OTL logfile created on: 2010-06-22 05:19:34 - Run 3 OTL by OldTimer - Version 3.2.6.0 Folder = D:\Sprawdzanie\OTL Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 895,00 Mb Total Physical Memory | 272,00 Mb Available Physical Memory | 30,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free Paging file location(s): C:\pagefile.sys 1324 1324 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 31,24 Gb Total Space | 11,11 Gb Free Space | 35,55% Space Free | Partition Type: NTFS Drive D: | 70,00 Gb Total Space | 29,05 Gb Free Space | 41,49% Space Free | Partition Type: NTFS Drive E: | 10,55 Gb Total Space | 10,28 Gb Free Space | 97,47% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PC832424392834 Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-06-19 18:08:40 | 002,587,464 | ---- | M] (Immunet Corporation) -- C:\Program Files\Immunet Protect\2.0.11\iptray.exe PRC - [2010-06-19 18:08:40 | 000,752,048 | ---- | M] (Immunet Corporation) -- C:\Program Files\Immunet Protect\2.0.11\agent.exe PRC - [2010-06-19 18:08:08 | 002,183,168 | ---- | M] () -- C:\Program Files\SpyShelter Personal Free\SpyShelter.exe PRC - [2010-06-12 17:02:14 | 000,572,416 | ---- | M] (OldTimer Tools) -- D:\Sprawdzanie\OTL\OTL.exe PRC - [2010-06-08 19:59:46 | 002,211,328 | ---- | M] (Mister Group) -- C:\Moje programy\System explorer\SystemExplorer.exe PRC - [2010-06-08 11:08:50 | 000,348,480 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe PRC - [2010-06-08 11:08:48 | 002,071,360 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe PRC - [2010-06-08 11:08:48 | 000,301,376 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe PRC - [2008-08-05 21:16:40 | 000,286,720 | ---- | M] () -- C:\Moje programy\Launchy\Launchy.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-02-07 03:30:00 | 000,065,536 | R--- | M] (Cognizance Corporation) -- C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe PRC - [2007-01-05 18:36:48 | 000,872,448 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-06-12 17:02:14 | 000,572,416 | ---- | M] (OldTimer Tools) -- D:\Sprawdzanie\OTL\OTL.exe MOD - [2010-04-23 12:19:50 | 000,098,128 | ---- | M] (BullGuard Ltd.) -- C:\WINDOWS\system32\BgGamingMonitor.dll MOD - [2010-03-17 11:57:40 | 000,034,640 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\Spamfilter\LittleHook.dll MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll MOD - [2008-04-14 19:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2007-02-26 05:49:00 | 000,070,144 | R--- | M] (Bioscrypt Inc.) -- C:\WINDOWS\system32\APSHook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-06-19 18:08:40 | 000,752,048 | ---- | M] (Immunet Corporation) [Auto | Running] -- C:\Program Files\Immunet Protect\2.0.11\agent.exe -- (ImmunetProtect) SRV - [2010-06-19 17:58:40 | 000,326,224 | ---- | M] (Immunet) [On_Demand | Stopped] -- C:\Program Files\Immunet Protect\tetra\scan.dll -- (scan) SRV - [2010-06-08 11:09:02 | 000,122,688 | ---- | M] (BullGuard Ltd.) [On_Demand | Stopped] -- C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe -- (BgRaSvc) SRV - [2010-06-08 11:08:56 | 000,175,424 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll -- (BsMailProxy) SRV - [2010-06-08 11:08:50 | 000,348,480 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe -- (BsUpdate) SRV - [2010-06-08 11:08:48 | 000,380,736 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll -- (BsFire) SRV - [2010-06-08 11:08:48 | 000,301,376 | ---- | M] (BullGuard Ltd.) [On_Demand | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe -- (BsScanner) SRV - [2010-06-08 11:08:48 | 000,269,632 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll -- (BsFileScan) SRV - [2010-06-08 11:08:48 | 000,168,768 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll -- (BsMain) SRV - [2010-06-08 11:08:48 | 000,057,664 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsBrowser.dll -- (BsBrowser) SRV - [2010-01-27 17:24:32 | 000,229,376 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\WINDOWS\System32\PuranDefragS.exe -- (PuranDefrag) SRV - [2007-05-08 08:38:46 | 000,540,448 | ---- | M] (PDF Complete Inc) [On_Demand | Stopped] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher) SRV - [2007-03-29 17:50:50 | 000,221,184 | ---- | M] (SafeBoot International) [On_Demand | Stopped] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService) SRV - [2007-02-07 03:30:00 | 000,074,240 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker) SRV - [2007-01-04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [On_Demand | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) SRV - [2006-06-22 07:14:00 | 000,131,584 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-06-19 18:09:56 | 000,117,440 | -HS- | M] (SpyShelter) [Kernel | System | Running] -- C:\Program Files\SpyShelter Personal Free\SpyShelter.sys -- (SpyShelter) DRV - [2010-06-19 18:08:44 | 000,031,184 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ImmunetSelfProtect.sys -- (ImmunetSelfProtectDriver) DRV - [2010-06-19 18:08:43 | 000,041,168 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ImmunetProtect.sys -- (ImmunetProtectDriver) DRV - [2010-04-28 11:41:04 | 000,058,576 | ---- | M] (BullGuard Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\BdSpy.sys -- (BdSpy) DRV - [2010-02-23 11:51:14 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv) DRV - [2010-02-23 11:51:14 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009-12-04 12:00:14 | 000,256,792 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afwcore.sys -- (afwcore) DRV - [2009-12-04 12:00:14 | 000,031,640 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afw.sys -- (afw) DRV - [2009-12-04 11:59:52 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\BullGuard Ltd\BullGuard\Antirootkit\trufos.sys -- (Trufos) DRV - [2009-12-04 11:59:52 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\BullGuard Ltd\BullGuard\Antirootkit\profos.sys -- (Profos) DRV - [2009-06-22 13:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC) DRV - [2008-12-13 15:47:38 | 000,040,496 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys -- (hotcore3) DRV - [2008-05-08 16:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST) DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-06-18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007-05-07 03:00:06 | 001,160,320 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2007-04-10 15:55:28 | 000,140,808 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) (****DEBUG****) AuthenTec TruePrint USB Driver (SwipeSensor) DRV - [2007-03-29 16:54:00 | 000,013,696 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\SbFsLock.sys -- (SbFsLock) DRV - [2007-02-27 12:21:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) Broadcom NetLink (TM) DRV - [2007-02-16 14:26:06 | 000,288,768 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV - [2007-02-14 16:21:00 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB) DRV - [2007-02-14 16:21:00 | 000,030,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem) DRV - [2007-02-14 16:20:58 | 000,868,298 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL) DRV - [2007-02-14 16:20:58 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver) DRV - [2007-02-07 11:23:20 | 000,005,808 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rsvlock.sys -- (RsvLock) DRV - [2007-02-07 11:22:46 | 000,100,495 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SafeBoot.sys -- (SafeBoot) DRV - [2007-02-02 18:03:26 | 001,975,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007-01-12 15:04:44 | 000,201,856 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2006-11-02 01:47:28 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2006-10-09 13:31:46 | 000,044,720 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SbAlg.sys -- (SbAlg) DRV - [2006-09-19 18:58:58 | 000,036,608 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM) DRV - [2006-07-24 00:00:04 | 000,022,016 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2006-07-24 00:00:04 | 000,017,920 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2006-07-01 23:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006-06-28 09:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2001-10-26 17:07:38 | 000,036,425 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA) DRV - [2001-08-17 16:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-73048860-3076797083-264437785-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com IE - HKU\S-1-5-21-73048860-3076797083-264437785-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-73048860-3076797083-264437785-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 48 FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.1.0521 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10 FF - prefs.js..extensions.enabledItems: {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}:0.6.4.1 FF - prefs.js..extensions.enabledItems: undoclosedtabsbutton@supernova00.biz:3.6.2 FF - prefs.js..extensions.enabledItems: antiphishing@bullguard:1.0 FF - user.js..browser.search.openintab: false FF - HKLM\software\mozilla\Firefox\extensions\\antiphishing@bullguard: C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard\ [2010-06-19 15:49:52 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Components: C:\Moje programy\Firefox 3.0.1\components [2010-05-02 09:34:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Plugins: C:\Moje programy\Firefox 3.0.1\plugins [2010-06-08 20:53:01 | 000,000,000 | ---D | M] [2008-08-04 18:02:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions [2010-06-21 19:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\igi8qiok.default\extensions [2010-03-21 18:57:37 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\igi8qiok.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(2) [2009-10-09 16:58:29 | 000,000,000 | ---D | M] (Gmail Notifier) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\igi8qiok.default\extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e} [2010-05-28 22:04:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\igi8qiok.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} [2010-05-14 16:47:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\igi8qiok.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009-01-25 16:50:46 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\igi8qiok.