OTL logfile created on: 2013-06-06 20:57:13 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\OLA\Pulpit\DIAGNOSTYKA\OTL2 Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,49 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 74,67% Memory free 2,84 Gb Paging File | 2,69 Gb Available in Paging File | 94,65% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 26,37 Gb Total Space | 5,62 Gb Free Space | 21,30% Space Free | Partition Type: NTFS Drive E: | 219,72 Gb Total Space | 30,19 Gb Free Space | 13,74% Space Free | Partition Type: NTFS Drive F: | 219,67 Gb Total Space | 14,80 Gb Free Space | 6,74% Space Free | Partition Type: NTFS Computer Name: FSC-1E5586E5915 | User Name: OLA | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-06-02 02:08:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\OLA\Pulpit\DIAGNOSTYKA\OTL2\OTL.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2010-07-04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc) SRV - [2012-12-19 10:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012-07-17 15:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Program Files\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant) SRV - [2012-04-26 11:14:06 | 002,438,696 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc) SRV - [2011-12-23 00:09:56 | 000,023,176 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Disabled | Stopped] -- C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe -- (Guard Agent) SRV - [2011-12-23 00:09:46 | 000,061,064 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Disabled | Stopped] -- C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent) SRV - [2009-08-24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 9\DfSdkS.exe -- (DfSdkS) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012-12-31 01:59:43 | 000,047,418 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl) DRV - [2012-11-12 02:27:26 | 000,013,824 | ---- | M] (Scott) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBDrv.sys -- (awUSB) DRV - [2012-11-09 16:33:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2012-11-09 16:33:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2012-11-09 16:33:30 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2012-11-09 16:33:30 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2012-10-17 14:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2012-09-15 17:30:53 | 000,006,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\HWACCESS.SYS -- (HWACCESS) DRV - [2012-03-21 00:16:42 | 000,004,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\hostnt.sys -- (HOSTNT) DRV - [2012-03-21 00:16:31 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32) DRV - [2011-12-23 00:09:40 | 000,185,864 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EuFdDisk.sys -- (EUFDDISK) DRV - [2011-12-23 00:09:38 | 000,043,784 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\EUBKMON.sys -- (EUBKMON) DRV - [2011-12-23 00:09:32 | 000,016,008 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eudskacs.sys -- (EUDSKACS) DRV - [2011-12-23 00:09:30 | 000,050,312 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\eubakup.sys -- (EUBAKUP) DRV - [2011-12-15 20:29:42 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901) DRV - [2011-10-25 18:25:48 | 000,237,096 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2011-08-09 17:33:58 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt) DRV - [2011-07-29 14:54:56 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv) DRV - [2011-07-29 14:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2010-09-01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI) DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2010-01-17 16:00:55 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) DRV - [2008-05-23 01:29:54 | 000,097,792 | ---- | M] (T0r0) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\NSHE.SYS -- (NSHE) DRV - [2006-11-22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock) DRV - [2006-11-08 15:45:26 | 000,240,384 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (RT2500USB) DRV - [2006-08-29 16:56:20 | 000,032,377 | ---- | M] (B-phreaks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\prodigy.sys -- (PRODIGY) DRV - [2005-08-17 03:20:00 | 000,010,430 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SECBULK.sys -- (SecBulk) DRV - [2002-09-09 20:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1343024091-2025429265-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ IE - HKU\S-1-5-21-1343024091-2025429265-839522115-1004\..\SearchScopes,DefaultScope = Freemake IE - HKU\S-1-5-21-1343024091-2025429265-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1343024091-2025429265-839522115-1004\..\SearchScopes\Freemake: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKU\S-1-5-21-1343024091-2025429265-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.4 FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5 FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.8 FF - prefs.js..extensions.enabledItems: {3713a489-0634-4472-8456-dc7abd7eba00}:1.2.2 FF - prefs.js..network.proxy.type: 0 FF - user.js..browser.search.openintab: false FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: File not found FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) [2013-05-15 21:24:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\OLA\Dane aplikacji\Mozilla\Extensions [2011-01-01 15:14:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\OLA\Dane aplikacji\Mozilla\Extensions\home2@tomtom.com [2013-05-15 21:29:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\OLA\Dane aplikacji\Mozilla\Firefox\Profiles\kln4m31c.default\extensions [2013-05-15 21:29:43 | 000,000,000 | ---D | M] (FreemakeGoldPack) -- C:\Documents and Settings\OLA\Dane aplikacji\Mozilla\Firefox\Profiles\kln4m31c.default\extensions\{19996d99-4d11-4056-a5b4-972f39152615} [2013-05-15 21:29:43 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Documents and Settings\OLA\Dane aplikacji\Mozilla\Firefox\Profiles\kln4m31c.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}(2) [2013-05-15 21:29:44 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\OLA\Dane aplikacji\Mozilla\Firefox\Profiles\kln4m31c.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2013-05-15 21:29:46 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\OLA\Dane aplikacji\Mozilla\Firefox\Profiles\kln4m31c.