OTL logfile created on: 2011-02-26 02:08:18 - Run 1 OTL by OldTimer - Version 3.2.21.0 Folder = H:\download Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 4,67 Gb Total Space | 0,65 Gb Free Space | 13,92% Space Free | Partition Type: NTFS Drive D: | 4,61 Gb Total Space | 2,96 Gb Free Space | 64,23% Space Free | Partition Type: FAT32 Drive E: | 9,35 Gb Total Space | 0,98 Gb Free Space | 10,48% Space Free | Partition Type: FAT32 Drive G: | 150,26 Gb Total Space | 150,19 Gb Free Space | 99,95% Space Free | Partition Type: NTFS Drive H: | 292,97 Gb Total Space | 207,04 Gb Free Space | 70,67% Space Free | Partition Type: NTFS Drive I: | 244,14 Gb Total Space | 5,42 Gb Free Space | 2,22% Space Free | Partition Type: NTFS Drive J: | 244,14 Gb Total Space | 231,18 Gb Free Space | 94,69% Space Free | Partition Type: NTFS Computer Name: OM-039A08B11DBB | User Name: mag | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-26 01:46:11 | 000,577,024 | ---- | M] (OldTimer Tools) -- H:\download\OTL.exe PRC - [2011-01-28 16:43:49 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- J:\java\bin\jqs.exe PRC - [2010-12-11 11:55:33 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-12-11 11:55:29 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- J:\kasper\avp.exe PRC - [2010-10-05 20:26:46 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- J:\kasper\klwtblfs.exe PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2008-12-09 15:23:58 | 018,063,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2006-10-31 15:35:00 | 000,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-03 23:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-26 01:46:11 | 000,577,024 | ---- | M] (OldTimer Tools) -- H:\download\OTL.exe MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-03 23:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-03 23:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-03 23:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-03 23:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2011-01-28 16:43:49 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- J:\java\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- J:\kasper\avp.exe -- (AVP) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-24 14:22:59 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2010-12-15 22:04:20 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2) DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1) DRV - [2010-05-07 11:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2010-02-25 16:31:09 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2009-11-02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-04-06 08:13:52 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc) DRV - [2009-04-06 08:13:52 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt) DRV - [2008-12-13 11:26:38 | 000,102,400 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008-12-11 18:24:20 | 004,959,232 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-04-16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2006-11-27 16:33:54 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-11-27 16:33:50 | 000,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-10-31 15:35:00 | 003,964,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006-10-18 16:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2003-07-17 16:48:44 | 000,046,167 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys) DRV - [2003-06-24 13:55:56 | 000,127,497 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw) DRV - [2003-04-19 00:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tandpl.sys -- (tandpl) DRV - [2003-03-02 17:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\enodpl.sys -- (enodpl) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019 FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.556 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: J:\java\lib\deploy\jqs\ff [2011-01-28 16:43:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-11 11:55:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-02-24 14:16:22 | 000,000,000 | ---D | M] [2010-09-10 12:57:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mag\Dane aplikacji\Mozilla\Extensions [2011-02-25 00:02:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mag\Dane aplikacji\Mozilla\Firefox\Profiles\zrvoqep8.default\extensions [2011-02-02 11:01:45 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\mag\Dane aplikacji\Mozilla\Firefox\Profiles\zrvoqep8.