PRC - [2010-01-01 16:41:02 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\x\Pulpit\OTL.exe
PRC - [2010-01-01 15:36:09 | 00,289,584 | ---- | M] (BitTorrent, Inc.) – C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009-11-30 21:26:38 | 02,654,512 | ---- | M] (ALWIL Software) – C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2009-11-30 21:26:36 | 00,040,384 | ---- | M] (ALWIL Software) – C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009-04-24 11:18:34 | 00,040,960 | ---- | M] () – C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
PRC - [2009-03-09 04:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-03-09 04:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-03-08 13:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-02-09 12:25:57 | 00,111,104 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\services.exe
PRC - [2008-10-25 10:44:34 | 00,031,072 | ---- | M] (Microsoft Corporation) – C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2008-10-25 07:18:50 | 00,098,696 | ---- | M] (Microsoft Corporation) – C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008-05-26 21:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation) – C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008-05-26 21:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\searchindexer.exe
PRC - [2008-05-26 21:18:18 | 00,184,832 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\searchprotocolhost.exe
PRC - [2008-05-26 21:17:56 | 00,087,552 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\searchfilterhost.exe
PRC - [2008-05-16 13:01:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) – C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008-04-14 18:21:49 | 00,126,464 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 18:21:48 | 00,510,464 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 18:21:43 | 00,057,856 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 18:21:43 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 18:21:43 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 18:21:43 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 18:21:43 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 18:21:43 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 18:21:43 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [imgSVC]
PRC - [2008-04-14 18:21:43 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 18:21:42 | 00,050,688 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 18:21:38 | 00,033,280 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 18:21:30 | 01,695,232 | ---- | M] (Microsoft Corporation) – C:\Program Files\Messenger\msmsgs.exe
PRC - [2008-04-14 18:21:22 | 00,013,312 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 18:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe
PRC - [2008-04-14 18:21:10 | 00,015,360 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 18:21:10 | 00,006,144 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 18:21:02 | 00,044,544 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\alg.exe
PRC - [2007-11-12 14:14:48 | 00,487,424 | ---- | M] () – C:\Program Files\WLAN_Software\ZD1211B\ZDWLan.EXE
PRC - [2007-11-02 18:58:38 | 00,566,560 | ---- | M] (ABBYY (BIT Software)) – C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe
PRC - [2007-10-25 04:57:56 | 16,855,552 | R— | M] (Realtek Semiconductor Corp.) – C:\WINDOWS\RTHDCPL.exe
PRC - [2005-05-13 09:59:46 | 00,036,864 | ---- | M] () – C:\WINDOWS\system32\slee81.exe
PRC - [2005-05-12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) – C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2005-05-12 00:33:52 | 00,479,232 | ---- | M] (Hewlett-Packard Co.) – C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2005-05-11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) – C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2005-05-11 23:12:54 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) – C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2004-08-11 00:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wdfmgr.exe
PRC - [2003-06-19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) – C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
========== Modules (All) ==========
MOD - [2010-01-01 16:41:02 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\x\Pulpit\OTL.exe
