OTL logfile created on: 2010-12-09 02:36:04 - Run 6 OTL by OldTimer - Version 3.2.17.3 Folder = c:\Program Files\OTL Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 446,00 Mb Total Physical Memory | 226,00 Mb Available Physical Memory | 51,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 31,41 Gb Total Space | 3,78 Gb Free Space | 12,03% Space Free | Partition Type: NTFS Drive D: | 24,48 Gb Total Space | 0,58 Gb Free Space | 2,36% Space Free | Partition Type: NTFS Computer Name: TOSHIBA | User Name: Toshiba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-12-08 16:10:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- c:\Program Files\OTL\OTL.exe PRC - [2010-12-08 16:10:45 | 000,258,560 | ---- | M] (OldTimer Tools) -- c:\Program Files\OTL\OTH.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-12-08 16:10:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- c:\Program Files\OTL\OTL.exe MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (Harmonogram automatycznej usługi LiveUpdate) SRV - File not found [Disabled | Stopped] -- -- (gupdate1c9c67029b5551a) Usługa Google Update (gupdate1c9c67029b5551a) SRV - [2010-05-17 12:11:40 | 000,229,376 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\WINDOWS\System32\PuranDefragS.exe -- (PuranDefrag) SRV - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2009-12-18 00:08:54 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2005-08-10 10:15:50 | 000,035,328 | ---- | M] (TOSHIBA Corp.) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV) SRV - [2005-01-18 00:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\VcommMgr.sys -- (VcommMgr) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\VComm.sys -- (VComm) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\btcusb.sys -- (Btcsrusb) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btnetdrv.sys -- (BT) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\blueletaudio.sys -- (BlueletAudio) DRV - [2010-02-11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2009-11-12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009-10-16 18:11:58 | 000,107,520 | R--- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtuhs51.sys -- (GTUHSNDISIPXP) DRV - [2009-10-16 18:11:58 | 000,066,560 | R--- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtuhsbus.sys -- (GTUHSBUS) DRV - [2009-10-16 18:11:58 | 000,008,064 | R--- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtuhsser.sys -- (GTUHSSER) DRV - [2009-08-09 22:25:56 | 000,029,696 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone) DRV - [2009-03-25 13:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2009-02-09 02:51:43 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008-08-14 10:01:06 | 000,231,424 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2008-07-31 20:45:42 | 000,020,616 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus) DRV - [2008-07-02 14:58:48 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs) DRV - [2008-04-14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-01-15 20:50:50 | 000,459,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73) DRV - [2007-01-16 12:56:52 | 000,450,560 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WlanBZXP.sys -- (SG762_XP) DRV - [2006-01-18 14:08:56 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50) DRV - [2005-11-30 11:01:02 | 000,043,392 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs) DRV - [2005-11-15 17:00:22 | 001,122,656 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005-11-11 00:44:12 | 004,064,256 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005-10-20 14:03:42 | 000,006,144 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD) DRV - [2005-09-12 19:08:30 | 000,468,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211) DRV - [2005-08-04 06:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2004-03-24 02:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\nsndis5.sys -- (NSNDIS5) DRV - [2003-09-19 01:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc) DRV - [2003-09-10 23:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi) DRV - [2003-01-29 22:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) DRV - [2002-09-09 18:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5) DRV - [2002-07-17 07:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (ASPI32) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "" FF - prefs.js..extensions.dejaclick.soundkeyword: "chrome://dejaclick/skin/sounds/dc_keyword.wav" FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.6 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1 FF - prefs.js..extensions.enabledItems: download-panel@kwok.wai.kan:2009.09.02 FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0 FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.11 FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1 FF - prefs.js..extensions.enabledItems: {81514210-E22A-4e69-93D5-E1EFD45B4620}:0.3.10.01.23 FF - prefs.js..network.proxy.backup.ftp: "0.0.0.0" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.gopher: "0.0.0.0" FF - prefs.js..network.proxy.backup.gopher_port: 8080 FF - prefs.js..network.proxy.backup.socks: "0.0.0.0" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "0.0.0.0" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "0.0.0.0" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.gopher: "0.0.0.0" FF - prefs.js..network.proxy.gopher_port: 8080 FF - prefs.js..network.proxy.http: "0.0.0.0" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, 192.168.0.0/24" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "0.0.0.0" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "0.0.0.0" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-08 18:19:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-08 18:19:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-12-07 17:24:37 | 000,000,000 | ---D | M] [2010-06-29 00:14:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\Mozilla\Extensions [2010-06-29 00:14:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\toshiba\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010-12-08 19:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\Mozilla\Firefox\Profiles\auiynncv.default\extensions [2010-12-07 17:22:00 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\toshiba\Dane aplikacji\Mozilla\Firefox\Profiles\auiynncv.