OTL logfile created on: 2011-06-20 22:09:39 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = D:\Antywiry Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 495,36 Mb Total Physical Memory | 223,95 Mb Available Physical Memory | 45,21% Memory free 1,13 Gb Paging File | 0,98 Gb Available in Paging File | 86,41% Paging File free Paging file location(s): C:\pagefile.sys 744 1488 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 1,27 Gb Free Space | 4,35% Space Free | Partition Type: NTFS Drive D: | 26,59 Gb Total Space | 13,96 Gb Free Space | 52,51% Space Free | Partition Type: NTFS Drive E: | 271,50 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: OEM-JQSYP2SQYGI | User Name: OEM | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-06-08 00:56:50 | 000,580,096 | ---- | M] (OldTimer Tools) -- D:\Antywiry\OTL.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-06-08 00:56:50 | 000,580,096 | ---- | M] (OldTimer Tools) -- D:\Antywiry\OTL.exe MOD - [2011-05-10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2006-08-25 17:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] [color=#E56717]========== Driver Services (SafeList) ==========[/color] [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1275210071-630328440-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1275210071-630328440-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1275210071-630328440-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=hp IE - HKU\S-1-5-21-1275210071-630328440-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1275210071-630328440-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1275210071-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2005-12-24 00:11:16 | 000,161,317 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 abcsearch.com O1 - Hosts: 127.0.0.1 admin.abcsearch.com O1 - Hosts: 127.0.0.1 www3.abcsearch.com #[Browseraid] O1 - Hosts: 127.0.0.1 www.abcsearch.com O1 - Hosts: 127.0.0.1 abc517.net #[Trojan.Mitglieder.H] O1 - Hosts: 127.0.0.1 acestats.com O1 - Hosts: 127.0.0.1 www.acestats.com O1 - Hosts: 127.0.0.1 actualnames.com #[Parasite.ActualNames] O1 - Hosts: 127.0.0.1 www.actualnames.com O1 - Hosts: 127.0.0.1 ad-up.com O1 - Hosts: 127.0.0.1 www.ad-up.com O1 - Hosts: 127.0.0.1 adatom.com O1 - Hosts: 127.0.0.1 aesp.adatom.com O1 - Hosts: 127.0.0.1 adbest.com O1 - Hosts: 127.0.0.1 adserv.adbonus.com O1 - Hosts: 127.0.0.1 www.adbonus.com O1 - Hosts: 127.0.0.1 www.adblaster2.info #[Restricted Zone site] O1 - Hosts: 127.0.0.1 ad2.adcept.net O1 - Hosts: 127.0.0.1 ad3.adcept.net O1 - Hosts: 127.0.0.1 www.adcept.net O1 - Hosts: 127.0.0.1 adcomplete.com O1 - Hosts: 127.0.0.1 www.adcomplete.com O1 - Hosts: 127.0.0.1 www.adcopy.info O1 - Hosts: 127.0.0.1 ads.adcorps.com O1 - Hosts: 4671 more lines... O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll (MTWB) O2 - BHO: (Fast Browser Search Toolbar Helper) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll () O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll () O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKU\S-1-5-21-1275210071-630328440-725345543-1003\..\Toolbar\ShellBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll () O3 - HKU\S-1-5-21-1275210071-630328440-725345543-1003\..\Toolbar\WebBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll () O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE (VM305SNAP) O4 - HKLM..\Run: [FBSearch] C:\Program Files\Search Guard Plus\SearchGuardPlus.exe () O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [SGPUpdater] C:\Program Files\Search Guard PlusU\sgpUpdaters.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe (France Télécom R&D) O4 - HKLM..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe (France Télécom R&D) O4 - HKU\S-1-5-21-1275210071-630328440-725345543-1003..\Run: [Gadu-Gadu] File not found O4 - HKU\S-1-5-21-1275210071-630328440-725345543-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1275210071-630328440-725345543-1003..\Run: [Komunikator] File not found O4 - HKU\S-1-5-21-1275210071-630328440-725345543-1003..\Run: [Picasa Media Detector] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe (Ralink Technology, Corp.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1275210071-630328440-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1275210071-630328440-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-1275210071-630328440-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab (Java Plug-in 1.6.0_03) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3.1/jinstall-131_03-win.cab (Java Plug-in 1.3.1_03) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O24 - Desktop Components:0 () - http://www.dsx.com.pl/lunatic/gallery/03.cze.2006.Omen/DSCF0486.jpg O24 - Desktop Components:1 () - http://www.radiostacja.pl/images/popup.jpg O24 - Desktop Components:2 () - http://www.clubhades.pl/foto/2006.12.25-26/album/slides/12.jpg O24 - Desktop Components:3 () - http://poczta.o2.pl/?cmd=getpart&link=KavrwMkFCtQqpBhSQAkZaM6k9BAfAAkkWab72ZVLnalBwZkkEAYWzQkMDM2ckLFZwRk O24 - Desktop Components:4 () - http://s.ytimg.com/yt/jsbin/www-core-vfl135925.js O24 - Desktop Components:5 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005-11-06 13:47:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-06-26 12:00:22 | 000,000,144 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{067b3848-fd9d-11de-b8cc-0013d36a9831}\Shell\AutoRun\command - "" = F:\h0.exe O33 - MountPoints2\{067b3848-fd9d-11de-b8cc-0013d36a9831}\Shell\open\Command - "" = F:\h0.exe O33 - MountPoints2\{255df2aa-ce9c-11dc-b2da-0013d36a9831}\Shell\AutoRun\command - "" = F:\3wcxx91.cmd O33 - MountPoints2\{255df2aa-ce9c-11dc-b2da-0013d36a9831}\Shell\explore\Command - "" = F:\3wcxx91.cmd O33 - MountPoints2\{255df2aa-ce9c-11dc-b2da-0013d36a9831}\Shell\open\Command - "" = F:\3wcxx91.cmd O33 - MountPoints2\{282cfe5c-0349-11df-b8d9-0013d36a9831}\Shell\AutoRun\command - "" = F:\h0.exe O33 - MountPoints2\{282cfe5c-0349-11df-b8d9-0013d36a9831}\Shell\open\Command - "" = F:\h0.exe O33 - MountPoints2\{451a41c4-9a8c-11e0-bd52-0013d36a9831}\Shell - "" = AutoRun O33 - MountPoints2\{451a41c4-9a8c-11e0-bd52-0013d36a9831}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{456ddce8-9722-11e0-bd45-0013d36a9831}\Shell - "" = AutoRun O33 - MountPoints2\{456ddce8-9722-11e0-bd45-0013d36a9831}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{456ddcea-9722-11e0-bd45-0013d36a9831}\Shell - "" = AutoRun O33 - MountPoints2\{456ddcea-9722-11e0-bd45-0013d36a9831}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{95d11274-1999-11e0-bb98-0013d36a9831}\Shell\AutoRun\command - "" = F:\biriprg.exe O33 - MountPoints2\{95d11274-1999-11e0-bb98-0013d36a9831}\Shell\open\Command - "" = F:\biriprg.exe O33 - MountPoints2\{af940b1e-9ab1-11e0-bd53-0013d36a9831}\Shell\Option1\Command - "" = F:\HBCD\Wintools\Autorun.exe O33 - MountPoints2\{c3a2acea-dc96-11dd-b5c5-0013d36a9831}\Shell\AutoRun\command - "" = F:\83l3v.cmd O33 - MountPoints2\{c3a2acea-dc96-11dd-b5c5-0013d36a9831}\Shell\explore\Command - "" = F:\83l3v.cmd O33 - MountPoints2\{c3a2acea-dc96-11dd-b5c5-0013d36a9831}\Shell\open\Command - "" = F:\83l3v.cmd O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKU\S-1-5-21-1275210071-630328440-725345543-1003..exefile [open] -- "C:\Documents and Settings\OEM\Ustawienia lokalne\Dane aplikacji\rpf.exe" -a "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-1275210071-630328440-725345543-1003\...exe [@ = exefile] -- "C:\Documents and Settings\OEM\Ustawienia lokalne\Dane aplikacji\rpf.exe" -a "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-06-20 20:58:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2011-06-20 20:35:42 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2011-06-20 20:35:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2011-06-20 01:01:55 | 000,000,000 | ---D | C] -- C:\bd_logs [2011-06-19 22:25:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2011-06-19 22:21:50 | 000,000,000 | ---D | C] -- C:\Antywiry [2005-11-06 15:48:48 | 000,015,040 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys [2005-01-11 12:06:33 | 000,013,312 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2005-01-11 12:06:25 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\System32\slserv.exe [2005-01-11 12:06:09 | 000,095,760 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys [2005-01-11 12:05:59 | 000,635,152 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys [2005-01-11 12:04:40 | 000,013,912 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\RecAgent.sys [2005-01-11 12:04:25 | 000,180,664 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2005-01-11 12:04:13 | 001,301,488 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2005-01-11 12:03:13 | 000,230,656 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-06-20 22:04:31 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc267f143bba64.job [2011-06-20 22:04:31 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2011-06-20 22:03:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-06-20 21:44:20 | 000,002,444 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-06-20 21:44:20 | 000,002,444 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak [2011-06-20 21:23:38 | 000,436,560 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-06-20 21:23:38 | 000,380,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-06-20 21:23:38 | 000,067,496 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-06-20 21:23:38 | 000,053,098 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-06-20 20:57:27 | 000,254,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-06-20 20:55:54 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2011-06-20 20:53:04 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2011-06-20 20:53:03 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2011-06-20 20:53:03 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2011-06-20 20:52:43 | 000,004,473 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2011-06-20 20:49:37 | 000,023,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-06-20 20:47:57 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2011-06-19 22:21:24 | 000,739,492 | ---- | M] () -- C:\WINDOWS\setupapi.old [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-20 21:44:20 | 000,002,444 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak [2011-06-20 20:51:08 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk [2011-06-20 20:49:42 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk [2011-06-09 10:27:32 | 000,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc267f143bba64.job [2011-05-09 00:14:32 | 000,012,312 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\kwtd246lfs3h331o70m8o0w3 [2010-07-21 21:08:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-04-01 22:16:31 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe [2010-04-01 22:16:31 