MOD - [2009-06-25 09:27:54 | 00,056,832 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 15:54:38 | 00,585,216 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 15:08:59 | 01,018,368 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:53:44 | 00,686,592 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 11:53:43 | 00,722,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 13:42:41 | 00,286,720 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 20:03:15 | 08,489,984 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 00,997,888 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 21:29:10 | 01,054,208 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008-04-14 18:21:56 | 00,146,432 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 18:20:57 | 00,172,544 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 18:20:57 | 00,018,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 18:20:56 | 00,732,672 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 18:20:56 | 00,580,096 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 18:20:56 | 00,219,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 18:20:56 | 00,067,584 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 18:20:47 | 00,474,112 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 18:20:45 | 00,064,000 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 18:20:44 | 01,287,168 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 18:20:44 | 00,551,936 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 18:20:44 | 00,084,992 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 18:20:44 | 00,023,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 18:20:41 | 00,119,808 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 18:20:39 | 00,343,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 18:20:36 | 00,297,984 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 18:20:32 | 00,110,080 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 18:19:59 | 00,125,952 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 18:12:58 | 00,177,152 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msctfime.ime
MOD - [2006-05-03 21:53:54 | 00,174,592 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\framedyn.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] – -- (NMIndexingService)
SRV - File not found [Auto | Stopped] – -- (Network Monitor)
SRV - File not found [On_Demand | Stopped] – -- (HssTrayService)
SRV - [2009-11-30 21:26:36 | 00,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] – C:\Program Files\Alwil Software\Avast5\AvastSvc.exe – (avast! Web Scanner)
SRV - [2009-11-30 21:26:36 | 00,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] – C:\Program Files\Alwil Software\Avast5\AvastSvc.exe – (avast! Mail Scanner)
SRV - [2009-11-30 21:26:36 | 00,040,384 | ---- | M] (ALWIL Software) [Auto | Running] – C:\Program Files\Alwil Software\Avast5\AvastSvc.exe – (avast! Antivirus)
SRV - [2009-08-22 12:19:24 | 00,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe – (Adobe LM Service)
SRV - [2009-08-22 11:44:37 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] – C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe – (FLEXnet Licensing Service)
SRV - [2009-03-09 04:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] – C:\Program Files\Java\jre6\bin\jqs.exe – (JavaQuickStarterService)
SRV - [2008-11-04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE – (odserv)
SRV - [2008-10-25 10:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe – (Microsoft Office Groove Audit Service)
SRV - [2008-05-16 13:01:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) [Auto | Running] – C:\WINDOWS\system32\nvsvc32.exe – (NVSvc)
SRV - [2007-11-02 18:58:38 | 00,566,560 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] – C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe – (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2007-08-09 08:27:52 | 00,073,728 | ---- | M] (HP) [Auto | Stopped] – C:\WINDOWS\system32\HPZipm12.exe – (Pml Driver HPZ12)
SRV - [2006-10-26 12:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE – (ose)
SRV - [2005-08-02 22:18:49 | 00,086,016 | ---- | M] (CACE Technologies) [On_Demand | Stopped] – C:\Program Files\WinPcap\rpcapd.exe – (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2005-05-13 09:59:46 | 00,036,864 | ---- | M] () [service] [Auto | Running] – C:\WINDOWS\system32\slee81.exe – (SLEE_81_SERVICE)
========== Driver Services (SafeList) ==========
DRV - File not found [File_System | Disabled | Running] – -- (KLIF)
DRV - File not found [Kernel | Disabled | Running] – -- (klbg)
DRV - File not found [Kernel | Disabled | Running] – -- (kl1)
DRV - [2009-11-30 21:15:21 | 00,046,544 | ---- | M] (ALWIL Software) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\aswTdi.sys – (aswTdi)
DRV - [2009-11-30 21:14:54 | 00,149,840 | ---- | M] (ALWIL Software) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\aswSP.sys – (aswSP)