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2) [2010-06-06 09:20:20 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\igi8qiok.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010-06-06 09:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\igi8qiok.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}-trash [2009-10-29 19:53:01 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\igi8qiok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010-03-21 18:57:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\igi8qiok.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb} [2010-03-21 18:57:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\igi8qiok.default\extensions\personas@christopher(2).beard [2010-06-06 09:20:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\igi8qiok.default\extensions\staged-xpis [2010-01-24 15:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\igi8qiok.default\extensions\undoclosedtabsbutton@supernova00.biz O1 HOSTS File: ([2010-06-15 20:53:10 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.) O2 - BHO: (BGAntiphishingBHO Class) - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll (BullGuard Ltd.) O4 - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd.) O4 - HKLM..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\Cpqset.exe () O4 - HKLM..\Run: [Immunet Protect] C:\Program Files\Immunet Protect\2.0.11\iptray.exe (Immunet Corporation) O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation) O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe () O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKU\S-1-5-21-73048860-3076797083-264437785-500..\Run: [SpyShelter] C:\Program Files\SpyShelter Personal Free\SpyShelter.exe () O4 - HKU\S-1-5-21-73048860-3076797083-264437785-500..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKU\S-1-5-21-73048860-3076797083-264437785-500..\Run: [SystemExplorerAutoStart] C:\Moje programy\System explorer\SystemExplorer.exe (Mister Group) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Launchy.lnk = C:\Moje programy\Launchy\Launchy.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-73048860-3076797083-264437785-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-73048860-3076797083-264437785-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-73048860-3076797083-264437785-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O7 - HKU\S-1-5-21-73048860-3076797083-264437785-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-73048860-3076797083-264437785-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O9 - Extra Button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINDOWS\System32\BGLsp.dll (BullGuard Ltd.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - Reg Error: Value error. File not found O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - Reg Error: Value error. File not found O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found O20 - AppInit_DLLs: (BgGamingMonitor.dll) - C:\WINDOWS\System32\BgGamingMonitor.dll (BullGuard Ltd.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\OneCard: DllName - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2001-07-28 01:07:00 | 000,000,000 | -HS- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-06-22 07:04:23 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\irbus.sys [2010-06-22 07:04:16 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\ipfltdrv.sys [2010-06-22 05:11:44 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys [2010-06-22 05:11:44 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irbus.sys [2010-06-22 05:11:44 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipfltdrv.sys [2010-06-20 12:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\SpyShelter Personal Free [2010-06-20 12:42:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\SpyShelter [2010-06-19 18:19:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2010-06-19 17:59:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Immunet [2010-06-19 17:59:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Immunet [2010-06-19 17:58:48 | 000,031,184 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetSelfProtect.sys [2010-06-19 17:58:44 | 000,041,168 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetProtect.sys [2010-06-19 17:58:35 | 000,000,000 | ---D | C] -- C:\Program Files\Immunet Protect [2010-06-19 16:46:46 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-06-19 15:48:16 | 000,000,000 | ---D | C] -- C:\Program Files\BullGuard Ltd [2010-06-19 10:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Wondershare [2010-06-19 07:51:32 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos [2010-06-19 06:00:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2010-06-19 05:55:04 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010-06-19 05:54:57 | 000,000,000 | ---D | C] -- C:\ComboFix [2010-06-18 23:40:59 | 000,000,000 | ---D | C] -- C:\VBARESCUE [2010-06-18 23:40:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsec.sys [2010-06-15 20:47:27 | 000,000,000 | RHSD | C] -- C:\cmdcons [2010-06-15 20:46:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010-06-15 20:46:38 