OTL logfile created on: 2009-12-27 11:47:36 - Run 2
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\klaudia1\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
447,00 Mb Total Physical Memory | 135,00 Mb Available Physical Memory | 30,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 4,03 Gb Free Space | 20,65% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 0,15 Gb Free Space | 0,38% Space Free | Partition Type: NTFS
Drive E: | 39,06 Gb Total Space | 5,51 Gb Free Space | 14,10% Space Free | Partition Type: NTFS
Drive F: | 51,39 Gb Total Space | 5,52 Gb Free Space | 10,74% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KLAUDIA-Q0RACCB
Current User Name: klaudia1
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (All) ==========
PRC - [2009-12-26 21:15:42 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\klaudia1\Pulpit\OTL.exe
PRC - [2009-12-16 22:24:30 | 00,307,672 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-08-06 19:24:06 | 00,053,472 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-07-27 16:42:10 | 10,719,848 | ---- | M] (GG Network S.A.) – C:\Program Files\Nowe Gadu-Gadu\gg.exe
PRC - [2009-07-27 15:39:44 | 00,077,824 | ---- | M] () – C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2009-07-25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-06-14 02:48:44 | 04,076,544 | ---- | M] (ISecSoft) – C:\Program Files\Anti Trojan Elite\TJEnder.exe
PRC - [2009-02-09 11:10:45 | 00,111,104 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\services.exe
PRC - [2008-04-01 10:39:48 | 00,486,856 | ---- | M] (DT Soft Ltd) – C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2006-10-31 07:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) – C:\WINDOWS\system32\nvsvc32.exe
PRC - [2006-10-26 23:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) – C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2006-08-01 12:10:18 | 16,049,664 | R— | M] (Realtek Semiconductor Corp.) – C:\WINDOWS\RTHDCPL.exe
PRC - [2006-07-13 15:59:48 | 00,131,131 | ---- | M] (NVIDIA Corporation) – C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006-07-13 15:59:32 | 00,065,599 | ---- | M] (NVIDIA Corporation) – C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2006-04-03 17:04:02 | 00,020,543 | ---- | M] (Apache Software Foundation) – C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2006-03-03 20:03:10 | 00,069,632 | ---- | M] (HP) – C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006-02-19 03:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) – C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2006-02-19 01:41:10 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) – C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2004-10-05 16:00:12 | 00,061,440 | ---- | M] (France Télécom R&D) – C:\Program Files\neostrada tp\TaskBarIcon.exe
PRC - [2004-08-23 13:49:56 | 00,040,960 | ---- | M] (France Telecom) – C:\WINDOWS\system32\FTRTSVC.exe
PRC - [2004-08-03 23:44:30 | 00,504,832 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-03 23:44:30 | 00,126,464 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2004-08-03 23:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wscntfy.exe
PRC - [2004-08-03 23:44:28 | 00,057,856 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-03 23:44:28 | 00,050,688 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\smss.exe
PRC - [2004-08-03 23:44:28 | 00,033,280 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\rundll32.exe
PRC - [2004-08-03 23:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-03 23:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-03 23:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-03 23:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-03 23:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-03 23:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [imgSVC]
