Logi - błąd stery bądź flash player

OTL logfile created on: 2012-08-21 12:24:46 - Run 1
OTL by OldTimer - Version 3.2.58.1	 Folder = E:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,50 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 73,06% Memory free
5,34 Gb Paging File | 4,60 Gb Available in Paging File | 86,25% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 7,86 Gb Free Space | 32,18% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 96,36 Gb Free Space | 65,78% Space Free | Partition Type: NTFS
Drive E: | 146,48 Gb Total Space | 135,57 Gb Free Space | 92,55% Space Free | Partition Type: NTFS
Drive F: | 148,37 Gb Total Space | 92,88 Gb Free Space | 62,60% Space Free | Partition Type: NTFS
Drive H: | 6,55 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PAWE-39F3FEC025 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-08-21 12:23:08 | 000,596,480 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2012-07-18 21:36:35 | 000,913,888 | ---- | M] (Mozilla Corporation) -- E:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-05-29 15:50:04 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2012-05-15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-05-14 11:28:22 | 006,149,120 | ---- | M] (FreeDownloadManager.ORG) -- E:\Program Files\Free Download Manager\fdm.exe
PRC - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012-02-26 16:01:44 | 000,295,728 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2008-04-14 18:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) -- E:\Nero 7\InCD\InCDsrv.exe
PRC - [2006-10-13 17:04:02 | 000,707,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2006-10-13 17:01:06 | 000,207,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2006-01-30 18:00:00 | 000,098,304 | R--- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-07-24 10:46:10 | 000,321,536 | ---- | M] () -- c:\Program Files\SProtector\sprotector.dll
MOD - [2012-07-18 21:36:35 | 002,003,424 | ---- | M] () -- E:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-07-12 20:21:38 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
MOD - [2012-05-15 12:18:00 | 001,570,624 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nView.dll
MOD - [2012-05-15 12:18:00 | 000,357,184 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nvShell.dll
MOD - [2012-05-14 11:29:58 | 003,538,944 | ---- | M] () -- E:\Program Files\Free Download Manager\fdmbtsupp.dll
MOD - [2012-05-14 11:25:36 | 000,083,968 | ---- | M] () -- E:\Program Files\Free Download Manager\fdmumsp.dll
MOD - [2012-05-14 11:24:12 | 000,173,056 | ---- | M] () -- E:\Program Files\Free Download Manager\Firefox\extension\components\vmsfdmff.dll
MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-07-18 21:36:35 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-06-19 16:26:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012-05-15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) [Auto | Running] -- E:\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2007-04-13 21:09:56 | 000,792,112 | ---- | M] (Nero AG) [On_Demand | Stopped] -- E:\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2006-10-13 17:01:06 | 000,207,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (zpcrzw)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (zirlwy)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (wfimgv)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (trvulq)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (tcgzov)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (snvstx)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (psmtdu)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (poagaq)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (mhkokt)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (meybip)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (jtewpo)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (jfpjss)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (grkjfn)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (fvnwhs)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (czwxrx)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (cktqpz)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (chidmv)
DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012-05-31 00:19:37 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-05-30 20:18:33 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2012-05-30 20:18:32 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2012-05-30 20:18:32 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2009-05-08 08:52:28 | 001,358,720 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008-04-13 20:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (usb_rndis)
DRV - [2008-02-14 11:42:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007-05-15 15:55:36 | 000,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007-05-15 15:55:36 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007-05-15 15:55:36 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007-05-15 15:55:36 | 000,016,304 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2007-04-16 14:16:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006-10-13 17:04:28 | 001,966,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://search.gboxapp.com/?affid=gb2"]Gadgetbox Search[/url]
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"]http://search.live.c...ferrer:source?}[/url]
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = [url="http://search.gboxapp.com/?affid=gb2&q={searchTerms}"]Gadgetbox Search[/url]
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = [url="http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={4D1E8881-E324-11E1-968F-0026ED9C602A}"]http://search.sweeti...F-0026ED9C602A}[/url]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://search.gboxapp.com/?affid=gb2"]Gadgetbox Search[/url]
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {17C45DEA-D545-4231-967D-29852435A7BB}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC"]http://search.live.c...Box&Form=IE8SRC[/url]
IE - HKCU\..\SearchScopes\{17C45DEA-D545-4231-967D-29852435A7BB}: "URL" = [url="http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}"]{searchTerms} - Yahoo! Search Results[/url]
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = [url="http://search.gboxapp.com/?affid=gb2&q={searchTerms}"]Gadgetbox Search[/url]
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = [url="http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={4D1E8881-E324-11E1-968F-0026ED9C602A}"]http://search.sweeti...F-0026ED9C602A}[/url]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "GadgetBox"
FF - prefs.js..browser.search.defaultenginename,S: S", "GadgetBox"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: "[url="http://search.gboxapp.com/?affid=gb2&q="]http://search.gboxap.../?affid=gb2&q="[/url]
FF - prefs.js..browser.search.order.1: "GadgetBox"
FF - prefs.js..browser.search.order.1,S: S", "GadgetBox"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngine,S: S", "GadgetBox"
FF - prefs.js..browser.startup.homepage: "[url="http://search.gboxapp.com/?affid=gb2"]http://search.gboxap...com/?affid=gb2"[/url]
FF - prefs.js..keyword.URL: "[url="http://search.gboxapp.com/?affid=gb2&q="]http://search.gboxap.../?affid=gb2&q="[/url]
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "82.17.181.100"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "82.17.181.100"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "82.17.181.100"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "82.17.181.100"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2012-07-18 21:36:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2012-06-07 15:50:50 | 000,000,000 | ---D | M]

