:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI [2011-01-03 17:20:45 | 000,001,357 | ---- | C] () -- C:\WINDOWS\VPlayer.INI [2010-09-05 18:21:09 | 000,077,444 | ---- | C] () -- C:\WINDOWS\hpqins05.dat [2010-09-05 18:04:55 | 000,023,189 | ---- | C] () -- C:\WINDOWS\hpqins15.dat [2010-08-14 22:33:03 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Joker_PC\Dane aplikacji\$_hpcst$.hpc [2010-04-27 16:14:49 | 000,133,120 | ---- | C] () -- C:\Documents and Settings\Joker_PC\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-25 13:48:03 | 004,842,158 | -H-- | C] () -- C:\Documents and Settings\Joker_PC\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-04-25 13:34:10 | 000,023,640 | ---- | C] () -- C:\Documents and Settings\Joker_PC\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-04-25 13:13:58 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Joker_PC\ntuser.ini [color=#E56717]========== LOP Check ==========[/color] [2010-04-25 18:19:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2012-06-12 18:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2012-05-07 16:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2012-06-22 22:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RDRM [2011-07-31 13:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Soulseek [2010-04-27 10:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TomTom [2010-04-25 21:28:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joker_PC\Dane aplikacji\Gadu-Gadu 10 [2012-06-22 22:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joker_PC\Dane aplikacji\ipla [2011-11-13 11:57:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joker_PC\Dane aplikacji\OpenFM [2012-07-21 14:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joker_PC\Dane aplikacji\Oracle [2010-04-27 10:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joker_PC\Dane aplikacji\TomTom [2012-08-11 14:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joker_PC\Dane aplikacji\uTorrent [color=#E56717]========== Purity Check ==========[/color] < End of report >