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\installrt2500qa.dll [2010-04-01 22:16:31 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DEDriverDLL.dll [2010-04-01 22:16:31 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\WRLSetup.exe [2010-04-01 22:16:31 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\SmartInstallCfg2.dll [2010-04-01 22:16:31 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\CCS25.exe [2009-11-04 00:17:25 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009-06-28 12:51:47 | 000,087,552 | ---- | C] () -- C:\WINDOWS\catchme.exe [2009-06-28 12:51:46 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\vfind.exe [2007-04-11 12:17:04 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI [2006-04-28 16:47:40 | 000,000,228 | ---- | C] () -- C:\WINDOWS\HP_ISRegionListUpdatelog_HPSU.ini [2006-04-28 16:46:57 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini [2006-04-28 16:43:03 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini [2006-04-28 16:39:24 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini [2006-04-28 16:35:08 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini [2006-02-21 15:17:30 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-02-21 14:59:45 | 000,000,222 | ---- | C] () -- C:\WINDOWS\VOGEL.INI [2006-01-26 22:58:34 | 000,073,371 | ---- | C] () -- C:\WINDOWS\hpfins09.dat.temp [2006-01-26 22:33:35 | 000,072,965 | ---- | C] () -- C:\WINDOWS\hpfins09.dat [2006-01-26 11:37:45 | 000,079,537 | ---- | C] () -- C:\WINDOWS\hpfins05.dat.temp [2006-01-26 11:37:45 | 000,001,395 | ---- | C] () -- C:\WINDOWS\hpfmdl05.dat.temp [2006-01-25 18:41:11 | 000,000,018 | ---- | C] () -- C:\WINDOWS\gfact.ini [2006-01-13 16:17:11 | 000,079,609 | ---- | C] () -- C:\WINDOWS\hpfins05.dat [2006-01-13 16:17:11 | 000,001,395 | ---- | C] () -- C:\WINDOWS\hpfmdl05.dat [2005-11-13 16:05:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2005-11-06 15:48:48 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll [2005-11-06 15:48:48 | 000,368,640 | ---- | C] () -- C:\WINDOWS\System32\slmh.exe [2005-11-06 15:48:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll [2005-11-06 15:48:48 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\minirec.exe [2005-11-06 15:48:48 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll [2005-11-06 15:48:48 | 000,065,536 | ---- | C] () -- C:\WINDOWS\SmCfg.exe [2005-11-06 15:45:37 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll [2005-11-06 13:50:21 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2005-11-06 13:43:57 | 000,023,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005-11-06 13:31:28 | 000,004,473 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005-11-06 13:30:19 | 000,254,272 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2005-04-28 03:38:00 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll [2005-04-28 03:37:49 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll [2005-01-11 12:06:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\slrundll.exe [2005-01-11 12:05:08 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll [2005-01-11 12:04:56 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll [2005-01-11 12:02:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll [2004-08-04 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2004-08-04 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004-08-04 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2004-08-04 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004-08-04 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004-08-04 14:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-08-04 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004-08-04 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2004-08-04 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004-08-04 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004-08-04 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004-08-04 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2004-08-04 14:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004-03-17 18:02:56 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\Wlan.ini [2004-03-02 10:43:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\WlanInstallDll.dll [2003-09-26 20:42:10 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ZD12APP.dll [2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002-10-04 08:01:42 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2001-10-26 18:15:16 | 000,436,560 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 18:15:16 | 000,067,496 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-08-17 23:30:24 | 000,380,684 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-17 23:30:22 | 000,053,098 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-07-22 00:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2010-08-12 10:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2D33C [2011-05-12 20:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2010-02-05 10:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-07-02 03:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2005-12-24 00:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Kazaa Lite [2010-03-21 21:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-03-29 19:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZip [2011-06-20 22:04:31 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job < End of report >