OTL logfile created on: 2011-07-07 17:36:32 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = L:\ Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,42 Gb Available Physical Memory | 74,34% Memory free 4,59 Gb Paging File | 3,88 Gb Available in Paging File | 84,56% Paging File free Paging file location(s): c:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 41,83 Gb Total Space | 6,77 Gb Free Space | 16,20% Space Free | Partition Type: NTFS Drive D: | 69,96 Gb Total Space | 11,78 Gb Free Space | 16,84% Space Free | Partition Type: NTFS Drive F: | 10,38 Gb Total Space | 8,05 Gb Free Space | 77,54% Space Free | Partition Type: NTFS Drive H: | 29,44 Gb Total Space | 1,15 Gb Free Space | 3,90% Space Free | Partition Type: NTFS Drive I: | 29,25 Gb Total Space | 4,46 Gb Free Space | 15,26% Space Free | Partition Type: NTFS Drive J: | 42,74 Gb Total Space | 6,06 Gb Free Space | 14,17% Space Free | Partition Type: NTFS Drive K: | 80,08 Gb Total Space | 68,59 Gb Free Space | 85,65% Space Free | Partition Type: NTFS Drive L: | 49,80 Gb Total Space | 0,19 Gb Free Space | 0,37% Space Free | Partition Type: NTFS Drive M: | 103,00 Gb Total Space | 102,85 Gb Free Space | 99,85% Space Free | Partition Type: NTFS Computer Name: KOMPUTEREK | User Name: Admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-07-07 17:32:21 | 000,579,584 | ---- | M] (OldTimer Tools) -- L:\OTL.exe PRC - [2010-03-10 13:51:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe PRC - [2010-02-13 18:28:49 | 000,045,056 | ---- | M] () -- C:\WINDOWS\MDPTBULK\DR_HIDE.EXE PRC - [2010-02-13 17:27:30 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\UTSCSI.EXE PRC - [2010-01-08 00:26:54 | 002,478,080 | ---- | M] (SEC) -- C:\Program Files\MagicTune Premium\MagicTune.exe PRC - [2010-01-07 11:43:28 | 003,216,664 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe PRC - [2009-10-08 14:12:06 | 000,049,152 | ---- | M] (Samsung) -- C:\Program Files\SEC\Natural Color Pro\NCProTray.exe PRC - [2008-10-31 08:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe PRC - [2008-10-31 08:24:26 | 001,705,256 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe PRC - [2008-06-30 10:41:10 | 000,114,688 | ---- | M] () -- C:\Program Files\MultiScreen\MultiScreen.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-01-28 12:55:10 | 001,413,120 | ---- | M] () -- C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe PRC - [2008-01-24 18:53:16 | 000,613,376 | ---- | M] () -- C:\Program Files\ASUS\AASP\1.00.59\aaCenter.exe PRC - [2007-09-26 00:18:54 | 000,561,152 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMProcess.exe PRC - [2007-09-17 23:51:14 | 001,470,464 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMConfig.exe PRC - [2007-08-23 15:05:00 | 000,045,056 | ---- | M] () -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe PRC - [2007-05-08 18:00:48 | 002,179,072 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe PRC - [2007-04-12 08:00:00 | 000,182,272 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATICEE.EXE PRC - [2007-03-06 15:51:14 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\StartAutorun.exe PRC - [2007-02-07 13:28:42 | 000,262,144 | ---- | M] (SONIX) -- C:\WINDOWS\tsnpstd3.exe PRC - [2007-01-15 16:18:00 | 000,036,864 | ---- | M] () -- C:\Program Files\MagicTune Premium\GammaTray.exe PRC - [2006-09-19 09:07:28 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe PRC - [2006-06-16 00:28:36 | 000,987,136 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe PRC - [2005-10-09 01:16:54 | 000,610,365 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2005-10-09 01:11:20 | 001,396,820 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-07-07 17:32:21 | 000,579,584 | ---- | M] (OldTimer Tools) -- L:\OTL.exe MOD - [2008-09-17 09:55:00 | 001,503,232 | ---- | M] () -- C:\WINDOWS\system32\nview.dll MOD - [2008-09-17 09:55:00 | 000,294,912 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwrspl.dll MOD - [2008-09-17 09:55:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll MOD - [2008-06-30 10:40:46 | 000,036,864 | ---- | M] () -- C:\Program Files\MultiScreen\ServiceHook.dll MOD - [2008-04-15 14:00:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2008-04-15 14:00:00 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll MOD - [2008-04-15 14:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-03-10 13:51:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4) SRV - [2010-02-13 17:27:30 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\UTSCSI.EXE -- (UTSCSI) SRV - [2009-06-02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008-10-31 08:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher) SRV - [2008-06-01 09:13:10 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2007-08-23 15:05:00 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe -- (MagicTuneEngine) SRV - [2007-05-08 18:00:48 | 002,179,072 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe -- (KMWDSERVICE) SRV - [2006-10-01 20:37:42 | 000,016,384 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-09-07 23:41:29 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-04-02 10:11:16 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/12/02 00:07:29] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) DRV - [2010-01-21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-12-30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-12-30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-12-30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-12-15 15:41:30 | 000,268,912 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SRS_SSCFilter_i386.