DRV - [2009-11-30 21:12:05 | 00,023,248 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\aswRdr.sys – (aswRdr)
DRV - [2009-11-30 21:11:38 | 00,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] – C:\WINDOWS\system32\drivers\aswmon2.sys – (aswMon2)
DRV - [2009-11-30 21:11:28 | 00,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] – C:\WINDOWS\system32\drivers\aswFsBlk.sys – (aswFsBlk)
DRV - [2009-11-30 21:11:14 | 00,027,728 | ---- | M] (ALWIL Software) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\aavmker4.sys – (Aavmker4)
DRV - [2009-11-02 19:03:24 | 00,005,632 | ---- | M] () [File_System | System | Running] – C:\WINDOWS\system32\drivers\StarOpen.sys – (StarOpen)
DRV - [2009-09-18 11:10:46 | 00,721,904 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)
DRV - [2009-09-17 20:25:49 | 00,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\hamachi.sys – (hamachi)
DRV - [2009-04-24 11:18:34 | 00,020,608 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\BRGSp50.sys – (BRGSp50)
DRV - [2009-04-24 11:18:34 | 00,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ZDPSp50.sys – (ZDPSp50)
DRV - [2008-05-16 13:01:00 | 06,557,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\nv4_mini.sys – (nv)
DRV - [2008-04-13 19:53:09 | 00,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\nmnt.sys – (nm)
DRV - [2008-04-13 17:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\secdrv.sys – (Secdrv)
DRV - [2008-04-13 17:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\hdaudbus.sys – (HDAudBus)
DRV - [2008-01-23 22:25:32 | 00,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\tapvpn.sys – (tapvpn)
DRV - [2007-11-01 07:38:56 | 04,620,288 | R— | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-11-01 01:56:00 | 00,036,864 | R— | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\l151x86.sys – (AtcL001)
DRV - [2007-08-29 10:10:14 | 00,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ewusbmdm.sys – (hwdatacard)
DRV - [2007-06-25 19:29:52 | 00,500,736 | ---- | M] (Atheros Technology Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ZD1211BU.sys – (ZD1211BU(Atheros)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(Atheros)
DRV - [2007-05-02 10:11:18 | 00,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ss_mdm.sys – (ss_mdm)
DRV - [2007-05-02 10:11:18 | 00,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ss_mdfl.sys – (ss_mdfl)
DRV - [2007-05-02 10:11:16 | 00,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ss_bus.sys – (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2005-08-02 22:10:13 | 00,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\npf.sys – (NPF)
DRV - [2005-05-13 09:59:48 | 00,069,632 | ---- | M] () [Driver] [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\slee81.sys – (SLEE_81_DRIVER)
DRV - [2005-03-08 05:52:28 | 00,021,744 | R— | M] (HP) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\HPZius12.sys – (HPZius12)
DRV - [2005-03-08 05:52:27 | 00,016,496 | R— | M] (HP) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\HPZipr12.sys – (HPZipr12)
DRV - [2005-03-08 05:52:26 | 00,051,120 | R— | M] (HP) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\HPZid412.sys – (HPZid412)
DRV - [2005-01-26 02:03:00 | 00,020,576 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\PxHelp20.sys – (PxHelp20)
DRV - [2004-08-13 11:56:20 | 00,005,810 | R— | M] () [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ASACPI.sys – (MTsensor)
DRV - [2001-08-18 00:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ptilink.sys – (Ptilink)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU.DEFAULT.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-21-1417001333-746137067-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://nasza-klasa.pl/
IE - HKU\S-1-5-21-1417001333-746137067-839522115-1003…\URLSearchHook: {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1417001333-746137067-839522115-1003\S-1-5-21-1417001333-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {114A72AF-007E-461D-89FF-864728C749C5} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {37B85A21-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O2 - BHO: (no name) - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {7B14F22F-02CA-4B20-8FEB-8E1C81F0A249} - Reg Error: Value error. File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\x\Dane aplikacji\Gadu-Gadu 10_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM…\Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O3 - HKLM…\Toolbar: (no name) - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - No CLSID value found.