[2012-05-30 22:38:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions
[2012-08-20 17:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\extensions
[2012-08-20 17:03:21 | 000,000,000 | ---D | M] (wxDfast) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\extensions\5032515f00067@5032515f000a0.info
[2012-08-19 14:03:00 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\extensions\plugin@videofiledownload.com
[2012-08-20 17:02:51 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\searchplugins\GadgetBox.xml
[2012-08-10 21:48:17 | 000,003,998 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\searchplugins\sweetim.xml
[2012-08-11 15:15:56 | 000,340,132 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\D3H39800.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2012-06-01 21:11:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012-08-13 13:11:28 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- E:\PROGRAM FILES\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION

O1 HOSTS File: ([2001-10-26 13:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (wxDfast Class) - {A5A7F150-0D6F-F74C-7336-C649409F28E5} - C:\Documents and Settings\All Users\Dane aplikacji\WxDFast\bhoclass.dll ()
O2 - BHO: (VideoFileDownload) - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - C:\Program Files\OpenApp\bho_project.dll (VideoFileDownload)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - E:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] E:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Pobierz plik wideo w FDM - E:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Pobierz w FDM - E:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Pobierz wszystkie pliki w FDM - E:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Pobierz zaznaczone pliki w FDM - E:\Program Files\Free Download Manager\dlselected.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9907540-FD68-4CF4-84D2-B4CEDBC2889A}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (c:\progra~1\sprote~1\sprote~1.dll) - c:\Program Files\SProtector\sprotector.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - about:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-05-30 19:16:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012-05-06 17:23:13 | 000,000,070 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{693c38c2-aa9c-11e1-9562-0026ed9c602a}\Shell - "" = AutoRun
O33 - MountPoints2\{693c38c2-aa9c-11e1-9562-0026ed9c602a}\Shell\AutoRun\command - "" = H:\LANLauncher.exe
O33 - MountPoints2\{a5271361-aaf0-11e1-9565-0026ed9c602a}\Shell - "" = AutoRun
O33 - MountPoints2\{a5271361-aaf0-11e1-9565-0026ed9c602a}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2012-05-06 17:23:13 | 000,582,014 | R--- | M] (EA Sports												 )
O33 - MountPoints2\{b653bc49-aaa4-11e1-9564-0026ed9c602a}\Shell - "" = AutoRun
O33 - MountPoints2\{b653bc49-aaa4-11e1-9564-0026ed9c602a}\Shell\AutoRun\command - "" = H:\LANLauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-08-21 12:00:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012-08-21 11:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2012-08-21 11:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-08-21 11:57:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2012-08-21 11:57:40 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012-08-21 11:57:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-08-20 23:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Everest Poker
[2012-08-20 23:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Everest Poker
[2012-08-20 17:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\SEGA
[2012-08-20 17:02:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GBox
[2012-08-20 17:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\Przyspiesz Komputer
[2012-08-20 17:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\wxDfast
[2012-08-20 17:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\WxDFast
[2012-08-19 14:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\MyTorrents
[2012-08-19 14:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\OpenApp
[2012-08-19 14:02:41 | 000,000,000 | ---D | C] -- C:\Program Files\smartdl
[2012-08-15 00:07:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\FIFA 12
[2012-08-15 00:04:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA Sports
[2012-08-14 12:02:01 | 000,000,000 | ---D | C] -- C:\Downloads
[2012-08-13 13:11:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
[2012-08-13 13:11:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Download Manager
[2012-08-11 15:31:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-08-11 15:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2012-08-11 10:46:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2012-08-10 21:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2012-08-10 21:48:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Tarma Installer
[2012-08-10 21:48:05 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2012-08-10 21:48:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SweetIM
[2012-08-10 21:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickDownload
[2012-08-01 11:17:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Comodo
[2012-08-01 10:54:13 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012-08-01 10:35:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\036E1BA62B17D979F207C2D481CB3EF3
[2012-07-31 22:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Deluxe Ski Jump 4
[2012-07-30 15:24:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Premium
[2012-07-30 15:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\SProtector
[2012-07-30 15:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GboxUpdater