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM) DRV - [2009-08-04 18:56:26 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys -- (hotcore3) DRV - [2009-06-04 13:53:04 | 000,014,080 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MTiCtwl.sys -- (NaturalColor) DRV - [2009-06-04 13:53:04 | 000,014,080 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MTiCtwl.sys -- (MagicTune) DRV - [2008-11-11 17:28:12 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi) DRV - [2008-10-31 08:09:06 | 000,270,888 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw) DRV - [2008-10-14 17:21:22 | 000,036,224 | ---- | M] (FabulaTech) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftusbbus.sys -- (ftusbhub) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-08-24 13:55:50 | 000,030,464 | ---- | M] (CamTrax Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CamSpaceJoy.sys -- (CamSpaceJoy) DRV - [2008-08-24 13:55:48 | 000,014,848 | ---- | M] (CamTrax Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CamSpaceBus.sys -- (CamSpaceBus) DRV - [2008-06-21 05:54:54 | 000,066,600 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips) DRV - [2008-06-21 05:54:54 | 000,065,576 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL) DRV - [2008-06-01 09:13:10 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF) DRV - [2008-04-15 14:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008-04-15 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS) DRV - [2008-03-31 16:12:16 | 000,073,728 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- D:\UltraISO Premium Edition 9.1.2 Build 2463[PORTABLE] by shadok18 dla www.exsite.pl\UltraISOPortable\App\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2008-01-23 23:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn) DRV - [2007-12-18 01:14:04 | 000,012,400 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO) DRV - [2007-04-26 14:02:00 | 000,038,528 | ---- | M] (PANTECH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptO2_prt.sys -- (ptO2_prt) DRV - [2007-04-26 14:01:00 | 000,039,808 | ---- | M] (PANTECH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptO2_mdm.sys -- (ptO2_mdm) DRV - [2007-04-26 14:01:00 | 000,022,144 | ---- | M] (PANTECH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptO2_bus.sys -- (ptO2_bus) DRV - [2007-04-26 14:01:00 | 000,004,608 | ---- | M] (PANTECH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptO2_flt.sys -- (ptO2_flt) DRV - [2007-04-06 17:29:08 | 010,342,784 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2007-03-24 11:20:24 | 000,046,208 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID) DRV - [2006-10-01 20:37:02 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0801.sys -- (tap0801) DRV - [2006-07-26 08:56:00 | 000,248,832 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2006-06-16 15:30:16 | 000,176,128 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187.sys -- (RTLWUSB) DRV - [2006-05-05 20:21:00 | 000,004,608 | ---- | M] (NVIDIA Corporation.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nvport.sys -- (nvport) DRV - [2006-03-31 04:39:54 | 000,013,532 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt) DRV - [2006-03-29 09:49:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2006-03-18 10:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2006-02-23 19:39:06 | 000,011,264 | ---- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt) DRV - [2006-02-23 19:38:32 | 000,009,728 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32) DRV - [2006-02-07 19:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO) DRV - [2006-01-13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk) DRV - [2005-08-29 17:45:34 | 000,853,258 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL) DRV - [2005-08-29 16:01:38 | 000,428,269 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio) DRV - [2005-08-29 15:55:18 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver) DRV - [2005-08-29 15:54:36 | 000,064,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB) DRV - [2005-08-29 15:51:48 | 000,148,360 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS) DRV - [2004-08-17 04:44:22 | 000,091,263 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM31b.sys -- (ZSMC301b) DRV - [2004-08-14 02:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-06-17 04:05:46 | 000,136,832 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc027.sys -- (SoC PC-Camera Service) DRV - [2002-07-19 08:10:20 | 000,006,656 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cinemsup.sys -- (Cinemsup) DRV - [2002-07-17 09:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2001-07-13 13:56:14 | 000,014,976 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SBKUPNT.SYS -- (SBKUPNT) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://webalta.ru IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/poisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://webalta.ru/poisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://webalta.ru/poisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://webalta.ru IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://webalta.ru/poisk IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://webalta.ru IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/poisk IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://webalta.ru/poisk IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://webalta.ru/poisk IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://webalta.ru IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://webalta.ru/poisk IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://webalta.ru IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/poisk IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://webalta.ru/poisk IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://webalta.ru/poisk IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://webalta.ru IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://webalta.ru/poisk IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://webalta.ru IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/poisk IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://webalta.ru/poisk IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://webalta.ru/poisk IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://webalta.ru IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://webalta.ru/poisk IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://webalta.ru IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/poisk IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://webalta.ru/poisk IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://webalta.ru/poisk IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://webalta.ru IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://webalta.ru/poisk IE - HKU\S-1-5-21-1645522239-583907252-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://webalta.ru IE - HKU\S-1-5-21-1645522239-583907252-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/poisk IE - HKU\S-1-5-21-1645522239-583907252-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.pl/ [binary data] IE - HKU\S-1-5-21-1645522239-583907252-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://webalta.ru/poisk IE - HKU\S-1-5-21-1645522239-583907252-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://webalta.ru/poisk IE - HKU\S-1-5-21-1645522239-583907252-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://webalta.ru IE - HKU\S-1-5-21-1645522239-583907252-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://webalta.ru/poisk IE - HKU\S-1-5-21-1645522239-583907252-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Webalta Search" FF - prefs.js..browser.search.selectedEngine: "Webalta Search" FF - prefs.js..browser.startup.homepage: "http://google.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..keyword.URL: "http://webalta.ru/poisk?q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@meadco.com/neptune plugin,version=2.0.0.29: C:\Program Files\Opera AC 3.5.1\program\plugins\npmeadax.dll (MeadCo Corp.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=3.0: C:\Program Files\Virtual Earth 3D\ [2009-05-31 20:15:34 | 000,000,000 | ---D | M] FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2009-05-31 20:15:34 | 000,000,000 | ---D | M] FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-07-26 11:20:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-09 00:39:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-09 00:39:27 | 000,000,000 | ---D | M] [2010-01-17 19:12:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Extensions [2011-07-07 16:23:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\wprk2pqt.default\extensions [2010-11-07 18:10:39 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\wprk2pqt.default\extensions\vshare@toolbar [2011-01-17 02:42:56 | 000,000,390 | ---- | M] () -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\wprk2pqt.default\searchplugins\webalta-search.xml [2011-06-28 19:36:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-04-15 22:48:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-07-28 16:09:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-11-02 00:37:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-12-28 23:34:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-03-02 10:11:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-06-28 19:36:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2008-11-11 01:28:39 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-03-03 18:38:41 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-03-03 18:38:41 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-03-03 18:38:41 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-03-03 18:38:41 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-03-03 18:38:41 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-03-03 18:38:41 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-01-16 20:40:40 | 000,000,074 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKU\S-1-5-21-1645522239-583907252-1801674531-1003\..\Toolbar\ShellBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (JMicron Technology Corp.) O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe () O4 - HKLM..\Run: [ASUS Energy Saving] C:\Program Files\ASUS\AI Suite\EnergySaving\PwSave.exe () O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe () O4 - HKLM..\Run: [CPU Power Monitor] C:\Program Files\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe () O4 - HKLM..\Run: [DR_HIDE] C:\WINDOWS\MDPTBULK\DR_HIDE.exe () O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [KMConfig] File not found O4 - HKLM..