O3 - HKLM…\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - Reg Error: Value error. File not found
O3 - HKLM…\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-1417001333-746137067-839522115-1003…\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - Reg Error: Value error. File not found
O4 - HKLM…\Run: [{871e8f55-be5f-04dd-7993-163ea324e74e}] C:\WINDOWS\system32\opthxoqzrnofqv.DLL File not found
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM…\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM…\Run: [AutoEJCD_0ACE20FF] C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
O4 - HKLM…\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software)
O4 - HKLM…\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM…\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM…\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM…\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM…\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM…\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM…\Run: [skyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM…\Run: [ZDWLan_Utility] C:\Program Files\WLAN_Software\ZD1211B\ZDWLan.EXE ()
O4 - HKU\S-1-5-21-1417001333-746137067-839522115-1003…\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-1417001333-746137067-839522115-1003…\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU.DEFAULT…\RunOnce: [sSS7] C:\Program Files\Steganos Security Suite 7\SSS7.exe (Steganos GmbH)
O4 - HKU\S-1-5-18…\RunOnce: [sSS7] C:\Program Files\Steganos Security Suite 7\SSS7.exe (Steganos GmbH)
O4 - HKU\S-1-5-19…\RunOnce: [nlpo_01] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19…\RunOnce: [nlpo_02] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-19…\RunOnce: [nlpo_03] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19…\RunOnce: [nlpo_04] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19…\RunOnce: [nlpo_05] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-19…\RunOnce: [nlpo_06] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-19…\RunOnce: [sSS7] C:\Program Files\Steganos Security Suite 7\SSS7.exe (Steganos GmbH)
O4 - HKU\S-1-5-20…\RunOnce: [nlpo_01] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20…\RunOnce: [nlpo_02] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20…\RunOnce: [nlpo_03] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20…\RunOnce: [nlpo_04] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20…\RunOnce: [nlpo_05] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20…\RunOnce: [nlpo_06] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20…\RunOnce: [sSS7] C:\Program Files\Steganos Security Suite 7\SSS7.exe (Steganos GmbH)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Image Zone - szybkie uruchamianie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\x\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 [2009-12-23 10:58:30 | 00,000,000 | —D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 [2009-12-23 10:58:30 | 00,000,000 | —D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2009-12-23 10:58:30 | 00,000,000 | —D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2009-12-23 10:58:30 | 00,000,000 | —D | M]
O7 - HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1417001333-746137067-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ … vc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resourc … oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan … stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - Reg Error: Value error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\urqRLBSm: DllName - urqRLBSm.dll - File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {114A72AF-007E-461D-89FF-864728C749C5} - Reg Error: Value error. File not found