PRC - [2004-08-03 23:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-03 23:44:22 | 00,013,312 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-03 23:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe
PRC - [2004-08-03 23:44:20 | 00,015,360 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-03 23:44:20 | 00,006,144 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\csrss.exe
PRC - [2004-08-03 23:44:18 | 00,044,544 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\alg.exe
========== Modules (All) ==========
MOD - [2009-12-26 21:15:42 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\klaudia1\Pulpit\OTL.exe
MOD - [2009-09-25 06:58:06 | 00,473,600 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:48:08 | 00,056,320 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:18:19 | 00,584,192 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 15:21:24 | 01,014,784 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:22:08 | 00,686,080 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 11:22:06 | 00,722,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:01:37 | 00,283,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\gdi32.dll
MOD - [2008-07-03 14:16:27 | 08,483,328 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shell32.dll
MOD - [2007-05-17 12:30:17 | 00,549,376 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\oleaut32.dll
MOD - [2005-01-14 09:57:03 | 01,284,608 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-03 23:44:32 | 00,146,432 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-03 23:44:14 | 00,578,560 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\user32.dll
MOD - [2004-08-03 23:44:14 | 00,219,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-03 23:44:14 | 00,018,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\version.dll
MOD - [2004-08-03 23:44:12 | 00,067,584 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-03 23:44:10 | 00,996,352 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-03 23:44:10 | 00,023,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-03 23:44:08 | 00,083,456 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-03 23:44:06 | 00,343,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-03 23:44:04 | 00,294,400 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msctf.dll
MOD - [2004-08-03 23:43:58 | 00,185,856 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-03 23:42:34 | 01,050,624 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] – -- (CreateProcess)
SRV - [2009-10-04 14:13:55 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] – C:\Program Files\Google\Update\GoogleUpdate.exe – (gupdate) Usługa Google Update (gupdate)
SRV - [2009-07-25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] – C:\Program Files\Java\jre6\bin\jqs.exe – (JavaQuickStarterService)
SRV - [2008-11-20 20:18:52 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe – (gusvc)
SRV - [2006-10-31 07:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) [Auto | Running] – C:\WINDOWS\system32\nvsvc32.exe – (NVSvc)
SRV - [2006-10-26 23:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe – (Microsoft Office Groove Audit Service)
SRV - [2006-10-26 18:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE – (odserv)
SRV - [2006-10-26 12:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE – (ose)
SRV - [2006-07-13 15:59:48 | 00,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] – C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe – (nSvcIp)
SRV - [2006-07-13 15:59:32 | 00,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] – C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe – (nSvcLog)
SRV - [2006-04-03 17:04:02 | 00,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] – C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe – (ForcewareWebInterface)