\Run: [MultiScreen] C:\Program Files\MultiScreen\MultiScreen.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe () O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe (SONIX) O4 - HKU\S-1-5-21-1645522239-583907252-1801674531-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1645522239-583907252-1801674531-1003..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-21-1645522239-583907252-1801674531-1003..\Run: [KerioPF] File not found O4 - HKU\S-1-5-21-1645522239-583907252-1801674531-1003..\Run: [Komunikator] File not found O4 - HKU\S-1-5-21-1645522239-583907252-1801674531-1003..\Run: [NetAgent] File not found O4 - HKU\S-1-5-21-1645522239-583907252-1801674531-1003..\Run: [SRS Audio Sandbox] C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe (SRS Labs, Inc.) O4 - HKU\S-1-5-21-1645522239-583907252-1801674531-1003..\Run: [Tlen.pl] C:\Program Files\Tlen7\tlen7.exe () O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] File not found O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] File not found O4 - Startup: C:\Documents and Settings\Admin\Menu Start\Programy\Autostart\Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\cinetray.exe (Sonic Solutions) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ASUS WiFi-AP Solo.lnk = C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe (ASUSTek Computer Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GammaTray.lnk = C:\Program Files\MagicTune Premium\GammaTray.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\NCProTray.lnk = C:\Program Files\SEC\Natural Color Pro\NCProTray.exe (Samsung) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe (B2C2, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1645522239-583907252-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1645522239-583907252-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-1645522239-583907252-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKU\S-1-5-21-1645522239-583907252-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\JC_LINK.HTM () O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\JC_ALL.HTM () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (F-Secure Online Scanner Launcher) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} http://download.microsoft.com/download/3/B/E/3BE57995-8452-41F1-8297-DD75EF049853/VirtualEarth3D.cab (SentinelProxy Class) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1223736785687 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} http://support.f-secure.com/ols/fscax.cab (F-Secure Online Scanner 3.3) O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (F-Secure Online Scanner 4.0 Launcher) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe (Virtools WebPlayer Class) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.193.224.8 85.193.224.2 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Dane aplikacji\IrfanView\IrfanView_Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Dane aplikacji\IrfanView\IrfanView_Wallpaper.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-10-10 19:27:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008-12-12 23:53:06 | 000,005,155 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O32 - AutoRun File - [2008-12-14 21:38:19 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008-12-20 18:49:34 | 000,000,000 | ---- | M] () - D:\AutoMapa_5.0_ManualPL.pdf -- [ NTFS ] O32 - AutoRun File - [2009-01-03 12:42:54 | 239,104,000 | ---- | M] () - D:\AutoMapa_5.3_Final_PL.iso -- [ NTFS ] O32 - AutoRun File - [2008-12-14 21:38:20 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008-12-14 21:38:21 | 000,000,000 | R--D | M] - F:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-11-23 19:09:51 | 064,269,466 | ---- | M] () - H:\Auto.Repair.Books.rar -- [ NTFS ] O32 - AutoRun File - [2008-12-14 21:38:22 | 000,000,000 | R--D | M] - H:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008-12-14 21:38:23 | 000,000,000 | R--D | M] - I:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008-12-14 21:38:24 | 000,000,000 | R--D | M] - J:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-11-06 22:24:24 | 000,000,000 | RHSD | M] - K:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-11-06 22:24:26 | 000,000,000 | RHSD | M] - L:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-11-06 22:24:27 | 000,000,000 | RHSD | M] - M:\autorun.inf -- [ NTFS ] O33 - MountPoints2\N\Shell - "" = AutoRun O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\Bin\Assetup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-07-07 16:22:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2011-07-06 16:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype [2011-07-05 22:02:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype Extras [2011-06-28 19:36:26 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011-06-28 19:36:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011-06-28 19:36:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011-06-16 00:26:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\Zentimo PRO 1.3 beta 2 [2011-06-16 00:26:01 | 012,648,448 | ---- | C] (Crystal Rich Ltd) -- C:\Documents and Settings\Admin\Pulpit\Zentimo.exe [2011-06-11 19:35:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\SnagIt [2011-06-11 17:39:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Xenocode [2008-10-11 19:58:22 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll [2008-10-11 19:58:22 