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\yayyVlkL) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-09-09 16:19:50 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] – “%1” %*
O35 - exefile [open] – “%1” %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008-09-09 18:09:07 | 00,000,000 | —D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
========== Files/Folders - Created Within 30 Days ==========
[2010-01-01 16:57:47 | 00,000,000 | RH-D | C] – C:\Documents and Settings\x\Recent
[2010-01-01 16:54:16 | 00,028,552 | ---- | C] (Panda Security, S.L.) – C:\WINDOWS\System32\drivers\pavboot.sys
[2010-01-01 16:54:07 | 00,000,000 | —D | C] – C:\Program Files\Panda Security
[2010-01-01 16:40:56 | 00,513,536 | ---- | C] (OldTimer Tools) – C:\Documents and Settings\x\Pulpit\OTL.exe
[2010-01-01 16:07:17 | 00,000,000 | —D | C] – C:\WINDOWS\BDOSCAN8
[2010-01-01 16:02:17 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
[2010-01-01 16:02:11 | 69,737,656 | ---- | C] (Kaspersky Lab) – C:\Documents and Settings\x\Pulpit\kav9.0.0.736pl.exe
[2010-01-01 15:36:25 | 00,000,000 | —D | C] – C:\Program Files\Ask.com
[2010-01-01 15:36:09 | 00,000,000 | —D | C] – C:\Program Files\uTorrent
[2010-01-01 15:32:05 | 00,000,000 | —D | C] – C:\WINDOWS\LastGood
[2009-12-24 14:02:37 | 00,000,000 | —D | C] – C:\Documents and Settings\x\Gadu-Gadu
[2009-12-24 13:50:27 | 00,000,000 | —D | C] – C:\Documents and Settings\x\Ustawienia lokalne\Dane aplikacji\cache
[2009-12-24 13:43:20 | 00,000,000 | —D | C] – C:\Documents and Settings\x\Ustawienia lokalne\Dane aplikacji\DOSBox
[2009-12-23 13:49:43 | 00,000,000 | —D | C] – C:\Program Files\CCleaner
[2009-12-23 13:49:13 | 03,326,576 | ---- | C] (Piriform Ltd) – C:\Documents and Settings\x\Pulpit\ccsetup_2.26.1050(dobreprogramy.pl).exe
[2009-12-23 10:45:58 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Adobe Systems
[2009-12-23 10:29:14 | 00,000,000 | —D | C] – C:\WINDOWS\TOKYOPOP Manga Creator 2
[2009-12-23 10:25:55 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2009-12-23 10:25:49 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2009-12-23 10:24:07 | 00,000,000 | —D | C] – C:\Documents and Settings\x\Ustawienia lokalne\Dane aplikacji\Mango_Enterprise_-_http__
[2009-12-20 18:22:35 | 00,000,000 | —D | C] – C:\Documents and Settings\x\Moje dokumenty\My Comic Books
[2009-12-18 21:22:08 | 00,024,576 | ---- | C] (Acro Software Inc.) – C:\WINDOWS\System32\custsave.exe
[2009-12-18 21:22:08 | 00,000,000 | —D | C] – C:\Documents and Settings\x\Ustawienia lokalne\Dane aplikacji\PDF Writer
[2009-12-18 10:30:42 | 00,000,000 | —D | C] – C:\Program Files\Gadu-Gadu 10
[2009-12-18 10:29:03 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-12-18 10:28:58 | 00,000,000 | —D | C] – C:\Documents and Settings\x\Dane aplikacji\OpenFM
[2009-12-18 10:28:41 | 00,000,000 | —D | C] – C:\Documents and Settings\x\Dane aplikacji\Gadu-Gadu 10
[2009-12-15 16:22:52 | 00,000,000 | —D | C] – C:\Documents and Settings\x\Dane aplikacji\skypePM
[2009-12-15 16:17:21 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Skype
[2009-12-14 18:18:22 | 00,000,000 | —D | C] – C:\Documents and Settings\x\Pulpit\1
[2009-08-26 15:06:30 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Adobe
[2009-05-24 17:43:05 | 00,000,000 | --SD | M] – C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2009-04-24 12:58:14 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-01-06 21:29:07 | 00,000,000 | --SD | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2008-09-10 17:30:01 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Dane aplikacji\NetMon
[2008-09-09 16:20:56 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2005-05-11 23:36:48 | 00,012,288 | ---- | C] (Hewlett-Packard Co.) – C:\WINDOWS\Fonts\RandFont.dll
[6 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]