SRV - [2006-03-03 20:03:10 | 00,069,632 | ---- | M] (HP) [Auto | Running] – C:\WINDOWS\system32\HPZipm12.exe – (Pml Driver HPZ12)
SRV - [2004-08-23 13:49:56 | 00,040,960 | ---- | M] (France Telecom) [Auto | Running] – C:\WINDOWS\system32\FTRTSVC.exe – (FTRTSVC)
========== Driver Services (SafeList) ==========
DRV - [2009-12-06 16:27:54 | 00,717,296 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)
DRV - [2008-11-20 20:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\PxHelp20.sys – (PxHelp20)
DRV - [2006-10-31 07:35:00 | 03,964,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\nv4_mini.sys – (nv)
DRV - [2006-09-19 10:03:28 | 00,116,992 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\e4usbaw.sys – (e4usbaw)
DRV - [2006-09-15 10:07:54 | 00,064,000 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] – C:\WINDOWS\system32\drivers\e4ldr.sys – (IKANLOADER2) General Purpose USB Driver (e4ldr.sys)
DRV - [2006-08-01 12:07:02 | 04,356,608 | R— | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.Sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-07-11 14:38:30 | 00,020,480 | R— | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\nvnetbus.sys – (nvnetbus)
DRV - [2006-07-11 14:38:28 | 00,057,856 | R— | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\NVENETFD.sys – (NVENETFD)
DRV - [2006-06-28 10:38:56 | 00,105,088 | R— | M] (NVIDIA Corporation) [Kernel | Boot | Running] – C:\WINDOWS\System32\DRIVERS\nvata.sys – (nvata)
DRV - [2006-06-18 22:51:32 | 00,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\AmdK8.sys – (AmdK8)
DRV - [2005-10-28 02:24:30 | 00,021,568 | ---- | M] (HP) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\HPZius12.sys – (HPZius12)
DRV - [2005-10-28 02:24:29 | 00,016,496 | ---- | M] (HP) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\HPZipr12.sys – (HPZipr12)
DRV - [2005-10-28 02:24:28 | 00,049,664 | ---- | M] (HP) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\HPZid412.sys – (HPZid412)
DRV - [2005-01-07 16:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\Hdaudbus.sys – (HDAudBus)
DRV - [2004-09-01 09:42:18 | 00,138,396 | ---- | M] () [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\Pfc027.sys – (SoC PC-Camera Service)
DRV - [2004-08-03 22:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\gameenum.sys – (gameenum)
DRV - [2003-08-04 13:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\PCANDIS5.SYS – (PCANDIS5)
DRV - [2001-10-26 16:56:18 | 00,320,384 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\mgaum.sys – (mgau)
DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ptilink.sys – (Ptilink)
DRV - [2001-07-22 03:41:32 | 00,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\secdrv.sys – (Secdrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = wyborcza.pl/0,0.html?p=017
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.tattoodle.com?tid={2F92B630-E63A-41ca-A35D-C4F531EDE143}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU…\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\neostrada tp\SearchPageURL.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
========== FireFox ==========
FF - prefs.js…browser.search.defaultenginename: “Fast Browser Search”
FF - prefs.js…browser.search.defaultthis.engineName: “Fast Browser Search”
FF - prefs.js…browser.search.order.1: “Fast Browser Search”
FF - prefs.js…browser.search.selectedEngine: “Google”
FF - prefs.js…browser.search.useDBForOrder: true
FF - prefs.js…browser.startup.homepage: “http://www.google.pl/”
FF - prefs.js…extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js…extensions.enabledItems: {a3b24d40-bac4-11dc-95ff-0800200c9a66}:0.2.2
FF - prefs.js…extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.7
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\Components: C:\Program Files\Mozilla Firefox\components [2009-12-17 22:26:56 | 00,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-12-16 22:24:35 | 00,000,000 | —D | M]