[2012-07-30 15:24:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallMate
[2012-07-30 13:10:02 | 000,000,000 | ---D | C] -- C:\Casino
[2012-07-25 09:27:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Macromedia
[2012-07-25 08:38:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Adobe
[2012-07-25 01:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes
[2012-07-25 01:07:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2012-07-24 18:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012-07-24 18:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\uTorrent
[2012-07-24 18:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2012-07-24 09:40:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\muza do auta
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-08-21 12:07:13 | 000,000,504 | -H-- | M] () -- C:\WINDOWS\tasks\WxDFastUpdaterTask{B11F0110-8455-47D8-A243-098486F5FEE7}.job
[2012-08-21 12:07:13 | 000,000,486 | -H-- | M] () -- C:\WINDOWS\tasks\GBoxUpdaterTask{3A677F7A-2D1C-4A62-9F55-9B4F73DE0875}.job
[2012-08-21 12:07:13 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1960408961-1645522239-682003330-500.job
[2012-08-21 12:07:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-08-20 23:29:09 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Everest Poker.lnk
[2012-08-19 20:18:44 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-18 10:01:05 | 000,087,182 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\49030910.pdf
[2012-08-17 23:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-08-16 15:29:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1960408961-1645522239-682003330-500.job
[2012-08-16 10:13:42 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-08-15 00:04:34 | 000,000,868 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\UEFA EURO 2012.lnk
[2012-08-13 13:11:29 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Free Download Manager.lnk
[2012-08-05 18:39:00 | 000,000,540 | ---- | M] () -- C:\settings.ini
[2012-08-01 12:51:37 | 000,555,448 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-08-01 12:51:37 | 000,493,190 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-08-01 12:51:37 | 000,104,478 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-08-01 12:51:37 | 000,083,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-07-30 15:34:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-07-27 20:36:53 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk
[2012-07-25 01:00:08 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-08-21 12:12:40 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\{17b8d128-a618-54e2-20f5-3a7affd0a20a}\U\800000cb.@
[2012-08-21 12:08:29 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\{17b8d128-a618-54e2-20f5-3a7affd0a20a}\U\80000000.@
[2012-08-21 12:08:29 | 000,001,712 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\{17b8d128-a618-54e2-20f5-3a7affd0a20a}\U\00000001.@
[2012-08-20 23:29:09 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Everest Poker.lnk
[2012-08-20 20:10:13 | 004,364,728 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1960408961-1645522239-682003330-500-0.dat
[2012-08-20 20:10:13 | 000,279,006 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2012-08-20 17:02:54 | 000,000,486 | -H-- | C] () -- C:\WINDOWS\tasks\GBoxUpdaterTask{3A677F7A-2D1C-4A62-9F55-9B4F73DE0875}.job
[2012-08-20 17:02:21 | 000,000,504 | -H-- | C] () -- C:\WINDOWS\tasks\WxDFastUpdaterTask{B11F0110-8455-47D8-A243-098486F5FEE7}.job
[2012-08-18 10:01:04 | 000,087,182 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\49030910.pdf
[2012-08-15 00:04:34 | 000,000,868 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\UEFA EURO 2012.lnk
[2012-08-13 13:11:29 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Free Download Manager.lnk
[2012-08-05 18:39:00 | 000,000,540 | ---- | C] () -- C:\settings.ini
[2012-07-25 00:42:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\Installer\{17b8d128-a618-54e2-20f5-3a7affd0a20a}\U\80000000.@
[2012-07-25 00:42:49 | 000,001,712 | ---- | C] () -- C:\WINDOWS\Installer\{17b8d128-a618-54e2-20f5-3a7affd0a20a}\U\00000001.@
[2012-07-24 18:48:14 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk
[2012-07-18 23:23:07 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2012-07-05 13:34:08 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012-06-04 18:25:21 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-06-01 17:15:22 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-05-31 00:03:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-05-30 23:36:37 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1018.dll
[2012-05-30 23:36:36 | 000,442,368 | R--- | C] () -- C:\WINDOWS\System32\zshp1018.exe
[2012-05-30 23:16:02 | 000,000,038 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2012-05-30 21:07:58 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-05-30 21:06:46 | 001,502,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-05-30 20:23:35 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012-05-30 20:23:35 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012-05-30 20:23:35 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012-05-30 20:23:29 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012-05-30 20:19:10 | 000,003,948 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012-05-30 19:19:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-05-30 19:14:16 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008-04-14 18:49:16 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{17b8d128-a618-54e2-20f5-3a7affd0a20a}\@
[2008-04-14 18:49:16 | 000,002,048 | -HS- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\{17b8d128-a618-54e2-20f5-3a7affd0a20a}\@
< End of report >