[4 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files - Modified Within 30 Days ==========
[2010-01-01 17:01:00 | 00,000,226 | ---- | M] () – C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010-01-01 16:41:02 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\x\Pulpit\OTL.exe
[2010-01-01 16:02:12 | 69,737,656 | ---- | M] (Kaspersky Lab) – C:\Documents and Settings\x\Pulpit\kav9.0.0.736pl.exe
[2010-01-01 15:36:09 | 00,000,630 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk
[2010-01-01 15:35:20 | 00,015,902 | ---- | M] () – C:\Documents and Settings\x\Pulpit[VipTorrent.pl]Łzy w deszczu_1988_TV[XviD][Lektor PL] [www.viptorrent.pl].torrent
[2010-01-01 15:32:06 | 01,154,296 | ---- | M] () – C:\WINDOWS\System32\PerfStringBackup.INI
[2010-01-01 15:32:06 | 00,525,530 | ---- | M] () – C:\WINDOWS\System32\perfh015.dat
[2010-01-01 15:32:06 | 00,444,028 | ---- | M] () – C:\WINDOWS\System32\perfh009.dat
[2010-01-01 15:32:06 | 00,098,816 | ---- | M] () – C:\WINDOWS\System32\perfc015.dat
[2010-01-01 15:32:06 | 00,071,904 | ---- | M] () – C:\WINDOWS\System32\perfc009.dat
[2010-01-01 15:26:15 | 00,186,097 | ---- | M] () – C:\WINDOWS\System32\nvapps.xml
[2010-01-01 15:26:11 | 00,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT
[2010-01-01 15:26:08 | 00,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat
[2010-01-01 00:23:41 | 04,718,592 | ---- | M] () – C:\Documents and Settings\x\ntuser.dat
[2010-01-01 00:23:41 | 00,000,188 | -HS- | M] () – C:\Documents and Settings\x\ntuser.ini
[2009-12-28 19:59:11 | 06,404,652 | -H-- | M] () – C:\Documents and Settings\x\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-12-27 12:22:08 | 00,002,206 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl
[2009-12-23 13:49:44 | 00,001,548 | ---- | M] () – C:\Documents and Settings\x\Pulpit\CCleaner.lnk
[2009-12-23 13:49:21 | 03,326,576 | ---- | M] (Piriform Ltd) – C:\Documents and Settings\x\Pulpit\ccsetup_2.26.1050(dobreprogramy.pl).exe
[2009-12-23 11:00:47 | 00,073,936 | ---- | M] () – C:\Documents and Settings\x\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-12-23 10:59:50 | 00,282,128 | ---- | M] () – C:\WINDOWS\System32\FNTCACHE.DAT
[2009-12-23 10:52:18 | 00,000,116 | ---- | M] () – C:\WINDOWS\NeroDigital.ini
[2009-12-20 18:22:35 | 00,003,120 | ---- | M] () – C:\WINDOWS\System32\IH4S7HXQ.ocx
[2009-12-20 18:22:13 | 00,000,043 | ---- | M] () – C:\WINDOWS\gswin32.ini
[2009-12-18 10:31:11 | 00,000,678 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2009-12-15 16:22:53 | 00,000,056 | -H-- | M] () – C:\WINDOWS\System32\ezsidmv.dat
[2009-12-12 20:37:47 | 00,006,144 | -H-- | M] () – C:\Documents and Settings\x\Moje dokumenty\photothumb.db
[2009-12-12 20:37:27 | 00,015,360 | -H-- | M] () – C:\Documents and Settings\x\Pulpit\photothumb.db
[6 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]
[4 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files Created - No Company Name ==========
[2010-01-01 15:36:28 | 00,000,226 | ---- | C] () – C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010-01-01 15:36:09 | 00,000,630 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk
[2010-01-01 15:35:20 | 00,015,902 | ---- | C] () – C:\Documents and Settings\x\Pulpit[VipTorrent.pl]Łzy w deszczu_1988_TV[XviD][Lektor PL] [www.viptorrent.pl].torrent
[2009-12-23 13:49:44 | 00,001,548 | ---- | C] () – C:\Documents and Settings\x\Pulpit\CCleaner.lnk
[2009-12-20 18:22:35 | 00,003,120 | ---- | C] () – C:\WINDOWS\System32\IH4S7HXQ.ocx
[2009-12-20 18:22:13 | 00,000,043 | ---- | C] () – C:\WINDOWS\gswin32.ini
[2009-12-18 21:22:19 | 00,090,112 | ---- | C] () – C:\WINDOWS\System32\custmon2k.dll
[2009-12-18 21:22:19 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\uninstpw.exe