[2009-06-11 08:05:18 | 00,000,000 | —D | M] – C:\Documents and Settings\klaudia1\Dane aplikacji\Mozilla\Extensions
[2009-12-26 18:25:56 | 00,000,000 | —D | M] – C:\Documents and Settings\klaudia1\Dane aplikacji\Mozilla\Firefox\Profiles\7mgd53la.default\extensions
[2009-12-25 13:47:52 | 00,000,000 | —D | M] (farm helper Toolbar) – C:\Documents and Settings\klaudia1\Dane aplikacji\Mozilla\Firefox\Profiles\7mgd53la.default\extensions{26b787a1-3c6f-4874-981c-9256eb27baea}
[2009-10-30 13:05:04 | 00,000,000 | —D | M] (Stylish) – C:\Documents and Settings\klaudia1\Dane aplikacji\Mozilla\Firefox\Profiles\7mgd53la.default\extensions{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2009-06-17 09:42:06 | 00,000,000 | —D | M] (jDownFF) – C:\Documents and Settings\klaudia1\Dane aplikacji\Mozilla\Firefox\Profiles\7mgd53la.default\extensions{a3b24d40-bac4-11dc-95ff-0800200c9a66}
[2009-11-13 00:44:46 | 00,000,925 | ---- | M] () – C:\Documents and Settings\klaudia1\Dane aplikacji\Mozilla\Firefox\Profiles\7mgd53la.default\searchplugins\conduit.xml
[2009-12-06 16:16:34 | 00,002,055 | ---- | M] () – C:\Documents and Settings\klaudia1\Dane aplikacji\Mozilla\Firefox\Profiles\7mgd53la.default\searchplugins\daemon-search.xml
[2009-12-26 18:25:59 | 00,000,000 | —D | M] – C:\Program Files\Mozilla Firefox\extensions
[2009-07-22 16:38:43 | 00,002,767 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-11-16 21:14:50 | 00,003,700 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\fast.png
[2009-11-16 21:14:50 | 00,001,963 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\fast.xml
[2008-04-03 18:19:08 | 00,001,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2007-03-31 18:11:54 | 00,000,917 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2006-06-03 17:43:22 | 00,000,858 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2008-03-28 22:36:04 | 00,001,183 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2007-01-05 12:40:56 | 00,001,683 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (BrowserHelper Class) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll (Make The Web Better, LLC)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\klaudia1\Dane aplikacji\Nowe Gadu-Gadu_userdata\ggbho.1.dll File not found
O3 - HKCU…\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM…\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM…\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe (ISecSoft)
O4 - HKLM…\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM…\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM…\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM…\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM…\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM…\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM…\Run: [skyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe File not found
O4 - HKLM…\Run: [WOOWATCH] C:\Program Files\neostrada tp\Watch.exe (France Télécom R&D)
O4 - HKCU…\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU…\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\klaudia1\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKLM…Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ … mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut … 03-win.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc … wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:09:44 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]
O32 - AutoRun File - [2004-07-28 12:52:42 | 00,000,039 | ---- | M] () - E:\Autorun.inf – [NTFS]
O33 - MountPoints2{2d87bf2b-b65b-11de-a7ab-4d6564696130}\Shell\Open(&0)\command - “” = H:\Recycled\ctfmon.exe – File not found
O33 - MountPoints2{55255544-598a-11de-a6e0-4d6564696130}\Shell\AutoRun\command - “” = L:\mbvd.exe – File not found
O33 - MountPoints2{55255544-598a-11de-a6e0-4d6564696130}\Shell\open\Command - “” = L:\mbvd.exe – File not found