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2011-02-08 13:14:09 | 000,000,000 | ---D | M] (Foxit PDF Creator Toolbar) -- C:\Documents and Settings\mag\Dane aplikacji\Mozilla\Firefox\Profiles\zrvoqep8.default\extensions\toolbar@ask.com [2011-02-25 00:48:09 | 000,001,860 | ---- | M] () -- C:\Documents and Settings\mag\Dane aplikacji\Mozilla\Firefox\Profiles\zrvoqep8.default\searchplugins\search.xml [2011-02-24 16:56:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-01-28 16:43:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-02-24 14:40:31 | 000,000,000 | ---D | M] (Blokowanie banerów) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2011-02-24 14:40:29 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2011-01-28 16:43:49 | 000,000,000 | ---D | M] (Java Quick Starter) -- J:\JAVA\LIB\DEPLOY\JQS\FF [2011-01-28 16:43:49 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-08-25 01:39:29 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-08-25 01:39:29 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-08-25 01:39:29 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-08-25 01:39:29 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-08-25 01:39:29 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-08-25 01:39:29 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-02-25 16:23:56 | 000,000,906 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com O1 - Hosts: 127.0.0.1 www.alcohol-soft.com O1 - Hosts: 127.0.0.1 images.alcohol-soft.com O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com O1 - Hosts: 127.0.0.1 alcohol-soft.com O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - J:\kasper\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - J:\java\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - J:\kasper\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - J:\java\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AVP] J:\kasper\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [GProton] C:\Documents and Settings\All Users\GProton.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKCU..\Run: [ALLUpdate] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O8 - Extra context menu item: Dodaj do listy blokowanych banerów - J:\kasper\ie_banner_deny.htm () O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - J:\kasper\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - J:\kasper\klwtbbho.dll (Kaspersky Lab ZAO) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ic32pp {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll () O20 - AppInit_DLLs: (J:\kasper\mzvkbd3.dll) - J:\kasper\mzvkbd3.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (J:\kasper\kloehk.dll) - J:\kasper\kloehk.dll (Kaspersky Lab ZAO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-25 14:06:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-02-25 13:31:27 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-02-25 13:31:28 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2011-02-25 13:31:28 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2011-02-25 13:31:27 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-02-25 13:31:27 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-02-25 13:31:27 | 000,000,000 | RHSD | M] - I:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-02-25 13:31:27 | 000,000,000 | RHSD | M] - J:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{158353dc-cfc2-11df-858a-00241da333b9}\Shell - "" = AutoRun O33 - MountPoints2\{158353dc-cfc2-11df-858a-00241da333b9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2e2c35e6-4003-11e0-925d-00241da333b9}\Shell - "" = AutoRun O33 - MountPoints2\{2e2c35e6-4003-11e0-925d-00241da333b9}\Shell\AutoRun\command - "" = K:\AutoRun.exe O33 - MountPoints2\{460558ae-0eae-11e0-9206-00241da333b9}\Shell\AutoRun\command - "" = I:\d1vmq.exe O33 - MountPoints2\{460558ae-0eae-11e0-9206-00241da333b9}\Shell\open\Command - "" = I:\d1vmq.exe O33 - MountPoints2\{80f1a060-3c1a-11e0-925a-00241da333b9}\Shell\AutoRun\command - "" = K:\d1vmq.exe O33 - MountPoints2\{80f1a060-3c1a-11e0-925a-00241da333b9}\Shell\open\Command - "" = K:\d1vmq.exe O33 - MountPoints2\{84cd43be-c0e0-11df-855b-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{84cd43be-c0e0-11df-855b-4d6564696130}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{bd769d3c-23ca-11df-8241-00241da333b9}\Shell - "" = AutoRun O33 - MountPoints2\{bd769d3c-23ca-11df-8241-00241da333b9}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{bd84a717-3e6b-11e0-925b-00241da333b9}\Shell - "" = AutoRun O33 - MountPoints2\{bd84a717-3e6b-11e0-925b-00241da333b9}\Shell\AutoRun\command - "" = K:\AutoRun.exe O33 - MountPoints2\{cc95ae78-c0e3-11df-855c-00241da333b9}\Shell - "" = AutoRun O33 - MountPoints2\{cc95ae78-c0e3-11df-855c-00241da333b9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{d0d966d8-d514-11df-859e-00241da333b9}\Shell\AutoRun\command - "" = K:\d1vmq.exe O33 - MountPoints2\{d0d966d8-d514-11df-859e-00241da333b9}\Shell\open\Command - "" = K:\d1vmq.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^mag^Menu Start^Programy^Autostart^Dropbox.lnk - - File not found MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]AlcoholAutomount[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]GEST[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]GrooveMonitor[/b] - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]RavTimeXP[/b] - hkey= - key= - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-25 13:31:27 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2011-02-24 15:32:22 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva [2011-02-24 14:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kaspersky Internet Security 2011 [2011-02-24 14:23:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab [2011-02-24 14:22:59 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2011-02-24 11:48:33 | 000,621,056 | ---- | C] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys [2011-02-24 11:48:33 | 000,112,640 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys [2011-02-24 11:48:33 | 000,102,656 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbfake.sys [2011-02-24 11:48:33 | 000,102,400 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys [2011-02-24 11:48:33 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys [2011-02-24 11:48:31 | 000,000,000 | ---D | C] -- C:\Program Files\Huawei Modems [2011-02-09 20:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mag\Menu Start\Programy\FLVPlayer [2011-02-08 13:14:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mag\Dane aplikacji\Foxit Software [2011-02-08 13:14:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Foxit Reader [2011-02-08 13:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com [2011-02-02 15:03:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mag\Dane aplikacji\DMCache [2011-02-02 10:44:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader [2011-01-28 16:44:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011-01-16 13:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mag\Ustawienia lokalne\Dane aplikacji\Ubisoft [2011-01-16 13:49:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallShield [2011-01-16 13:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2011-01-12 23:52:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ubisoft [2011-01-12 21:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2011-01-12 21:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Lavalys [2011-01-11 21:06:32 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2011-01-11 21:06:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\7-Zip [2011-01-10 23:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA GAMES [2011-01-05 13:25:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mag\Ustawienia lokalne\Dane aplikacji\Omnius for SE [2011-01-05 13:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Omnius for SE [2011-01-05 12:39:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mag\Menu Start\Programy\Ultimate Unlocker [2011-01-04 11:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mag\Menu Start\Programy\Chomikuj.pl [2011-01-04 11:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\ChomikBox [2011-01-03 15:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mag\Menu Start\Programy\Sony Ericsson [2011-01-03 15:02:36 | 000,025,512 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\ggsemc.sys [2011-01-03 15:02:36 | 000,013,224 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\ggflt.sys [2011-01-03 15:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson [2011-01-03 15:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Sony Ericsson [2010-12-30 23:33:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mag\Menu Start\Programy\Supreme [2010-12-30 17:27:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-12-29 21:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Cateia Games [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-26 02:06:13 | 000,081,496 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011-02-26 02:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011-02-26 01:56:28 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2011-02-26 01:56:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-02-26 01:55:20 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\mag\NTUSER.DAT [2011-02-26 01:54:58 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\mag\ntuser.ini [2011-02-25 17:50:13 | 005,866,538 | -H-- | M] () -- C:\Documents and Settings\mag\Ustawienia lokalne\Dane aplikacji\IconCache.db [2011-02-24 19:16:17 | 000,176,640 | ---- | M] () -- C:\Documents and Settings\mag\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-24 16:45:34 | 000,000,827 | ---- | M] () -- C:\WINDOWS\system.ini [2011-02-24 16:45:34 | 000,000,461 | ---- | M] () -- C:\WINDOWS\win.ini [2011-02-24 16:45:34 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2011-02-24 15:32:23 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Recuva.lnk [2011-02-24 14:24:45 | 000,114,243 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2011-02-24 14:24:45 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2011-02-24 14:22:59 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2011-02-24 14:20:54 | 000,262,232 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-02-24 11:48:31 | 000,070,667 | ---- | M] () -- C:\WINDOWS\Huawei ModemsUninstall.exe [2011-02-24 11:33:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-02-08 13:14:12 | 000,000,498 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Foxit Reader.lnk [2011-01-20 16:48:16 | 004,194,304 | ---- | M] () -- C:\Documents and Settings\mag\Pulpit\A100E_20110120_v2.08B4.abs [2011-01-17 18:05:52 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-01-16 13:49:01 | 000,000,561 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Shaun White Snowboarding.lnk [2011-01-12 23:53:46 | 000,000,528 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Prince of Persia - Piaski Czasu.lnk [2011-01-12 21:43:30 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\mag\Pulpit\EVEREST Home Edition.lnk [2011-01-10 23:03:38 | 000,000,480 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Need for Speed™ Most Wanted.lnk [2011-01-10 22:10:38 | 000,000,082 | ---- | M] () -- C:\WINDOWS\mafosav.INI [2011-01-05 12:39:52 | 000,000,991 | ---- | M] () -- C:\Documents and Settings\mag\Pulpit\Ultimate Unlocker.lnk [2011-01-04 11:24:57 | 000,000,830 | ---- | M] () -- C:\Documents and Settings\mag\Pulpit\ChomikBox.lnk [2011-01-03 15:23:25 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggflt_01007.Wdf [2011-01-03 15:07:22 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf [2011-01-03 15:07:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010-12-30 23:33:08 | 000,000,526 | ---- | M] () -- C:\Documents and Settings\mag\Pulpit\Supreme Snowboarding.lnk [2010-12-30 23:33:08 | 000,000,515 | ---- | M] () -- C:\Documents and Settings\mag\Pulpit\Read Me - SUPREME.lnk [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-25 15:18:38 | 004,194,304 | ---- | C] () -- C:\Documents and Settings\mag\Pulpit\A100E_20110120_v2.08B4.abs [2011-02-24 15:32:23 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Recuva.lnk [2011-02-24 14:24:45 | 000,114,243 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2011-02-24 14:24:45 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2011-02-24 11:48:31 | 000,070,667 | ---- | C] () -- C:\WINDOWS\Huawei ModemsUninstall.exe [2011-02-08 13:14:12 | 000,000,498 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Foxit Reader.lnk [2011-02-08 13:14:07 | 000,000,230 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011-01-17 18:05:52 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2011-01-17 18:05:52 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-01-16 13:49:01 | 000,000,561 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Shaun White Snowboarding.lnk [2011-01-12 23:53:46 | 000,000,528 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Prince of Persia - Piaski Czasu.lnk [2011-01-12 21:43:30 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\mag\Pulpit\EVEREST Home Edition.lnk [2011-01-10 23:03:38 | 000,000,480 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Need for Speed™ Most Wanted.lnk [2011-01-10 22:10:34 | 000,000,082 | ---- | C] () -- C:\WINDOWS\mafosav.INI [2011-01-05 12:39:52 | 000,000,991 | ---- | C] () -- C:\Documents and Settings\mag\Pulpit\Ultimate Unlocker.lnk [2011-01-04 11:24:57 | 000,000,830 | ---- | C] () -- C:\Documents and Settings\mag\Pulpit\ChomikBox.lnk [2011-01-03 15:23:25 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggflt_01007.Wdf [2011-01-03 15:07:22 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf [2011-01-03 15:07:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010-12-30 23:33:08 | 000,000,526 | ---- | C] () -- C:\Documents and Settings\mag\Pulpit\Supreme Snowboarding.lnk [2010-12-30 23:33:08 | 000,000,515 | ---- | C] () -- C:\Documents and Settings\mag\Pulpit\Read Me - SUPREME.lnk [2010-12-27 23:42:32 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-12-24 18:57:58 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys [2010-12-24 18:57:58 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys [2010-09-15 16:42:44 | 000,176,640 | ---- | C] () -- C:\Documents and Settings\mag\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-09-09 14:38:00 | 000,051,712 | ---- | C] () -- C:\WINDOWS\wc98pp.dll [2010-03-02 15:54:37 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2010-03-02 15:54:37 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2010-03-02 15:54:29 | 000,000,998 | ---- | C] () -- C:\WINDOWS\adiras.ini [2010-03-02 15:54:26 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2010-03-02 15:54:25 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll [2010-02-25 19:34:09 | 000,066,440 | ---- | C] () -- C:\Documents and Settings\mag\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-02-25 16:19:38 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-02-25 14:59:22 | 000,772,738 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-02-25 14:59:21 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-02-25 14:58:55 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2010-02-25 14:11:16 | 005,866,538 | -H-- | C] () -- C:\Documents and Settings\mag\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-02-25 14:10:49 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\mag\Dane aplikacji\desktop.ini [2010-02-25 14:06:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2010-02-25 14:03:56 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2010-02-25 14:03:56 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2010-02-25 14:03:22 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2010-02-25 14:03:21 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2010-01-30 15:33:42 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2010-01-30 15:33:42 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2010-01-30 15:33:42 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2010-01-30 15:33:42 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2010-01-30 15:33:41 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2010-01-30 15:33:41 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2010-01-30 15:33:40 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2004-08-03 23:44:10 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2004-08-03 23:44:04 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-08-03 