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2010-10-12 15:50:58 | 000,000,000 | ---D | M] (Past Modern) -- C:\Documents and Settings\toshiba\Dane aplikacji\Mozilla\Firefox\Profiles\auiynncv.default\extensions\{81514210-E22A-4e69-93D5-E1EFD45B4620} [2010-12-07 17:22:00 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\toshiba\Dane aplikacji\Mozilla\Firefox\Profiles\auiynncv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-10-12 15:51:02 | 000,000,000 | ---D | M] (Torbutton) -- C:\Documents and Settings\toshiba\Dane aplikacji\Mozilla\Firefox\Profiles\auiynncv.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2010-10-12 15:51:02 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\toshiba\Dane aplikacji\Mozilla\Firefox\Profiles\auiynncv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-10-12 15:51:10 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\toshiba\Dane aplikacji\Mozilla\Firefox\Profiles\auiynncv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}(2) [2010-10-12 15:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\Mozilla\Firefox\Profiles\auiynncv.default\extensions\download-panel@kwok.wai.kan [2010-12-07 17:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\Mozilla\Firefox\Profiles\auiynncv.default\extensions\elemhidehelper@adblockplus.org [2010-12-07 17:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\Mozilla\Firefox\Profiles\auiynncv.default\extensions\firegestures@xuldev.org [2010-10-12 15:50:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\Mozilla\Firefox\Profiles\auiynncv.default\extensions\tineye@ideeinc.com [2010-12-08 18:36:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-12-08 18:34:22 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [1999-12-31 16:00:00 | 000,166,680 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll [2010-10-27 06:37:26 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-10-27 06:37:26 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-10-27 06:37:26 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-10-27 06:37:26 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-10-27 06:37:26 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-10-27 06:37:26 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-12-08 15:37:56 | 004,402,375 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 revouninstallerpro.com O1 - Hosts: 127.0.0.1 creatives.livejasmin.com O1 - Hosts: 127.0.0.1 www.revouninstallerpro.com O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 ___id___.c.mystat-in.net O1 - Hosts: 127.0.0.1 _218_.justcounter.com O1 - Hosts: 127.0.0.1 0.r.msn.com O1 - Hosts: 127.0.0.1 0.start.bz O1 - Hosts: 127.0.0.1 00.0bid.com O1 - Hosts: 127.0.0.1 000dom.revenuedirect.com O1 - Hosts: 127.0.0.1 000info.com O1 - Hosts: 127.0.0.1 000webhost.com O1 - Hosts: 127.0.0.1 000x.us O1 - Hosts: 127.0.0.1 001.adsenser.cn O1 - Hosts: 127.0.0.1 001.hitgraph.jp O1 - Hosts: 127.0.0.1 00175.com O1 - Hosts: 127.0.0.1 001x.com O1 - Hosts: 127.0.0.1 002.hitgraph.jp O1 - Hosts: 127.0.0.1 005.free-counter.co.uk O1 - Hosts: 127.0.0.1 006.free-counter.co.uk O1 - Hosts: 127.0.0.1 007.free-counter.co.uk O1 - Hosts: 127.0.0.1 007arcadegames.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 007software.com O1 - Hosts: 127.0.0.1 008.free-counter.co.uk O1 - Hosts: 148802 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\SpyBot\SDHelper.dll (Safer Networking Limited) O3 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: SpecifyDefaulTTntButtons = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Fullscreen = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_MailNews = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Size = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Print = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 1 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-2688501050-2817744776-4222612286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-12-08 19:59:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\toshiba\Recent [2010-12-08 19:21:45 | 000,017,280 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\nsndis5.sys [2010-12-08 18:52:49 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll [2010-12-08 18:34:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2010-12-08 18:34:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010-12-08 18:34:37 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-12-08 18:34:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-12-08 18:34:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-12-08 18:34:37 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-12-08 18:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010-12-08 18:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\toshiba\Dane