O33 - MountPoints2{912dbbc6-566c-11de-a9f2-4d6564696130}\Shell - “” = AutoRun
O33 - MountPoints2{a559623a-ab4c-11de-a798-4d6564696130}\Shell\AutoRun\command - “” = H:\2o1ajagt.exe – File not found
O33 - MountPoints2{a559623a-ab4c-11de-a798-4d6564696130}\Shell\open\Command - “” = H:\2o1ajagt.exe – File not found
O33 - MountPoints2{c2633e7e-9bd8-11de-a779-4d6564696130}\Shell\AutoRun\command - “” = L:\q3kku.exe – File not found
O33 - MountPoints2{c2633e7e-9bd8-11de-a779-4d6564696130}\Shell\open\Command - “” = L:\q3kku.exe – File not found
O33 - MountPoints2{f5c171b8-5740-11de-a6dd-4d6564696130}\Shell\AutoRun\command - “” = H:\q9.cmd – File not found
O33 - MountPoints2{f5c171b8-5740-11de-a6dd-4d6564696130}\Shell\open\Command - “” = H:\q9.cmd – File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] – “%1” %*
O35 - exefile [open] – “%1” %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-06-10 22:09:22 | 00,000,000 | —D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ALLUpdate - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe File not found
MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - File not found
MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe File not found
MsConfig - State: “system.ini” - 0
MsConfig - State: “win.ini” - 0
MsConfig - State: “bootini” - 0
MsConfig - State: “services” - 0
MsConfig - State: “startup” - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
========== Files/Folders - Created Within 30 Days ==========
[2009-12-26 22:04:00 | 00,000,000 | —D | C] – C:\Program Files\Trend Micro
[2009-12-26 22:03:47 | 00,812,344 | ---- | C] (Trend Micro Inc.) – C:\Documents and Settings\klaudia1\Pulpit\HJTInstall.exe
[2009-12-26 21:27:06 | 00,000,000 | —D | C] – C:\Documents and Settings\klaudia1\DoctorWeb
[2009-12-26 21:14:47 | 00,513,536 | ---- | C] (OldTimer Tools) – C:\Documents and Settings\klaudia1\Pulpit\OTL.exe
[2009-12-26 21:13:40 | 25,898,288 | ---- | C] (Doctor Web, Ltd.) – C:\Documents and Settings\klaudia1\Pulpit\cureit.exe
[2009-12-26 20:39:47 | 00,000,000 | —D | C] – C:\Program Files\Anti Trojan Elite
[2009-12-06 18:13:18 | 00,000,000 | —D | C] – C:\Program Files\Disney Interactive
[2009-12-06 16:27:47 | 00,000,000 | —D | C] – C:\Documents and Settings\klaudia1\Dane aplikacji\DAEMON Tools
[2009-12-06 16:16:34 | 00,000,000 | —D | C] – C:\Program Files\DAEMON Tools Toolbar
[2009-12-06 16:10:10 | 00,000,000 | —D | C] – C:\Program Files\DAEMON Tools Lite
[2009-12-06 16:10:01 | 00,000,000 | —D | C] – C:\Documents and Settings\klaudia1\Dane aplikacji\DAEMON Tools Lite
[2009-12-06 16:09:58 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-12-01 16:54:38 | 00,014,048 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\spmsg2.dll
[2009-12-01 16:54:17 | 00,000,000 | —D | C] – C:\WINDOWS\System32\pl-PL
[2009-12-01 16:52:01 | 00,000,000 | —D | C] – C:\WINDOWS\System32\XPSViewer
[2009-12-01 16:51:55 | 00,000,000 | —D | C] – C:\WINDOWS\System32\en-US
[2009-12-01 16:51:49 | 00,000,000 | —D | C] – C:\Program Files\Reference Assemblies
[2009-12-01 16:50:49 | 00,117,760 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\prntvpt.dll
[2009-12-01 16:50:49 | 00,089,088 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009-12-01 16:50:48 | 01,676,288 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\xpssvcs.dll
[2009-12-01 16:50:48 | 01,676,288 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009-12-01 16:50:48 | 00,597,504 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009-12-01 16:50:48 | 00,575,488 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009-12-01 16:49:52 | 00,000,000 | R-SD | C] – C:\WINDOWS\assembly
[2009-12-01 16:49:16 | 00,000,000 | —D | C] – C:\WINDOWS\Microsoft.NET
[2009-12-01 16:46:37 | 00,000,000 | —D | C] – C:\Program Files\MSXML 6.0