OTL Extras logfile created on: 2012-08-21 12:24:46 - Run 1
OTL by OldTimer - Version 3.2.58.1	 Folder = E:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,50 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 73,06% Memory free
5,34 Gb Paging File | 4,60 Gb Available in Paging File | 86,25% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 7,86 Gb Free Space | 32,18% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 96,36 Gb Free Space | 65,78% Space Free | Partition Type: NTFS
Drive E: | 146,48 Gb Total Space | 135,57 Gb Free Space | 92,55% Space Free | Partition Type: NTFS
Drive F: | 148,37 Gb Total Space | 92,88 Gb Free Space | 62,60% Space Free | Partition Type: NTFS
Drive H: | 6,55 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PAWE-39F3FEC025 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "E:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "E:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "E:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "E:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.4
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java™ 7 Update 4
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F4182DA-3D58-41E3-913D-480F8DA5C863}" = Fritz 12
"{4F4C5E11-0612-48D2-8055-987992AAC432}" = wxDfast
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{69589221-D76E-4C88-8388-A7943C851045}" = Nero 7 Essentials
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C44DEFF-8638-49A4-B748-CA59B43F3265}" = Fritz 12
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{774C0434-9948-4DEE-A14E-69CDD316E36C}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78EFD06D-7583-42F1-9E77-671D8782EB70}" = Adobe Photoshop CS3
"{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFC7570-DD90-486E-A239-E31D455BDE93}" = Microsoft LifeCam
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CBF4DADD-974D-49C8-BC83-C6F31554001E}" = Adobe Setup
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E737A098-F161-4B6F-AF22-86AAE34F6FBD}" = Pro Evolution Soccer 2012
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_678cd98c8365a5647f9a2e539d120a8" = Adobe Photoshop CS3
"AQQ" = WapSter AQQ
"Audacity_is1" = Audacity 2.0
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Everest Poker" = Everest Poker (Remove Only)
"Free Download Manager_is1" = Free Download Manager 3.9
"HP OrderReminder" = HP OrderReminder
"HP-LaserJet 1018" = LaserJet 1018
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń
"KLiteCodecPack_is1" = <a href="http://www.download.net.pl/105/K-Lite-Codec-Pack/">K-Lite Codec Pack</a> 8.8.0 (Full)
"LiveVDO plugin" = LiveVDO plugin 1.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.62.0.1300
"Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"SProtector" = SProtector 1.62
"UEFA EURO 2012_is1" = UEFA EURO 2012
"uTorrent" = µTorrent
"vfd-ob" = VideoFileDownload
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.01 (32-bitowy)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZTE Remote NDIS_is1" = ZTE Remote NDIS Device

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-07-06 14:21:17 | Computer Name = PAWE-39F3FEC025 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd FlashPlayerUpdateService.exe, wersja 11.3.300.262,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000113f7.

Error - 2012-07-07 10:21:16 | Computer Name = PAWE-39F3FEC025 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd FlashPlayerUpdateService.exe, wersja 11.3.300.262,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000113f7.

Error - 2012-07-10 14:07:53 | Computer Name = PAWE-39F3FEC025 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd pes2012.exe, wersja 1.6.0.0, moduł powodujący
błąd afsio.dll, wersja 12.2.3.0, adres błędu 0x00010656.

Error - 2012-07-11 12:21:02 | Computer Name = PAWE-39F3FEC025 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd FlashPlayerUpdateService.exe, wersja 11.3.300.262,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000113f7.

Error - 2012-07-12 12:21:01 | Computer Name = PAWE-39F3FEC025 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd FlashPlayerUpdateService.exe, wersja 11.3.300.262,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000113f7.

Error - 2012-07-16 03:21:02 | Computer Name = PAWE-39F3FEC025 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd FlashPlayerUpdateService.exe, wersja 11.3.300.265,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000113f7.

Error - 2012-07-17 03:21:16 | Computer Name = PAWE-39F3FEC025 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd FlashPlayerUpdateService.exe, wersja 11.3.300.265,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000113f7.

Error - 2012-07-20 00:21:16 | Computer Name = PAWE-39F3FEC025 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd FlashPlayerUpdateService.exe, wersja 11.3.300.265,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000113f7.

Error - 2012-07-20 06:21:16 | Computer Name = PAWE-39F3FEC025 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd FlashPlayerUpdateService.exe, wersja 11.3.300.265,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000113f7.

Error - 2012-07-20 10:21:17 | Computer Name = PAWE-39F3FEC025 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd FlashPlayerUpdateService.exe, wersja 11.3.300.265,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x000113f7.

[ System Events ]
Error - 2012-08-20 06:37:47 | Computer Name = PAWE-39F3FEC025 | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.2 dla karty sieciowej o adresie 0026ED9C602A
został zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).

Error - 2012-08-20 06:39:34 | Computer Name = PAWE-39F3FEC025 | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą gzvhdrepb.

Error - 2012-08-20 06:39:34 | Computer Name = PAWE-39F3FEC025 | Source = Service Control Manager | ID = 7023
Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący
błąd: %%1060

Error - 2012-08-20 14:22:39 | Computer Name = PAWE-39F3FEC025 | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą gzvhdrepb.

Error - 2012-08-20 14:22:39 | Computer Name = PAWE-39F3FEC025 | Source = Service Control Manager | ID = 7023
Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący
błąd: %%1060

Error - 2012-08-21 02:55:58 | Computer Name = PAWE-39F3FEC025 | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą gzvhdrepb.

Error - 2012-08-21 02:55:58 | Computer Name = PAWE-39F3FEC025 | Source = Service Control Manager | ID = 7023
Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący
błąd: %%1060

Error - 2012-08-21 05:54:31 | Computer Name = PAWE-39F3FEC025 | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą gzvhdrepb.