[2009-12-18 10:31:11 | 00,000,678 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2009-12-15 16:22:53 | 00,000,056 | -H-- | C] () – C:\WINDOWS\System32\ezsidmv.dat
[2009-11-27 21:30:37 | 00,000,088 | RHS- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\48BEA95BD6.sys
[2009-09-18 11:10:45 | 00,721,904 | ---- | C] () – C:\WINDOWS\System32\drivers\sptd.sys
[2009-06-26 20:18:41 | 00,000,214 | ---- | C] () – C:\WINDOWS\HP_InstantSHareJPG.ini
[2009-06-26 20:18:31 | 00,000,217 | ---- | C] () – C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2009-06-26 20:17:16 | 00,000,221 | ---- | C] () – C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2009-05-25 19:47:12 | 00,000,600 | ---- | C] () – C:\WINDOWS\WININIT.INI
[2009-05-25 19:46:50 | 00,000,770 | ---- | C] () – C:\WINDOWS\YDPDICT.INI
[2009-04-24 13:21:51 | 00,076,407 | ---- | C] () – C:\Documents and Settings\x\Dane aplikacji\Smiley.ico
[2009-01-05 15:44:10 | 00,000,453 | ---- | C] () – C:\WINDOWS\bdoscandellang.ini
[2009-01-04 21:13:41 | 00,000,126 | ---- | C] () – C:\Documents and Settings\x\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2009-01-04 12:50:44 | 00,077,824 | R— | C] () – C:\WINDOWS\System32\hpzids01.dll
[2008-12-29 15:50:29 | 00,001,381 | ---- | C] () – C:\WINDOWS\disney.ini
[2008-12-09 13:31:44 | 01,199,532 | -HS- | C] () – C:\WINDOWS\System32\dmjlpwnq.ini
[2008-10-05 18:08:57 | 00,000,116 | ---- | C] () – C:\WINDOWS\NeroDigital.ini
[2008-10-05 18:02:02 | 00,016,384 | ---- | C] () – C:\Documents and Settings\x\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-10-05 17:04:12 | 00,000,797 | ---- | C] () – C:\Documents and Settings\x\Dane aplikacji\Launch Internet Explorer Browser.lnk
[2008-10-04 13:23:40 | 00,002,304 | ---- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2008-09-22 19:02:45 | 00,000,000 | ---- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2008-09-22 18:54:13 | 00,005,632 | ---- | C] () – C:\WINDOWS\System32\drivers\StarOpen.sys
[2008-09-11 18:31:37 | 00,000,239 | ---- | C] () – C:\WINDOWS\cookies.ini
[2008-09-11 14:36:40 | 01,194,930 | -HS- | C] () – C:\WINDOWS\System32\adwntysp.ini
[2008-09-11 14:36:10 | 00,000,022 | ---- | C] () – C:\WINDOWS\pskt.ini
[2008-09-10 17:32:48 | 00,409,022 | -HS- | C] () – C:\WINDOWS\System32\LklVyyay.ini2
[2008-09-10 17:32:47 | 00,409,439 | -HS- | C] () – C:\WINDOWS\System32\LklVyyay.ini
[2008-09-10 17:30:54 | 00,687,592 | ---- | C] () – C:\WINDOWS\System32\atmtd.dll._
[2008-09-10 17:30:54 | 00,687,592 | ---- | C] () – C:\WINDOWS\System32\atmtd.dll
[2008-09-09 18:02:44 | 00,000,663 | ---- | C] () – C:\WINDOWS\ODBC.INI
[2008-09-09 16:23:35 | 00,010,800 | ---- | C] () – C:\WINDOWS\Ascd_tmp.ini
[2008-09-09 16:23:33 | 00,005,810 | R— | C] () – C:\WINDOWS\System32\drivers\ASACPI.sys
[2008-09-09 16:23:22 | 00,012,536 | ---- | C] () – C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008-05-26 21:22:36 | 00,016,222 | ---- | C] () – C:\WINDOWS\System32\gthrctr.ini
[2008-05-26 21:22:34 | 00,021,728 | ---- | C] () – C:\WINDOWS\System32\idxcntrs.ini
[2008-05-26 21:22:32 | 00,016,164 | ---- | C] () – C:\WINDOWS\System32\gsrvctr.ini
[2008-05-16 13:01:00 | 01,703,936 | ---- | C] () – C:\WINDOWS\System32\nvwdmcpl.dll
[2008-05-16 13:01:00 | 01,486,848 | ---- | C] () – C:\WINDOWS\System32\nview.dll
[2008-05-16 13:01:00 | 01,019,904 | ---- | C] () – C:\WINDOWS\System32\nvwimg.dll
[2008-05-16 13:01:00 | 00,466,944 | ---- | C] () – C:\WINDOWS\System32\nvshell.dll
[2008-05-16 13:01:00 | 00,286,720 | ---- | C] () – C:\WINDOWS\System32\nvnt4cpl.dll
[2007-08-31 23:16:19 | 00,452,608 | R— | C] () – C:\WINDOWS\System32\videoformat.dll
[2007-08-31 23:16:19 | 00,019,456 | R— | C] () – C:\WINDOWS\System32\videocore.dll
[2007-08-31 23:16:18 | 06,963,712 | R— | C] () – C:\WINDOWS\System32\videotrans.dll