[2009-10-07 14:19:25 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-10-04 14:19:02 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2009-10-04 14:14:06 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2009-06-13 08:53:01 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple
[2009-06-11 09:06:03 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-06-10 22:09:24 | 00,000,000 | --SD | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-06-10 22:09:24 | 00,000,000 | --SD | M] – C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[5 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]
[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files - Modified Within 30 Days ==========
[2009-12-27 11:24:10 | 00,001,040 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009-12-27 10:22:47 | 00,081,496 | ---- | M] () – C:\WINDOWS\System32\nvapps.xml
[2009-12-27 10:22:27 | 00,001,036 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009-12-27 10:22:25 | 00,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT
[2009-12-27 10:22:21 | 00,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat
[2009-12-27 10:22:18 | 46,902,8864 | -HS- | M] () – C:\hiberfil.sys
[2009-12-26 23:35:18 | 03,932,160 | -H-- | M] () – C:\Documents and Settings\klaudia1\NTUSER.DAT
[2009-12-26 23:35:18 | 00,000,188 | -HS- | M] () – C:\Documents and Settings\klaudia1\ntuser.ini
[2009-12-26 22:04:01 | 00,001,734 | ---- | M] () – C:\Documents and Settings\klaudia1\Pulpit\HijackThis.lnk
[2009-12-26 22:03:52 | 00,812,344 | ---- | M] (Trend Micro Inc.) – C:\Documents and Settings\klaudia1\Pulpit\HJTInstall.exe
[2009-12-26 21:17:16 | 25,898,288 | ---- | M] (Doctor Web, Ltd.) – C:\Documents and Settings\klaudia1\Pulpit\cureit.exe
[2009-12-26 21:15:42 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\klaudia1\Pulpit\OTL.exe
[2009-12-26 16:30:27 | 00,073,646 | ---- | M] () – C:\Documents and Settings\klaudia1\Pulpit\P1020252.JPG
[2009-12-26 02:30:01 | 00,000,436 | -H-- | M] () – C:\Documents and Settings\klaudia1\Pulpit\Ekspres polarny (2004).avi.ini
[2009-12-25 22:45:14 | 03,024,305 | ---- | M] () – C:\Documents and Settings\klaudia1\Pulpit\P1020292.JPG
[2009-12-23 09:28:57 | 00,002,206 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl
[2009-12-23 00:28:50 | 00,001,915 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk
[2009-12-18 17:27:56 | 00,000,038 | ---- | M] () – C:\WINDOWS\avisplitter.INI
[2009-12-18 17:10:45 | 00,040,960 | ---- | M] () – C:\Documents and Settings\klaudia1\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-17 09:21:38 | 00,000,467 | -H-- | M] () – C:\Documents and Settings\klaudia1\Pulpit\Transformers Zemsta upadlych lektor pl.avi.ini
[2009-12-15 15:12:13 | 01,096,320 | ---- | M] () – C:\WINDOWS\System32\PerfStringBackup.INI
[2009-12-15 15:12:13 | 00,493,976 | ---- | M] () – C:\WINDOWS\System32\perfh015.dat
[2009-12-15 15:12:13 | 00,435,396 | ---- | M] () – C:\WINDOWS\System32\perfh009.dat
[2009-12-15 15:12:13 | 00,085,136 | ---- | M] () – C:\WINDOWS\System32\perfc015.dat
[2009-12-15 15:12:13 | 00,068,292 | ---- | M] () – C:\WINDOWS\System32\perfc009.dat
[2009-12-14 23:20:32 | 00,000,444 | -H-- | M] () – C:\Documents and Settings\klaudia1\Pulpit\mdma-2012.avi.ini
[2009-12-14 23:17:51 | 00,000,451 | -H-- | M] () – C:\Documents and Settings\klaudia1\Pulpit\City Rats 2009 DvdRip.rmvb.ini
[2009-12-12 10:14:59 | 00,001,393 | ---- | M] () – C:\WINDOWS\imsins.BAK
[2009-12-10 17:15:20 | 00,000,488 | -H-- | M] () – C:\Documents and Settings\klaudia1\Pulpit\Nienarodzony - The Unborn 2009 [DVDRip] [RMVB] [Lektor PL].rmvb.ini
[2009-12-07 21:35:08 | 00,000,485 | -H-- | M] () – C:\Documents and Settings\klaudia1\Pulpit\HARRY POTTER I KSIĄŻE PÓŁKRWI(wersia dvd orginał na avi)(3).avi.ini
[2009-12-07 21:34:46 | 00,000,069 | ---- | M] () – C:\WINDOWS\NeroDigital.ini