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2) [2012-01-31 01:23:10 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\OLA\Dane aplikacji\Mozilla\Firefox\Profiles\kln4m31c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2013-03-19 01:25:48 | 000,817,280 | ---- | M] () (No name found) -- C:\Documents and Settings\OLA\Dane aplikacji\Mozilla\Firefox\Profiles\kln4m31c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-01-21 02:10:10 | 000,002,571 | ---- | M] () -- C:\Documents and Settings\OLA\Dane aplikacji\Mozilla\Firefox\Profiles\kln4m31c.default\searchplugins\askcom.xml [2012-10-18 11:25:22 | 000,008,215 | ---- | M] () -- C:\Documents and Settings\OLA\Dane aplikacji\Mozilla\Firefox\Profiles\kln4m31c.default\searchplugins\google-ssl.xml [2013-05-22 01:28:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013-05-22 01:28:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2011-10-14 16:53:40 | 000,000,030 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 secure.tune-up.com O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome\Application\24.0.1312.57\npchrome_frame.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O4 - HKU\S-1-5-21-1343024091-2025429265-839522115-1004..\Run: [] File not found O4 - HKU\S-1-5-21-1343024091-2025429265-839522115-1004..\Run: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1343024091-2025429265-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221 O7 - HKU\S-1-5-21-1343024091-2025429265-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 O7 - HKU\S-1-5-21-1343024091-2025429265-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O8 - Extra context menu item: Ściągaj z Mipony - C:\Program Files\MiPony\Browser\IEContext.htm () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{317BE395-7D7D-4760-9CA2-A746CE99BA74}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome\Application\24.0.1312.57\npchrome_frame.dll (Google Inc.) O18 - Protocol\Handler\mctp - No CLSID value found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-12-18 18:32:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2013-04-14 11:45:36 | 000,131,877 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O33 - MountPoints2\{b29eb65b-4dd4-11e2-9449-00400510a79c}\Shell - "" = AutoRun O33 - MountPoints2\{b29eb65b-4dd4-11e2-9449-00400510a79c}\Shell\AutoRun\command - "" = G:\NokiaPCIA_Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-06-06 20:47:03 | 000,000,000 | ---D | C] -- C:\FRST [2013-06-06 20:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OLA\Pulpit\diagnostyka_FRST [2013-06-03 02:03:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OLA\Pulpit\DIAGNOSTYKA [2013-06-03 01:48:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OLA\Pulpit\pomocniczy [2013-06-02 20:27:46 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2013-06-02 03:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2013-05-30 18:28:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight [2013-05-30 18:27:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013-05-30 02:27:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Foxit Reader [2013-05-25 18:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\MPC-HC [2013-05-24 02:26:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OLA\Dane aplikacji\EurekaLog [2013-05-22 02:01:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\VideoLAN [2013-05-22 01:08:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OLA\Dane aplikacji\Oracle [2013-05-16 00:48:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OLA\Ustawienia lokalne\Dane aplikacji\Freemake Music Box [2013-05-16 00:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OLA\Ustawienia lokalne\Dane aplikacji\FreemakeMusicBox [2013-05-15 21:28:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013-05-15 21:08:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OLA\Menu Start\Programy\Freemake [2013-05-15 21:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Freemake [2013-05-15 21:08:11 | 000,000,000 | ---D | C] -- C:\Program Files\Freemake [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-06-06 20:11:27 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-06-06 20:11:27 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1343024091-2025429265-839522115-1004.job [2013-06-06 20:11:24 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\eketkvtjax.job [2013-06-06 20:11:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-06-05 20:00:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\OEB_New Backup Job.job [2013-06-04 01:28:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1343024091-2025429265-839522115-1004.job [2013-06-02 16:10:38 | 000,000,034 | ---- | M] () -- C:\WINDOWS\System32\oeminfo.ini [2013-06-02 14:01:17 | 020,447,232 | ---- | M] () -- C:\Documents and Settings\OLA\ntuser.bak [2013-06-02 03:36:05 | 000,000,108 | ---- | M] () -- C:\WINDOWS\wininit.ini [2013-06-01 03:36:37 | 000,172,032 | RHS- | M] () -- C:\WINDOWS\System32\safrdmq.dll [2013-05-27 21:01:45 | 000,015,843 | ---- | M] () -- E:\KS - dokumenty\Re_ Pytanie o przedmiot CASTROL EDGE TURBO DIESEL 5W40 5W-40 5L + GRATIS (numer oferty_ 3238463017).eml [2013-05-22 01:28:20 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2013-05-22 01:16:44 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013-05-22 01:16:44 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013-05-21 23:58:43 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-05-21 23:58:43 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-05-16 01:39:07 | 000,588,020 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-05-16 01:39:07 | 000,502,826 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-05-16 01:39:07 | 000,119,178 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-05-16 01:39:07 | 000,088,350 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013-05-16 01:01:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013-05-15 23:53:14 | 000,272,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-06-02 03:36:05 | 000,000,108 | ---- | C] () -- C:\WINDOWS\wininit.ini [2013-06-01 03:36:37 | 000,172,032 | RHS- | C] () -- C:\WINDOWS\System32\safrdmq.dll [2013-06-01 03:36:37 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\eketkvtjax.job [2013-05-27 21:01:45 | 000,015,843 | ---- | C] () -- E:\KS - dokumenty\Re_ Pytanie o przedmiot CASTROL EDGE TURBO DIESEL 5W40 5W-40 5L + GRATIS (numer oferty_ 3238463017).eml [2013-05-15 21:28:19 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk [2013-05-15 21:28:19 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2013-05-14 21:38:20 | 020,447,232 | ---- | C] () -- C:\Documents and Settings\OLA\ntuser.bak [2013-04-07 15:36:57 | 000,717,080 | ---- | C] () -- C:\WINDOWS\unins000.exe [2013-03-20 03:22:58 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll [2013-03-20 03:22:44 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2013-03-20 