23:43:58 | 000,186,368 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2004-08-03 23:43:56 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll [2004-08-03 23:43:54 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2004-08-03 23:43:16 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2004-08-03 21:46:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2004-08-03 21:45:34 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2004-08-03 21:45:16 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2004-08-03 21:45:16 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2004-08-03 21:45:14 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2004-08-03 21:45:12 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2004-07-17 10:46:14 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll [2001-10-26 18:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll [2001-10-26 18:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2001-10-26 18:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2001-10-26 18:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2001-10-26 17:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2001-10-26 17:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2001-10-26 17:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2001-10-26 17:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2001-10-26 16:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2001-10-26 16:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2001-10-26 16:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2001-10-26 16:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini [2001-10-26 16:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2001-10-26 16:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2001-10-26 16:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2001-08-17 22:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2001-08-17 22:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2001-08-17 22:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2001-08-17 22:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2001-08-17 22:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2001-08-17 22:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2001-08-17 22:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv [2001-08-17 20:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2001-07-22 03:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2001-07-21 23:16:20 | 000,000,461 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-21 23:15:52 | 000,000,827 | ---- | C] () -- C:\WINDOWS\system.ini [2001-07-21 23:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [color=#E56717]========== LOP Check ==========[/color] [2011-02-24 14:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Birdstep Technology [2010-12-29 21:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Cateia Games [2010-12-15 22:03:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-03-06 14:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-11-08 21:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2011-01-05 13:25:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Omnius for SE [2011-01-16 13:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2010-12-21 13:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mag\Dane aplikacji\ChomikBox [2010-12-15 22:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mag\Dane aplikacji\DAEMON Tools Lite [2011-02-03 21:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mag\Dane aplikacji\DMCache [2010-12-15 21:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mag\Dane aplikacji\Dropbox [2010-03-02 16:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mag\Dane aplikacji\FileZilla [2011-02-08 13:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mag\Dane aplikacji\Foxit Software [2010-03-06 14:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mag\Dane aplikacji\Gadu-Gadu 10 [2010-12-15 18:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mag\Dane aplikacji\ipla [2010-02-27 09:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mag\Dane aplikacji\Opera [2010-12-21 14:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mag\Dane aplikacji\ScummVM [2011-02-09 11:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mag\Dane aplikacji\uTorrent [2011-02-26 02:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-02-25 14:06:49 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011-02-24 16:45:34 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-21 23:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-02-25 14:06:49 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-02-25 16:29:56 | 000,000,206 | ---- | M] () -- C:\csb.log [2010-04-24 11:51:20 | 000,000,072 | -HS- | M] () -- C:\desktop.ini [2010-02-25 14:06:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-02-25 14:06:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2011-02-26 01:56:20 | 704,643,072 | -HS- | M] () -- C:\pagefile.sys [2010-12-16 18:24:07 | 000,000,010 | ---- | M] () -- C:\pitch.bin [2010-09-10 12:27:11 | 000,000,657 | ---- | M] () -- C:\resolve.log [2010-02-25 16:29:56 | 000,001,548 | ---- | M] () -- C:\RHDSetup.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe < End of report >