Error - 2012-08-21 05:54:31 | Computer Name = PAWE-39F3FEC025 | Source = Service Control Manager | ID = 7023
Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący
błąd: %%1060

Error - 2012-08-21 06:08:55 | Computer Name = PAWE-39F3FEC025 | Source = Service Control Manager | ID = 7023
Description = Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący
błąd: %%1060


< End of report >

:reg
HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s

:filefind
services.exe

:folderfind
{17b8d128-a618-54e2-20f5-3a7affd0a20a}

:regfind
{17b8d128-a618-54e2-20f5-3a7affd0a20a}

SystemLook 30.07.11 by jpshortstuff
Log created at 09:37 on 22/08/2012 by Administrator
Administrator - Elevation successful

========== reg ==========
[HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}]
(No values found)

[HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32]
"ThreadingModel"="Both"
@="c:\windows\system32\shell32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}]
@="Microsoft WBEM New Event Subsystem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32]
@="wbemess.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}]
@="MruPidlList"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
@="%SystemRoot%\system32\shdocvw.dll"
"ThreadingModel"="Apartment"

========== filefind ==========

Searching for "services.exe"
C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe --a---- 111104 bytes [22:12 30/05/2012] [11:19 09/02/2009] 8816E60BF654353E8E0D35ED98875445
C:\WINDOWS\$NtUninstallKB956572$\services.exe -----c- 109056 bytes [22:23 30/05/2012] [16:51 14/04/2008] 3E3AE424E27C4CEFE4CAB368C7B570EA
C:\WINDOWS\system32\services.exe --a---- 111104 bytes [16:51 14/04/2008] [11:25 09/02/2009] 02A467E27AF55F7064C5B251E587315F
C:\WINDOWS\system32\dllcache\services.exe -----c- 111104 bytes [16:51 14/04/2008] [11:25 09/02/2009] 02A467E27AF55F7064C5B251E587315F
========== folderfind ==========

Searching for "{17b8d128-a618-54e2-20f5-3a7affd0a20a}"
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\{17b8d128-a618-54e2-20f5-3a7affd0a20a} d--hs-- [16:49 14/04/2008]
C:\WINDOWS\Installer\{17b8d128-a618-54e2-20f5-3a7affd0a20a} d--hs-- [16:49 14/04/2008]
========== regfind ==========

Searching for "{17b8d128-a618-54e2-20f5-3a7affd0a20a}"
No data found.

-= EOF =-

# AdwCleaner v1.801 - Logfile created 08/22/2012 at 09:39:51
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Dodatek Service Pack 3 (32 bits)
# User : Administrator - PAWE-39F3FEC025
# Boot Mode : Normal
# Running from : E:\adwcleaner14.08.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****
Folder Deleted : C:\Documents and Settings\All Users\Dane aplikacji\GboxUpdater
Folder Deleted : C:\Documents and Settings\All Users\Dane aplikacji\InstallMate
Folder Deleted : C:\Documents and Settings\All Users\Dane aplikacji\SweetIM
Folder Deleted : C:\Documents and Settings\All Users\Dane aplikacji\Tarma Installer
Folder Deleted : C:\Documents and Settings\All Users\Dane aplikacji\wxDfast
Folder Deleted : C:\Documents and Settings\All Users\Menu Start\Programy\wxDfast
Folder Deleted : C:\Program Files\StartSearch plugin
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\WINDOWS\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Folder Deleted : C:\Documents and Settings\All Users\Dane aplikacji\Premium
***** [Registry] *****
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Google\chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F4C5E11-0612-48D2-8055-987992AAC432}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LiveVDO plugin
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
***** [Registre - GUID] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.gboxapp.com/?affid=gb2 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.gboxapp.com/?affid=gb2 --> hxxp://www.google.com
*************************
AdwCleaner[S1].txt - [296 octets] - [22/08/2012 09:39:14]
AdwCleaner[S2].txt - [8079 octets] - [22/08/2012 09:39:51]
########## EOF - C:\AdwCleaner[S2].txt - [8207 octets] ##########

Farbar Service Scanner Version: 06-08-2012
Ran by Administrator (administrator) on 22-08-2012 at 09:44:32
Running from "E:\"
Microsoft Windows XP Professional Dodatek Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open sharedaccess registry key. The service key does not exist.

Firewall Disabled Policy:
==================

System Restore:
============
System Restore Disabled Policy:
========================

Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.