aplikacji\Sun [2010-12-08 18:15:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\toshiba\Dane aplikacji\Notepad++ [2010-12-08 15:37:19 | 000,000,000 | ---D | C] -- C:\Program Files\FirefoxPortable [2010-12-08 15:34:58 | 000,000,000 | ---D | C] -- C:\Program Files\SpyBot [2010-12-08 15:34:45 | 000,000,000 | ---D | C] -- C:\Program Files\Vit [2010-12-08 02:36:43 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2010-12-08 02:36:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\toshiba\Dane aplikacji\Winamp [2010-12-07 19:13:44 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll [2010-12-07 19:13:44 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll [2010-12-07 19:13:43 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll [2010-12-07 19:12:32 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll [2010-12-07 19:12:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll [2010-12-07 19:11:11 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll [2010-12-07 19:06:54 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2010-12-07 19:06:40 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2010-12-07 19:06:05 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll [2010-12-07 19:05:33 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll [2010-12-07 19:05:33 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll [2010-12-07 19:05:19 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2010-12-07 17:19:38 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010-12-07 04:17:47 | 000,000,000 | ---D | C] -- C:\Program Files\Puran Defrag [2010-12-07 04:17:19 | 001,110,016 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranFD.exe [2010-12-07 04:17:19 | 000,229,376 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDefragS.exe [2010-12-07 04:17:19 | 000,221,184 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDC.exe [2010-12-07 04:17:19 | 000,212,992 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDefrag.dll [2010-12-07 04:17:19 | 000,107,008 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDefragBT.exe [2010-12-02 14:40:17 | 000,000,000 | RHSD | C] -- C:\cmdcons [2010-12-02 14:39:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010-12-02 14:38:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-12-02 14:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\Gmer [2010-12-02 14:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2010-12-01 17:25:12 | 000,000,000 | ---D | C] -- C:\Program Files\GPU-Z [2010-12-01 17:24:55 | 000,000,000 | ---D | C] -- C:\Program Files\HWiNFO32 [2010-11-22 05:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2010-11-22 05:18:01 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler [2009-07-28 13:21:49 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\implode.dll [2005-12-19 12:32:56 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-12-08 18:34:22 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010-12-08 18:34:22 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-12-08 18:34:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-12-08 18:34:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-12-08 18:34:22 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-12-08 18:19:46 | 000,001,605 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-12-08 15:37:56 | 004,402,375 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-12-08 02:51:20 | 004,402,375 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101208-153755.backup [2010-12-08 02:36:51 | 000,000,657 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-12-08 02:22:09 | 000,001,531 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ImgBurn.lnk [2010-12-08 02:17:35 | 000,010,252 | ---- | M] () -- C:\Schowek0112.tif [2010-12-08 02:17:08 | 000,012,136 | ---- | M] () -- C:\Schowek011.tif [2010-12-07 20:22:24 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-12-07 20:14:41 | 000,499,062 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-12-07 20:14:41 | 000,439,140 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-12-07 20:14:41 | 000,088,512 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-12-07 20:14:41 | 000,070,878 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-12-07 19:50:08 | 000,247,104 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-12-07 18:50:15 | 000,028,254 | ---- | M] () -- C:\Schowek33.tif [2010-12-07 04:17:47 | 000,000,683 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Puran Defrag.lnk [2010-12-02 14:40:23 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2010-12-02 14:37:43 | 000,000,210 | ---- | M] () -- C:\Boot.bak [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-12-08 02:36:51 | 000,000,657 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-12-08 02:17:35 | 000,010,252 | ---- | C] () -- C:\Schowek0112.tif [2010-12-08 02:17:08 | 000,012,136 | ---- | C] () -- C:\Schowek011.tif [2010-12-07 18:50:15 | 000,028,254 | ---- | C] () -- C:\Schowek33.tif [2010-12-07 04:17:19 | 000,000,683 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Puran Defrag.lnk [2010-12-02 14:40:23 | 000,000,210 | ---- | C] () -- C:\Boot.bak [2010-12-02 14:40:21 | 000,262,400 | RHS- | C] () -- C:\cmldr [2010-10-12 17:27:59 | 000,049,152 | ---- | C] () -- C:\WINDOWS\RevelationHelper.dll [2010-10-12 17:23:36 | 000,000,202 | ---- | C] () -- C:\WINDOWS\OPLK.INI [2010-09-20 21:29:52 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-08-28 12:59:58 | 000,000,103 | ---- | C] () -- C:\WINDOWS\pro.INI [2010-06-08 02:25:24 