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll [2008-10-11 19:58:22 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll [2008-10-11 19:58:22 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll [2004-11-24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-07-07 17:01:02 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011-07-07 16:20:10 | 000,195,261 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011-07-07 16:19:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-07-06 16:59:22 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2011-07-06 16:56:13 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-07-05 20:31:33 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-06-27 19:10:34 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-06-15 21:45:36 | 012,648,448 | ---- | M] (Crystal Rich Ltd) -- C:\Documents and Settings\Admin\Pulpit\Zentimo.exe [2011-06-09 07:10:47 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-07-06 16:59:22 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2011-03-31 23:28:29 | 000,014,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\SBKUPNT.SYS [2011-03-31 23:28:29 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\DEVLOAD.EXE [2011-03-31 23:28:28 | 000,000,543 | ---- | C] () -- C:\WINDOWS\SWISV3.INI [2011-03-31 23:28:28 | 000,000,308 | ---- | C] () -- C:\WINDOWS\SKNIFE.INI [2011-03-31 23:28:20 | 000,002,944 | ---- | C] () -- C:\WINDOWS\SKLANG.INI [2011-03-10 21:52:06 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2011-03-10 21:52:06 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat [2011-03-10 21:52:06 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat [2011-03-10 21:52:06 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2011-03-10 21:52:06 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2011-03-10 21:52:06 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2011-03-10 21:52:06 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2011-03-10 21:52:06 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2011-03-10 21:52:06 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2011-03-10 21:52:06 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2011-03-10 21:52:06 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2011-03-10 21:52:06 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2011-03-10 21:52:06 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2011-03-10 21:52:06 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2011-03-10 21:52:06 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2011-03-10 21:52:06 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2011-03-10 21:52:06 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2011-03-10 21:52:06 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2011-03-10 21:52:06 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2011-02-26 23:47:00 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-03 00:51:03 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\mnprxpd2d.bin [2011-01-17 02:42:56 | 000,011,589 | ---- | C] () -- C:\Documents and Settings\Admin\Dane aplikacji\defaults.cfg [2010-10-14 17:07:27 | 000,136,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\pfc027.sys [2010-10-14 17:07:27 | 000,011,170 | ---- | C] () -- C:\WINDOWS\System32\PA207Usd.dll [2010-09-20 09:36:10 | 000,000,413 | ---- | C] () -- C:\WINDOWS\MP3trtg.ini [2010-09-20 09:35:49 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\ammpp.dll [2010-09-20 09:35:49 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\a1.dll [2010-09-07 18:40:46 | 000,044,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\EyeOneDp.sys [2010-09-07 18:40:46 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\Spyder3.sys [2010-06-14 22:06:30 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini [2010-06-14 21:36:44 | 000,013,263 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2010-06-14 21:36:32 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2010-03-07 23:38:13 | 000,051,780 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2010-02-13 17:27:30 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\UTSCSI.EXE [2010-02-13 17:16:06 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\GkSui18.EXE [2010-01-18 13:06:21 | 000,268,912 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_SSCFilter_i386.sys [2010-01-18 11:28:59 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Dane aplikacji\$_hpcst$.hpc [2010-01-17 19:12:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-01-14 01:02:03 | 000,009,723 | ---- | C] () -- C:\WINDOWS\_000005_.tmp.dll [2010-01-14 01:02:02 | 000,009,370 | ---- | C] () -- C:\WINDOWS\_000004_.tmp.dll [2010-01-09 14:51:51 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-01-09 14:51:44 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010-01-09 13:10:35 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\fvgqad.dat [2009-12-03 01:13:40 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Admin\Dane aplikacji\$_hpcst$.hpc [2009-11-13 16:30:04 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009-08-02 12:33:59 | 000,000,065 | ---- | C] () -- C:\WINDOWS\WaterIllusion.ini [2009-07-04 09:52:43 | 008,673,792 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\atscie.msi [2009-04-30 16:01:26 | 000,000,307 | ---- | C] () -- C:\WINDOWS\WINCMD.INI [2009-02-21 02:01:09 | 000,000,305 | ---- | C] () -- C:\WINDOWS\wavmp3converter.ini [2009-02-21 01:59:41 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySCon.dat [2009-02-21 01:58:31 | 000,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv11300p5now.sys [2009-02-11 22:16:50 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2008-12-23 00:21:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-12-19 16:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2008-12-17 18:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2008-12-17 18:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2008-12-17 18:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-12-17 18:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2008-12-17 17:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2008-12-11 23:31:46 | 000,158,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2008-12-04 18:11:49 | 000,000,409 | ---- | C] () -- C:\WINDOWS\Sk.ini [2008-12-01 17:37:02 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2008-12-01 17:37:01 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008-12-01 17:36:30 | 000,183,112 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2008-11-27 23:37:33 | 004,762,112 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll [2008-11-27 23:37:33 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-11-27 23:37:33 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll [2008-11-11 17:29:23 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL [2008-11-11 17:28:12 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys [2008-10-28 21:41:00 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2008-10-18 15:01:25 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\libbz2.dll [2008-10-12 14:29:06 | 002,729,472 | ---- | C] () -- C:\WINDOWS\System32\fun_avcodec.dll [2008-10-12 14:29:06 | 000,827,392 | ---- | C] () -- C:\WINDOWS\System32\Mpeg4System.dll [2008-10-12 14:29:06 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\Mpeg4Tools.dll [2008-10-12 14:29:06 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\Mpeg4DSF.dll [2008-10-12 14:29:05 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\AMR.dll [2008-10-12 14:29:05 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\EvrcDecDll.dll [2008-10-12 14:29:05 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\AMRDSF.dll [2008-10-11 20:03:40 | 000,000,392 | ---- | C] () -- C:\WINDOWS\WebEye.ini [2008-10-11 20:02:14 | 000,002,508 | ---- | C] () -- C:\WINDOWS\unvpeye.ini [2008-10-11 19:58:25 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe [2008-10-11 19:58:24 | 000,827,392 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe [2008-10-11 19:58:24 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini [2008-10-11 12:14:37 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2008-10-10 22:48:05 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\AsIO.dll [2008-10-10 22:48:05 | 000,012,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys [2008-10-10 22:47:58 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys [2008-10-10 22:47:58 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys [2008-10-10 22:18:08 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll [2008-10-10 21:32:36 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2008-10-10 21:09:00 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008-10-10 21:05:40 | 000,272,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2008-10-10 20:17:07 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2008-10-10 19:30:04 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2008-10-10 19:25:06 | 000,023,076 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008-10-05 18:50:16 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\CamTraxAPI.dll [2008-09-17 09:55:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2008-09-17 09:55:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2008-09-17 09:55:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008-09-17 09:55:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2008-09-17 09:55:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2008-09-17 09:55:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008-09-17 09:55:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2008-09-17 09:55:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2008-09-17 09:55:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2008-09-16 02:14:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008-06-01 09:13:10 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2008-04-15 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008-04-15 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008-04-15 14:00:00 | 000,544,972 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2008-04-15 14:00:00 | 000,482,070 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008-04-15 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2008-04-15 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008-04-15 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008-04-15 14:00:00 | 000,107,522 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2008-04-15 14:00:00 | 000,084,244 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008-04-15 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008-04-15 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2008-04-15 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008-04-15 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008-04-15 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008-04-15 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008-04-15 