Windows Autoupdate Disabled Policy:
============================

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2008-04-14 18:50] - [2008-04-14 18:50] - 0126464 ____A (Microsoft Corporation) 6B4AFE7C676CFF3EFF2DC06A4EE945F7
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll
[2008-04-14 18:50] - [2009-04-20 19:09] - 0045568 ____A (Microsoft Corporation) 4CE42967710BEB87AE805D9DA7A87499
C:\WINDOWS\system32\ipnathlp.dll
[2009-01-30 16:28] - [2009-01-30 16:28] - 0330752 ____A (Microsoft Corporation) 415E4EBF192A9D68C28DE0541BE48307
C:\WINDOWS\system32\netman.dll
[2008-04-14 18:50] - [2008-04-14 18:50] - 0198144 ____A (Microsoft Corporation) 4FE97D0B1B182DF2A9BDD4C02155EF5E
C:\WINDOWS\system32\wbem\WMIsvc.dll
[2012-05-30 19:13] - [2008-04-14 18:51] - 0145408 ____A (Microsoft Corporation) 70C22297534A88B0AD0568900AB5A6D9
C:\WINDOWS\system32\srsvc.dll
[2012-05-30 19:14] - [2008-04-14 18:50] - 0171520 ____A (Microsoft Corporation) 316D0E66074AE4CDE641C50D3A1C5148
C:\WINDOWS\system32\Drivers\sr.sys
[2012-05-30 19:14] - [2008-04-14 18:04] - 0073472 ____A (Microsoft Corporation) EB032822BE406EF220D546DDFFCF0002
C:\WINDOWS\system32\wscsvc.dll
[2008-04-14 18:51] - [2008-04-14 18:51] - 0080896 ____A (Microsoft Corporation) B6669F49D42E09BC0F9889FAA0F3336D
C:\WINDOWS\system32\wbem\WMIsvc.dll
[2012-05-30 19:13] - [2008-04-14 18:51] - 0145408 ____A (Microsoft Corporation) 70C22297534A88B0AD0568900AB5A6D9
C:\WINDOWS\system32\wuauserv.dll
[2012-05-30 19:15] - [2008-04-14 18:51] - 0006656 ____A (Microsoft Corporation) 04550D5EB7EE82C115DB547C01DF09FD
C:\WINDOWS\system32\qmgr.dll
[2012-05-30 19:15] - [2008-04-14 18:50] - 0409088 ____A (Microsoft Corporation) 78200FAA6FD9C69394134C238C87FB7F
C:\WINDOWS\system32\es.dll
[2009-01-30 16:27] - [2009-01-30 16:27] - 0253952 ____A (Microsoft Corporation) 5BB3E442E43C7BB0F38203F23C920D3C
C:\WINDOWS\system32\cryptsvc.dll
[2008-04-14 18:50] - [2008-04-14 18:50] - 0062464 ____A (Microsoft Corporation) 6B105FE95F2E9F0B6346044BA59D41C9
C:\WINDOWS\system32\svchost.exe
[2008-04-14 18:51] - [2008-04-14 18:51] - 0014336 ____A (Microsoft Corporation) 8607D35D92528E2DF386F19A960D23CE
C:\WINDOWS\system32\rpcss.dll
[2008-04-14 18:50] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) A37311D9D628C1042A2836731787F0F3
C:\WINDOWS\system32\services.exe
[2008-04-14 18:51] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02A467E27AF55F7064C5B251E587315F

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0700000004000000010000000200000003000000050000000600000007000000
IpSec Tag value is correct.
**** End of log ****

OTL logfile created on: 2012-08-22 09:47:04 - Run 2
OTL by OldTimer - Version 3.2.58.1	 Folder = E:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,50 Gb Total Physical Memory | 2,84 Gb Available Physical Memory | 81,24% Memory free
5,34 Gb Paging File | 4,88 Gb Available in Paging File | 91,41% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 8,63 Gb Free Space | 35,34% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 96,40 Gb Free Space | 65,81% Space Free | Partition Type: NTFS
Drive E: | 146,48 Gb Total Space | 135,61 Gb Free Space | 92,58% Space Free | Partition Type: NTFS
Drive F: | 148,37 Gb Total Space | 92,88 Gb Free Space | 62,60% Space Free | Partition Type: NTFS
Drive H: | 6,55 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PAWE-39F3FEC025 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-08-21 12:23:08 | 000,596,480 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2012-07-18 21:36:35 | 000,913,888 | ---- | M] (Mozilla Corporation) -- E:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-05-15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2008-04-14 18:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) -- E:\Nero 7\InCD\InCDsrv.exe
PRC - [2006-10-13 17:04:02 | 000,707,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2006-10-13 17:01:06 | 000,207,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2006-01-30 18:00:00 | 000,098,304 | R--- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-07-24 10:46:10 | 000,321,536 | ---- | M] () -- c:\Program Files\SProtector\sprotector.dll
MOD - [2012-07-18 21:36:35 | 002,003,424 | ---- | M] () -- E:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-07-12 20:21:38 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
MOD - [2012-05-15 12:18:00 | 001,570,624 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nView.dll
MOD - [2012-05-15 12:18:00 | 000,357,184 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nvShell.dll
MOD - [2012-05-14 11:25:36 | 000,083,968 | ---- | M] () -- E:\Program Files\Free Download Manager\fdmumsp.dll
MOD - [2012-05-14 11:24:12 | 000,173,056 | ---- | M] () -- E:\Program Files\Free Download Manager\Firefox\extension\components\vmsfdmff.dll
MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-07-18 21:36:35 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-06-19 16:26:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012-05-15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) [Auto | Running] -- E:\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2007-04-13 21:09:56 | 000,792,112 | ---- | M] (Nero AG) [On_Demand | Stopped] -- E:\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2006-10-13 17:01:06 | 000,207,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (zpcrzw)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (zirlwy)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (wfimgv)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (trvulq)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (tcgzov)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (snvstx)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (psmtdu)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (poagaq)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (mhkokt)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (meybip)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (jtewpo)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (jfpjss)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (grkjfn)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (fvnwhs)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (czwxrx)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (cktqpz)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (chidmv)
DRV - [2012-05-31 00:19:37 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-05-30 20:18:33 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2012-05-30 20:18:32 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2012-05-30 20:18:32 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2009-05-08 08:52:28 | 001,358,720 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008-04-13 20:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (usb_rndis)
DRV - [2008-02-14 11:42:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007-05-15 15:55:36 | 000,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007-05-15 15:55:36 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007-05-15 15:55:36 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007-05-15 15:55:36 | 000,016,304 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2007-04-16 14:16:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006-10-13 17:04:28 | 001,966,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {17C45DEA-D545-4231-967D-29852435A7BB}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{17C45DEA-D545-4231-967D-29852435A7BB}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "GadgetBox"
FF - prefs.js..browser.search.defaultenginename,S: S", "GadgetBox"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: "http://search.gboxapp.com/?affid=gb2&q="
FF - prefs.js..browser.search.order.1: "GadgetBox"
FF - prefs.js..browser.search.order.1,S: S", "GadgetBox"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngine,S: S", "GadgetBox"
FF - prefs.js..browser.startup.homepage: "http://search.gboxapp.com/?affid=gb2"
FF - prefs.js..keyword.URL: "http://search.gboxapp.com/?affid=gb2&q="
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "82.17.181.100"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "82.17.181.100"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "82.17.181.100"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "82.17.181.100"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2012-07-18 21:36:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2012-06-07 15:50:50 | 000,000,000 | ---D | M]