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010-06-15 20:46:38 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010-06-15 20:37:01 | 000,000,000 | ---D | C] -- C:\Qoobox [2010-06-15 19:07:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\SampleView [2010-06-15 19:04:26 | 000,040,496 | ---- | C] (Paragon Software Group) -- C:\WINDOWS\System32\drivers\hotcore3.sys [2010-06-15 19:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\Paragon Software [2010-06-15 18:46:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy [2010-06-13 17:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\PCHealth [2010-06-13 09:40:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Recent(2) [2010-06-11 20:29:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty [2010-06-11 20:26:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Twain32 [2010-06-10 18:51:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010-06-10 18:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up [2010-06-10 18:13:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2010-06-08 20:54:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2010-06-08 20:53:01 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010-06-08 20:53:01 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-06-08 20:53:01 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-06-08 20:53:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-06-08 19:42:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2010-06-08 11:08:54 | 000,150,848 | ---- | C] (BullGuard Ltd.) -- C:\WINDOWS\System32\BGLsp.dll [2010-06-06 13:08:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2 [2010-06-05 18:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache [2010-05-30 16:38:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BullGuard [2010-05-30 16:38:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\BullGuard [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-06-22 07:04:16 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipfltdrv.sys [2010-06-22 07:04:16 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\ipfltdrv.sys [2010-06-22 05:14:36 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-22 05:14:14 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-06-22 05:14:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-06-22 05:14:07 | 938,790,912 | -HS- | M] () -- C:\hiberfil.sys [2010-06-22 05:13:10 | 007,602,176 | ---- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010-06-22 04:46:29 | 008,601,020 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-06-22 04:42:50 | 000,000,088 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\FIX.BAT [2010-06-19 18:08:44 | 000,031,184 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetSelfProtect.sys [2010-06-19 18:08:43 | 000,041,168 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetProtect.sys [2010-06-19 05:59:16 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-06-19 05:54:24 | 003,715,012 | R--- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe [2010-06-18 23:40:08 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsec.sys [2010-06-17 19:02:11 | 000,069,680 | ---- | M] (Prevx) -- C:\WINDOWS\System32\PxSecure.dll-97500 [2010-06-17 19:02:01 | 000,000,032 | ---- | M] () -- C:\WINDOWS\wininit.ini [2010-06-15 20:53:10 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-06-15 20:47:33 | 000,000,293 | RHS- | M] () -- C:\boot.ini [2010-06-13 16:57:18 | 000,347,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-06-13 16:44:05 | 000,623,028 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-06-13 16:44:05 | 000,453,020 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-06-13 16:44:05 | 000,092,980 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-06-13 16:44:05 | 000,075,364 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-06-13 16:44:05 | 000,033,976 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-06-13 10:59:11 | 000,090,616 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-06-12 07:37:07 | 000,000,427 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2010-06-12 05:51:50 | 000,000,155 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-06-10 18:25:48 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010-06-08 20:52:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-06-08 20:52:36 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010-06-08 20:52:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-06-08 20:52:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-06-08 20:52:36 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-06-08 19:59:15 | 000,000,830 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Skrót do WINWORD.EXE.lnk [2010-06-08 19:59:11 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Skrót do POWERPNT.EXE.lnk [2010-06-08 19:59:06 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Skrót do EXCEL.EXE.lnk [2010-06-08 11:08:54 | 000,150,848 | ---- | M] (BullGuard Ltd.) -- C:\WINDOWS\System32\BGLsp.dll [2010-06-06 13:08:55 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010-06-06 13:08:55 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010-06-06 10:53:15 | 000,022,198 | ---- | M] () -- C:\WINDOWS\System32\OEMLogo.bmp [2010-06-06 09:41:24 | 000,000,113 | ---- | M] () -- C:\WINDOWS\System32\_WKERNEL.SYL [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-06-22 04:42:50 | 000,000,088 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\FIX.BAT [2010-06-20 12:42:20 | 001,740,800 | ---- | C] () -- C:\WINDOWS\System32\Osklauncher.exe [2010-06-20 12:42:20 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\inject_logon_dll.dll [2010-06-19 10:03:53 | 000,000,512 | ---- | C] () -- C:\WINDOWS\MirDetected.bin [2010-06-15 20:47:33 | 000,000,223 | ---- | C] () -- C:\Boot.bak [2010-06-15 20:47:32 | 000,262,400 | ---- | C] () -- C:\cmldr [2010-06-15 20:46:38 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010-06-15 20:46:38 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010-06-15 20:46:38 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010-06-15 20:46:38 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-06-15 20:46:38 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010-06-15 20:21:25 | 003,715,012 | R--- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe [2010-06-11 17:51:11 | 938,790,912 | -HS- | C] () -- C:\hiberfil.sys [2010-06-08 19:59:15 | 000,000,830 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Skrót do WINWORD.EXE.lnk [2010-06-08 19:59:11 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Skrót do POWERPNT.EXE.lnk [2010-06-08 19:59:06 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Skrót do EXCEL.EXE.lnk [2010-04-16 21:14:49 | 000,000,155 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-06-21 17:20:53 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2009-06-21 17:20:53 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2009-06-21 17:20:53 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2009-06-11 16:21:48 | 000,000,032 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009-02-28 12:40:09 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2008-11-10 19:37:13 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2008-11-10 19:37:13 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2008-11-10 19:37:12 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2008-09-28 15:59:22 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-09-13 10:39:50 | 000,000,131 | ---- | C] () -- C:\WINDOWS\CRC.INI [2008-08-02 07:48:29 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2008-08-02 07:48:29 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2008-08-02 07:48:29 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2008-08-02 07:48:29 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2008-08-02 07:48:29 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2008-08-02 07:48:28 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2008-03-05 18:38:08 | 001,457,024 | ---- | C] () -- C:\WINDOWS\System32\SSCProt.dll [2007-07-28 01:19:16 | 000,028,600 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2007-07-28 01:17:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI [2007-02-07 11:22:46 | 000,100,495 | ---- | C] () -- C:\WINDOWS\System32\drivers\SafeBoot.sys [2007-02-06 15:20:00 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll [2007-02-06 14:55:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll [2007-01-19 16:30:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2006-09-18 23:02:40 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll [2006-09-18 23:02:40 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll [2005-02-17 11:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest [2005-02-17 11:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest [2004-09-20 08:23:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2001-11-14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll [1999-01-22 17:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998-05-07 04:10:00 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\ODMA32.dll [color=#E56717]========== LOP Check ==========[/color] [2010-06-06 08:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\AIMP [2010-04-24 18:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Auslogics [2010-06-19 15:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BullGuard [2010-06-19 18:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Immunet [2009-11-19 20:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Launchy [2010-06-15 19:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\SampleView [2010-06-20 12:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\SpyShelter [2010-06-21 20:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\XnView [2010-06-22 05:16:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BullGuard [2008-08-02 07:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2010-06-22 05:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2008-08-02 16:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\SampleView [2010-06-22 05:13:04 | 000,032,534 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:E66C08A1 @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C43ED645 @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1CA73D29 @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 @Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C31F31E6 < End of report >