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2008-04-15 00:50:46 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008-01-09 16:01:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe [2008-01-09 16:01:48 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini [2007-01-09 16:50:42 | 000,057,344 | ---- | C] () -- C:\WINDOWS\rmvpeye.exe [2006-11-02 17:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe [2006-09-28 20:13:26 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\WUDFCoinstaller.dll [2005-08-29 16:07:06 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll [2004-10-03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2003-08-07 15:01:52 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2002-05-28 03:52:36 | 000,106,496 | ---- | C] () -- C:\WINDOWS\japi.dll [2001-11-14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll [2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\WINDOWS\System32\DK2WIN32.DLL [2001-06-24 11:32:44 | 000,172,032 | ---- | C] () -- C:\WINDOWS\japi2.dll [1999-09-20 10:05:32 | 000,013,387 | ---- | C] () -- C:\WINDOWS\System32\CinemSup.sys [color=#E56717]========== LOP Check ==========[/color] [2008-10-19 11:36:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\16 Software [2010-09-08 15:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\DAEMON Tools Lite [2008-10-12 19:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\DAEMON Tools Pro [2009-03-23 01:34:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\DassaultSystemes [2009-04-22 20:14:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2011-04-25 23:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\EPSON [2008-10-28 01:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu [2009-04-30 18:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\HEXelon [2009-01-26 23:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\IrfanView [2010-09-18 15:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Jasc [2008-12-01 17:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Leadertech [2010-06-26 13:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\MOBILedit [2011-06-21 16:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\NetStat Agent [2009-07-26 11:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Nokia [2010-10-25 23:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Opera [2008-10-11 12:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\PC Suite [2010-12-12 16:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\PictureCutoutGuide [2010-01-12 22:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\r2 Studios [2009-01-09 19:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Snapter Images [2010-09-20 09:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Thinstall [2010-06-19 19:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Tlen.pl [2008-11-11 16:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\URSoft [2009-05-31 20:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\uTorrent [2010-05-05 23:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\verbix2008 [2010-08-23 21:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\WebcamMax [2010-08-04 21:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\XnView [2008-10-19 11:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\16 Software [2009-09-25 20:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Arowx Games [2009-11-11 19:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2009-08-26 20:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\createpart [2010-09-07 23:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-03-23 01:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DassaultSystemes [2011-03-08 20:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON [2009-08-26 20:12:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\explauncher [2009-08-25 00:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\F-Secure [2008-10-12 12:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FamilyFlights [2009-07-26 11:17:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2009-08-26 20:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\launcher [2009-01-13 20:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Mixesoft [2011-02-27 02:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NetStat Agent [2009-07-26 11:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2008-12-10 20:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PassMark [2008-10-11 12:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2008-10-29 01:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ProgDVB [2010-01-12 22:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\r2 Studios [2010-01-18 13:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SRS Labs [2010-12-02 01:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-04-01 20:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl [2011-03-10 21:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL [2009-07-06 21:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WildTangent [2011-07-07 17:01:02 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones >[/color] "" = "SelfHealCount" = 1 "SecuritySafe" = 1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:7FA4F083 @Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:BFE23423 @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:302A9871 @Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A950EF43 < End of report >