[2009-12-07 17:06:49 | 04,276,832 | -H-- | M] () – C:\Documents and Settings\klaudia1\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-12-06 18:13:38 | 00,001,114 | ---- | M] () – C:\WINDOWS\disney.ini
[2009-12-06 18:13:29 | 00,001,833 | ---- | M] () – C:\Documents and Settings\klaudia1\Pulpit\Disney Piotruś Pan Wielki Powrót.lnk
[2009-12-06 18:12:49 | 00,000,193 | ---- | M] () – C:\WINDOWS\disneysy.ini
[2009-12-06 17:51:21 | 00,000,733 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2009-12-06 16:27:54 | 00,717,296 | ---- | M] () – C:\WINDOWS\System32\drivers\sptd.sys
[2009-12-03 18:30:20 | 00,000,458 | -H-- | M] () – C:\Documents and Settings\klaudia1\Pulpit\Galerianki.2009.PL.DVDRip.rmvb.ini
[2009-12-03 13:17:55 | 00,000,490 | -H-- | M] () – C:\Documents and Settings\klaudia1\Pulpit\Szkoła uczuć - A Walk to Remember [2002] DVDRip Lektor PL.rmvb.ini
[2009-12-03 01:39:30 | 00,000,447 | -H-- | M] () – C:\Documents and Settings\klaudia1\Pulpit\Business-Biznes-2007-[miner].rmvb.ini
[2009-12-02 11:27:21 | 00,000,435 | -H-- | M] () – C:\Documents and Settings\klaudia1\Pulpit\Most do Terabithii.rmvb.ini
[2009-12-02 09:25:49 | 00,271,784 | ---- | M] () – C:\WINDOWS\System32\FNTCACHE.DAT
[2009-12-01 18:01:29 | 00,000,338 | ---- | M] () – C:\Documents and Settings\klaudia1\Dane aplikacji\settings.dat
[2009-12-01 16:57:23 | 00,069,632 | ---- | M] () – C:\Documents and Settings\klaudia1\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-11-28 09:53:10 | 00,000,284 | ---- | M] () – C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009-11-27 15:59:42 | 00,000,474 | -H-- | M] () – C:\Documents and Settings\klaudia1\Pulpit\Scooby Doo gdzie jestes - 01 - Noc w muzeum.rmvb.ini
[5 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]
[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files Created - No Company Name ==========
[2009-12-26 22:04:01 | 00,001,734 | ---- | C] () – C:\Documents and Settings\klaudia1\Pulpit\HijackThis.lnk
[2009-12-26 15:42:36 | 03,024,305 | ---- | C] () – C:\Documents and Settings\klaudia1\Pulpit\P1020292.JPG
[2009-12-26 15:42:18 | 00,073,646 | ---- | C] () – C:\Documents and Settings\klaudia1\Pulpit\P1020252.JPG
[2009-12-26 02:30:01 | 00,000,436 | -H-- | C] () – C:\Documents and Settings\klaudia1\Pulpit\Ekspres polarny (2004).avi.ini
[2009-12-23 00:28:50 | 00,001,915 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk
[2009-12-17 09:21:21 | 00,000,467 | -H-- | C] () – C:\Documents and Settings\klaudia1\Pulpit\Transformers Zemsta upadlych lektor pl.avi.ini
[2009-12-14 23:17:29 | 00,000,451 | -H-- | C] () – C:\Documents and Settings\klaudia1\Pulpit\City Rats 2009 DvdRip.rmvb.ini
[2009-12-13 22:34:14 | 00,000,444 | -H-- | C] () – C:\Documents and Settings\klaudia1\Pulpit\mdma-2012.avi.ini
[2009-12-10 17:12:01 | 00,000,488 | -H-- | C] () – C:\Documents and Settings\klaudia1\Pulpit\Nienarodzony - The Unborn 2009 [DVDRip] [RMVB] [Lektor PL].rmvb.ini
[2009-12-07 21:34:54 | 00,000,485 | -H-- | C] () – C:\Documents and Settings\klaudia1\Pulpit\HARRY POTTER I KSIĄŻE PÓŁKRWI(wersia dvd orginał na avi)(3).avi.ini
[2009-12-06 18:13:29 | 00,001,833 | ---- | C] () – C:\Documents and Settings\klaudia1\Pulpit\Disney Piotruś Pan Wielki Powrót.lnk
[2009-12-06 16:16:16 | 00,000,733 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2009-12-06 16:10:22 | 00,717,296 | ---- | C] () – C:\WINDOWS\System32\drivers\sptd.sys
[2009-12-06 14:09:17 | 00,001,114 | ---- | C] () – C:\WINDOWS\disney.ini
[2009-12-06 14:09:09 | 00,000,193 | ---- | C] () – C:\WINDOWS\disneysy.ini
[2009-12-03 14:18:28 | 00,000,458 | -H-- | C] () – C:\Documents and Settings\klaudia1\Pulpit\Galerianki.2009.PL.DVDRip.rmvb.ini
[2009-12-01 19:17:04 | 00,000,435 | -H-- | C] () – C:\Documents and Settings\klaudia1\Pulpit\Most do Terabithii.rmvb.ini
[2009-12-01 18:26:10 | 00,000,447 | -H-- | C] () – C:\Documents and Settings\klaudia1\Pulpit\Business-Biznes-2007-[miner].rmvb.ini