[2007-08-31 19:53:17 | 00,262,144 | ---- | C] () – C:\WINDOWS\System32\lame_enc.dll
[2007-06-28 22:24:47 | 00,598,016 | R— | C] () – C:\WINDOWS\System32\viscomqtde.dll
[2007-06-05 20:35:46 | 00,010,760 | R— | C] () – C:\WINDOWS\System32\Machnm64.sys
[2007-06-05 20:35:21 | 00,299,008 | R— | C] () – C:\WINDOWS\System32\QuickHash.dll
[2007-06-05 20:34:11 | 00,057,344 | R— | C] () – C:\WINDOWS\System32\cbcedll.dll
[2007-05-30 23:51:21 | 00,007,432 | R— | C] () – C:\WINDOWS\System32\Machnm32.sys
[2005-08-02 22:24:01 | 00,053,299 | ---- | C] () – C:\WINDOWS\System32\pthreadVC.dll
[2005-05-13 09:59:48 | 00,069,632 | ---- | C] () – C:\WINDOWS\System32\drivers\slee81.sys
[2005-01-24 09:30:04 | 00,139,264 | ---- | C] () – C:\WINDOWS\System32\hpzjrd01.dll
[2001-07-06 14:30:02 | 00,003,234 | ---- | C] () – C:\WINDOWS\System32\HPTCPMON.INI
========== LOP Check ==========
[2009-09-17 19:15:45 | 00,000,000 | —D | M] – C:\Documents and Settings\Administrator\Dane aplikacji\Windows Desktop Search
[2009-12-23 10:25:08 | 00,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2009-09-18 11:12:55 | 00,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-07-29 20:25:46 | 00,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\DriverScanner
[2009-12-23 10:25:59 | 00,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-06-28 14:57:06 | 00,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Wru
[2009-07-29 20:24:41 | 00,000,000 | -H-D | M] – C:\Documents and Settings\All Users\Dane aplikacji{66E2F539-12B6-4870-A500-7689CDE75C5E}
[2009-07-07 13:11:35 | 00,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
[2008-09-10 17:30:01 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Dane aplikacji\NetMon
[2009-09-18 11:29:42 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\DAEMON Tools Lite
[2009-04-24 14:22:02 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\DC++
[2008-09-20 16:57:11 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\Gadu-Gadu
[2010-01-01 15:26:41 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\Gadu-Gadu 10
[2008-09-09 22:08:13 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\iPlus
[2009-04-30 18:39:24 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\NetMedia Providers
[2009-12-18 10:28:58 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\OpenFM
[2009-07-10 16:08:17 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\Outlook AutoConfig
[2009-04-30 18:02:47 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\Publish Providers
[2009-12-23 10:24:07 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\Samsung
[2008-10-18 15:29:39 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\Sony
[2009-11-27 21:30:32 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\Thinstall
[2010-01-01 17:05:18 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\uTorrent
[2009-05-24 20:10:31 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\Windows Desktop Search
[2009-05-25 18:05:31 | 00,000,000 | —D | M] – C:\Documents and Settings\x\Dane aplikacji\Windows Search
[2010-01-01 17:01:00 | 00,000,226 | ---- | M] () – C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< %systemdrive%*.* >
[2008-09-09 16:19:50 | 00,000,000 | ---- | M] () – C:\AUTOEXEC.BAT
[2008-10-19 19:01:02 | 00,000,211 | RHS- | M] () – C:\boot.ini
[2001-07-22 01:13:54 | 00,004,952 | RHS- | M] () – C:\Bootfont.bin
[2009-11-02 18:46:15 | 00,000,074 | ---- | M] () – C:\CMLoader.log
[2008-09-09 16:19:50 | 00,000,000 | ---- | M] () – C:\CONFIG.SYS
[2008-09-09 16:19:50 | 00,000,000 | RHS- | M] () – C:\IO.SYS
[2008-09-09 16:19:50 | 00,000,000 | RHS- | M] () – C:\MSDOS.SYS
[2004-08-03 23:38:34 | 00,047,564 | RHS- | M] () – C:\NTDETECT.COM
[2008-11-28 17:19:00 | 00,251,152 | RHS- | M] () – C:\ntldr
[2010-01-01 15:26:05 | 21,465,45664 | -HS- | M] () – C:\pagefile.sys
< End of report >