[2012-05-30 22:38:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions
[2012-08-20 17:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\extensions
[2012-08-20 17:03:21 | 000,000,000 | ---D | M] (wxDfast) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\extensions\5032515f00067@5032515f000a0.info
[2012-08-19 14:03:00 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\extensions\plugin@videofiledownload.com
[2012-08-20 17:02:51 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\searchplugins\GadgetBox.xml
[2012-08-10 21:48:17 | 000,003,998 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\searchplugins\sweetim.xml
[2012-08-11 15:15:56 | 000,340,132 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\D3H39800.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2012-06-01 21:11:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012-08-13 13:11:28 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- E:\PROGRAM FILES\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION

O1 HOSTS File: ([2001-10-26 13:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (wxDfast Class) - {A5A7F150-0D6F-F74C-7336-C649409F28E5} - C:\Documents and Settings\All Users\Dane aplikacji\wxDfast\bhoclass.dll File not found
O2 - BHO: (VideoFileDownload) - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - C:\Program Files\OpenApp\bho_project.dll (VideoFileDownload)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - E:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] E:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Pobierz plik wideo w FDM - E:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Pobierz w FDM - E:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Pobierz wszystkie pliki w FDM - E:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Pobierz zaznaczone pliki w FDM - E:\Program Files\Free Download Manager\dlselected.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9907540-FD68-4CF4-84D2-B4CEDBC2889A}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (c:\progra~1\sprote~1\sprote~1.dll) - c:\Program Files\SProtector\sprotector.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - about:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-05-30 19:16:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012-05-06 17:23:13 | 000,000,070 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{693c38c2-aa9c-11e1-9562-0026ed9c602a}\Shell - "" = AutoRun
O33 - MountPoints2\{693c38c2-aa9c-11e1-9562-0026ed9c602a}\Shell\AutoRun\command - "" = H:\LANLauncher.exe
O33 - MountPoints2\{a5271361-aaf0-11e1-9565-0026ed9c602a}\Shell - "" = AutoRun
O33 - MountPoints2\{a5271361-aaf0-11e1-9565-0026ed9c602a}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2012-05-06 17:23:13 | 000,582,014 | R--- | M] (EA Sports												 )
O33 - MountPoints2\{b653bc49-aaa4-11e1-9564-0026ed9c602a}\Shell - "" = AutoRun
O33 - MountPoints2\{b653bc49-aaa4-11e1-9564-0026ed9c602a}\Shell\AutoRun\command - "" = H:\LANLauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-08-22 09:32:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\RK_Quarantine
[2012-08-21 12:00:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012-08-21 11:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2012-08-21 11:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-08-20 23:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Everest Poker
[2012-08-20 23:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Everest Poker
[2012-08-20 17:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\SEGA
[2012-08-20 17:02:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GBox
[2012-08-20 17:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\Przyspiesz Komputer
[2012-08-19 14:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\MyTorrents
[2012-08-19 14:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\OpenApp
[2012-08-19 14:02:41 | 000,000,000 | ---D | C] -- C:\Program Files\smartdl
[2012-08-15 00:07:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\FIFA 12
[2012-08-15 00:04:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA Sports
[2012-08-14 12:02:01 | 000,000,000 | ---D | C] -- C:\Downloads
[2012-08-13 13:11:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
[2012-08-13 13:11:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Download Manager
[2012-08-11 15:31:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-08-11 15:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2012-08-11 10:46:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2012-08-10 21:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickDownload
[2012-08-01 11:17:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Comodo
[2012-08-01 10:54:13 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012-08-01 10:35:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\036E1BA62B17D979F207C2D481CB3EF3
[2012-07-31 22:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Deluxe Ski Jump 4
[2012-07-30 15:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\SProtector
[2012-07-30 13:10:02 | 000,000,000 | ---D | C] -- C:\Casino
[2012-07-25 09:27:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Macromedia
[2012-07-25 08:38:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Adobe
[2012-07-25 01:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes
[2012-07-25 01:07:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2012-07-24 18:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012-07-24 18:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\uTorrent
[2012-07-24 18:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2012-07-24 09:40:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\muza do auta
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-08-22 09:40:56 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1960408961-1645522239-682003330-500.job
[2012-08-22 09:40:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-08-20 23:29:09 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Everest Poker.lnk
[2012-08-19 20:18:44 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-18 10:01:05 | 000,087,182 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\49030910.pdf