[2009-12-01 17:49:15 | 00,000,338 | ---- | C] () – C:\Documents and Settings\klaudia1\Dane aplikacji\settings.dat
[2009-12-01 16:52:43 | 00,002,272 | ---- | C] () – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2009-10-21 15:51:05 | 00,000,080 | ---- | C] () – C:\WINDOWS\ben5.ini
[2009-08-11 23:44:46 | 00,000,038 | ---- | C] () – C:\WINDOWS\avisplitter.INI
[2009-07-23 12:41:56 | 00,000,074 | ---- | C] () – C:\WINDOWS\ben6.ini
[2009-07-17 11:23:38 | 00,000,000 | ---- | C] () – C:\WINDOWS\SETUP32.INI
[2009-06-18 16:12:17 | 00,009,712 | ---- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2009-06-16 16:31:56 | 00,009,728 | ---- | C] () – C:\WINDOWS\System32\BASSMOD.dll
[2009-06-14 17:31:25 | 00,000,069 | ---- | C] () – C:\WINDOWS\NeroDigital.ini
[2009-06-11 19:57:26 | 00,040,960 | ---- | C] () – C:\Documents and Settings\klaudia1\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-06-11 19:43:38 | 00,001,409 | ---- | C] () – C:\WINDOWS\System32\settings.dll
[2009-06-11 09:59:01 | 00,164,352 | ---- | C] () – C:\WINDOWS\System32\unrar.dll
[2009-06-11 09:58:58 | 01,559,040 | ---- | C] () – C:\WINDOWS\System32\xvidcore.dll
[2009-06-11 09:58:58 | 00,282,624 | ---- | C] () – C:\WINDOWS\System32\xvidvfw.dll
[2009-06-11 09:58:57 | 03,596,288 | ---- | C] () – C:\WINDOWS\System32\qt-dx331.dll
[2009-06-11 09:58:55 | 00,007,680 | ---- | C] () – C:\WINDOWS\System32\ff_vfw.dll
[2009-06-11 09:58:55 | 00,000,547 | ---- | C] () – C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-06-11 09:13:06 | 00,143,360 | R— | C] () – C:\WINDOWS\System32\RtlCPAPI.dll
[2009-06-10 22:28:36 | 00,000,168 | ---- | C] () – C:\WINDOWS\adidsl.ini
[2009-06-10 22:28:36 | 00,000,021 | ---- | C] () – C:\WINDOWS\Fast800.ini
[2009-06-10 22:28:32 | 00,126,976 | ---- | C] () – C:\WINDOWS\System32\coclassfast.dll
[2009-06-10 22:28:32 | 00,046,892 | ---- | C] () – C:\WINDOWS\System32\ADADIX16.DLL
[2009-06-10 22:27:39 | 00,041,068 | ---- | C] () – C:\WINDOWS\System32\ActPanel.dll
[2009-06-10 22:18:05 | 00,004,578 | ---- | C] () – C:\WINDOWS\Ascd_tmp.ini
[2009-06-10 22:18:04 | 00,010,288 | ---- | C] () – C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2006-10-31 07:35:00 | 01,662,976 | ---- | C] () – C:\WINDOWS\System32\nvwdmcpl.dll
[2006-10-31 07:35:00 | 01,470,464 | ---- | C] () – C:\WINDOWS\System32\nview.dll
[2006-10-31 07:35:00 | 01,019,904 | ---- | C] () – C:\WINDOWS\System32\nvwimg.dll
[2006-10-31 07:35:00 | 00,581,632 | ---- | C] () – C:\WINDOWS\System32\nvhwvid.dll
[2006-10-31 07:35:00 | 00,466,944 | ---- | C] () – C:\WINDOWS\System32\nvshell.dll
[2006-10-31 07:35:00 | 00,286,720 | ---- | C] () – C:\WINDOWS\System32\nvnt4cpl.dll
[2006-10-31 07:35:00 | 00,196,608 | ---- | C] () – C:\WINDOWS\System32\nvapi.dll
[2004-09-01 09:42:18 | 00,138,396 | ---- | C] () – C:\WINDOWS\System32\drivers\Pfc027.sys
[2004-09-01 09:42:16 | 00,011,170 | ---- | C] () – C:\WINDOWS\System32\PA207USD.DLL
[2001-07-22 03:41:32 | 00,027,440 | ---- | C] () – C:\WINDOWS\System32\drivers\secdrv.sys
[2001-07-07 02:00:02 | 00,003,234 | ---- | C] () – C:\WINDOWS\System32\HPTCPMON.INI
========== Custom Scans ==========
< %systemdrive%*.* >
[2009-06-10 22:20:13 | 00,001,024 | ---- | M] () – C:.rnd
[2009-06-10 22:09:44 | 00,000,000 | ---- | M] () – C:\AUTOEXEC.BAT
[2009-10-28 15:26:13 | 00,000,235 | RHS- | M] () – C:\boot.ini
[2001-07-21 23:13:54 | 00,004,952 | RHS- | M] () – C:\Bootfont.bin
[2009-06-10 22:09:44 | 00,000,000 | ---- | M] () – C:\CONFIG.SYS
[2009-12-27 10:22:18 | 46,902,8864 | -HS- | M] () – C:\hiberfil.sys
[2009-06-10 22:09:44 | 00,000,000 | RHS- | M] () – C:\IO.SYS
[2009-06-10 22:09:44 | 00,000,000 | RHS- | M] () – C:\MSDOS.SYS
[2009-06-11 08:53:54 | 00,047,564 | RHS- | M] () – C:\NTDETECT.COM
[2009-06-11 08:53:54 | 00,250,624 | RHS- | M] () – C:\ntldr
[2009-12-27 10:22:15 | 80,530,6368 | -HS- | M] () – C:\pagefile.sys
[2009-09-14 16:05:18 | 00,304,182 | ---- | M] () – C:\StiImg.dat
< End of report >