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2010-05-27 11:15:03 | 000,000,081 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib [2010-04-12 20:56:06 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2010-02-27 01:56:08 | 000,001,786 | ---- | C] () -- C:\WINDOWS\Q-Dir.ini [2009-10-27 22:05:48 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\toshiba\Dane aplikacji\$_hpcst$.hpc [2009-10-06 02:09:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI [2009-08-27 09:42:31 | 000,000,120 | ---- | C] () -- C:\WINDOWS\CIS_Setup_3.11.108364.552_XP_Vista_x32.INI [2009-03-10 13:27:10 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini [2009-03-05 16:34:20 | 000,000,023 | ---- | C] () -- C:\WINDOWS\SWFDecompiler.INI [2009-02-09 02:51:42 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-02-03 04:41:48 | 000,013,030 | ---- | C] () -- C:\Documents and Settings\toshiba\Dane aplikacji\PDOXUSRS.NET [2009-01-09 04:43:08 | 000,000,174 | ---- | C] () -- C:\WINDOWS\BsMobileModel.ini [2009-01-08 02:43:54 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2009-01-08 02:43:54 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll [2009-01-08 02:43:54 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2009-01-08 02:43:54 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2009-01-05 04:16:07 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\toshiba\Ustawienia lokalne\Dane aplikacji\PUTTY.RND [2009-01-03 17:54:24 | 000,000,316 | ---- | C] () -- C:\WINDOWS\pdf2word.INI [2008-12-25 02:00:48 | 000,000,163 | ---- | C] () -- C:\WINDOWS\HSPColors.ini [2008-11-28 01:47:48 | 000,000,567 | ---- | C] () -- C:\Documents and Settings\toshiba\Dane aplikacji\AutoGK.ini [2008-11-26 12:21:54 | 000,000,188 | ---- | C] () -- C:\WINDOWS\NetViewer.INI [2008-11-04 18:00:11 | 000,001,162 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI [2008-10-23 11:12:10 | 000,000,251 | ---- | C] () -- C:\WINDOWS\BissHM.ini [2008-10-22 18:57:56 | 000,000,095 | ---- | C] () -- C:\WINDOWS\winamp.ini [2008-09-20 16:25:13 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-07-06 15:45:49 | 000,000,511 | ---- | C] () -- C:\WINDOWS\VC.INI [2008-02-14 18:55:44 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\toshiba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-06-08 11:16:17 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\toshiba\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2005-12-19 13:39:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005-12-19 13:21:04 | 000,000,556 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005-12-19 13:00:38 | 000,000,229 | ---- | C] () -- C:\WINDOWS\wininit.ini [2005-12-19 12:52:47 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2005-12-19 12:52:47 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2005-12-19 12:52:47 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2005-12-19 12:52:47 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2005-12-19 12:52:47 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2005-12-19 12:52:47 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2005-12-19 12:48:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2005-12-19 12:38:39 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys [2005-12-19 12:38:39 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys [2005-12-19 12:32:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll [2005-12-19 11:50:15 | 000,010,147 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2005-12-19 11:50:15 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2005-12-19 11:50:14 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2005-12-19 11:50:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2005-12-19 11:43:36 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2005-12-16 11:56:41 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005-12-16 10:50:15 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2005-11-11 22:12:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [1999-06-20 23:00:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2005-12-22 17:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\toshiba [2010-02-21 15:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Softland [2010-03-13 02:22:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\aignes [2009-07-04 13:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\anpo.republika.pl [2010-03-22 18:23:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\Canneverbe Limited [2010-01-08 03:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\iFree [2009-09-11 13:30:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\ImgBurn [2009-10-20 02:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\InspireSoft [2006-06-14 16:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\InterVideo [2010-12-08 18:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\Notepad++ [2010-09-28 11:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\SecurityHeroes [2009-02-12 13:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\Simply Super Software [2010-02-21 15:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\Softland [2010-08-28 16:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\SuperMemo World [2010-03-13 02:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\Thunderbird [2005-12-22 17:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\toshiba\Dane aplikacji\toshiba [2010-12-08 19:59:08 | 000,032,612 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 48 bytes -> C:\Documents and Settings\All Users\DRM:مايكروسوفت < End of report >