01:14:16 | 000,135,655 | ---- | C] () -- C:\Documents and Settings\OLA\2013.03.19 eset config [2013-01-29 05:05:38 | 001,359,107 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1343024091-2025429265-839522115-1004-0.dat [2013-01-29 05:05:38 | 000,275,006 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2012-12-31 01:19:54 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\UMonit.exe [2012-12-31 01:19:54 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\ustor.dll [2012-12-12 03:11:56 | 000,271,264 | ---- | C] () -- C:\WINDOWS\System32\vbrun100.dll [2012-12-12 03:11:56 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll [2012-11-22 02:26:08 | 000,000,130 | ---- | C] () -- C:\WINDOWS\System32\rpireica.bin [2012-09-15 17:30:53 | 000,006,808 | ---- | C] () -- C:\WINDOWS\System32\HWACCESS.SYS [2012-08-06 01:32:47 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE [2012-08-06 01:32:47 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\hlduinst.exe [2012-08-06 01:25:40 | 000,313,044 | ---- | C] () -- C:\WINDOWS\ETOSU.EXE [2012-08-06 01:24:48 | 000,000,135 | ---- | C] () -- C:\WINDOWS\ETOSP.INI [2012-05-19 20:09:50 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\OLA\Dane aplikacji\$_hpcst$.hpc [2012-05-17 00:07:37 | 001,895,968 | ---- | C] () -- C:\WINDOWS\unins000.dat [2012-03-21 00:16:42 | 000,004,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\hostnt.sys [2012-03-21 00:16:31 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys [2012-03-04 19:56:10 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CNMCP3A.EXE [2012-02-15 00:11:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-02-05 15:54:27 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys [2012-02-04 18:48:42 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2012-02-04 18:48:41 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe [2012-02-04 18:48:41 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe [2012-02-04 18:48:41 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2012-02-04 18:48:41 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2012-02-04 18:28:15 | 000,043,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\EUBKMON.sys [2012-02-04 04:53:37 | 000,110,602 | ---- | C] () -- C:\WINDOWS\System32\xcdsfx32.bin [2012-02-02 02:28:16 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ReminderNextRun [2010-01-17 20:41:16 | 000,099,840 | ---- | C] () -- C:\Documents and Settings\OLA\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-27 14:24:54 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\OLA\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-12-27 05:05:34 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009-01-07 19:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 19:20:57 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2009-12-27 05:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Windows Desktop Search [2013-03-23 17:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2012-12-07 05:32:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2013-06-03 01:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2012-02-06 00:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Pro [2013-05-16 00:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Freemake [2012-12-29 19:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2013-04-16 02:01:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\KSPlus [2012-12-25 05:05:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2012-12-29 19:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache [2012-03-25 16:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache_X [2012-05-18 10:16:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2013-05-30 16:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2013-02-27 20:57:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2012-12-07 06:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software(2) [2013-01-01 19:27:45 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2013-02-27 20:56:36 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2013-04-10 01:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Foxit Software [2012-04-10 20:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\TuneUp Software [2012-02-05 16:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\AnvSoft [2012-05-08 00:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Ashampoo [2012-10-19 02:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\BESTplayer [2013-06-03 01:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\DAEMON Tools Lite [2012-02-06 00:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\DAEMON Tools Pro [2012-02-05 03:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\ESET [2013-05-24 02:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\EurekaLog [2012-11-16 02:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\ForDiag [2013-04-10 02:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Foxit Software [2012-11-21 21:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\FreeAudioPack [2012-11-22 01:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\FreeCDRipper [2012-02-05 17:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Genie-Soft [2013-05-23 10:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Mipony [2012-12-03 03:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\NapiProjekt [2012-12-25 03:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Nokia [2012-02-21 04:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Nokia Suite [2013-05-22 01:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Oracle [2013-01-23 02:28:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Patcher [2012-12-24 17:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\PC Suite [2012-02-05 17:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\PriceGong [2013-02-07 02:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Stanton [2013-02-27 20:57:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\TuneUp Software [2009-12-27 13:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Windows Desktop Search [2010-01-17 17:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Windows Search [2013-06-03 01:56:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Wise Care 365 [2013-06-02 13:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Wise Disk Cleaner [2013-05-26 14:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OLA\Dane aplikacji\Wise Registry Cleaner [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 201 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D282699C @Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:15D5AA51 < End of report >