[2012-08-17 23:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-08-16 15:29:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1960408961-1645522239-682003330-500.job
[2012-08-16 10:13:42 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-08-15 00:04:34 | 000,000,868 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\UEFA EURO 2012.lnk
[2012-08-13 13:11:29 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Free Download Manager.lnk
[2012-08-05 18:39:00 | 000,000,540 | ---- | M] () -- C:\settings.ini
[2012-08-01 12:51:37 | 000,555,448 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-08-01 12:51:37 | 000,493,190 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-08-01 12:51:37 | 000,104,478 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-08-01 12:51:37 | 000,083,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-07-30 15:34:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-07-27 20:36:53 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk
[2012-07-25 01:00:08 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-08-20 23:29:09 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Everest Poker.lnk
[2012-08-20 20:10:13 | 004,364,728 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1960408961-1645522239-682003330-500-0.dat
[2012-08-20 20:10:13 | 000,279,006 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2012-08-18 10:01:04 | 000,087,182 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\49030910.pdf
[2012-08-15 00:04:34 | 000,000,868 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\UEFA EURO 2012.lnk
[2012-08-13 13:11:29 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Free Download Manager.lnk
[2012-08-05 18:39:00 | 000,000,540 | ---- | C] () -- C:\settings.ini
[2012-07-24 18:48:14 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk
[2012-07-18 23:23:07 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2012-07-05 13:34:08 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012-06-04 18:25:21 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-06-01 17:15:22 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-05-31 00:03:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-05-30 23:36:37 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1018.dll
[2012-05-30 23:36:36 | 000,442,368 | R--- | C] () -- C:\WINDOWS\System32\zshp1018.exe
[2012-05-30 23:16:02 | 000,000,038 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2012-05-30 21:07:58 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-05-30 21:06:46 | 001,502,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-05-30 20:23:35 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012-05-30 20:23:35 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012-05-30 20:23:35 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012-05-30 20:23:29 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012-05-30 20:19:10 | 000,003,948 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012-05-30 19:19:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-05-30 19:14:16 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
< End of report >

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS]
"Type"=dword:00000020
"Start"=dword:00000003
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
  00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
  6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"DisplayName"="Usługa inteligentnego transferu w tle"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00
"DependOnGroup"=hex(7):00,00
"ObjectName"="LocalSystem"
"Description"="Używa przepustowości bezczynnej sieci do transferu danych. Jeżeli BITS zostanie wyłączone, funkcje takie jak Windows Update przestaną działać."
"FailureActions"=hex:00,00,00,00,00,00,00,00,00,00,00,00,03,00,00,00,68,e3,0c,\
  00,01,00,00,00,60,ea,00,00,01,00,00,00,60,ea,00,00,01,00,00,00,60,ea,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters]
"ServiceDll"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,\
  00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
  71,00,6d,00,67,00,72,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
  00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
  05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
  20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\
  00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
  00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum]
"0"="Root\\LEGACY_BITS\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc]
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
  00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
  6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"DisplayName"="Centrum zabezpieczeń"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,77,00,69,00,6e,00,\
  6d,00,67,00,6d,00,74,00,00,00,00,00
"ObjectName"="LocalSystem"
"Description"="Monitoruje ustawienia zabezpieczeń i konfiguracje systemu."

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Parameters]
"ServiceDll"=hex(2):25,00,53,00,59,00,53,00,54,00,45,00,4d,00,52,00,4f,00,4f,\
  00,54,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
  77,00,73,00,63,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
  00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
  05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
  20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\
  00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
  00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Enum]
"0"="Root\\LEGACY_WSCSVC\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv]
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\
  74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
  00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
  6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"DisplayName"="Aktualizacje automatyczne"
"ObjectName"="LocalSystem"
"Description"="Umożliwia pobieranie i instalowanie ważnych aktualizacji systemu Windows. Jeśli ta usługa zostanie wyłączona, komputer nie będzie umożliwiał korzystania z funkcji Automatyczne aktualizacje lub strony Windows Update."

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters]
"ServiceDll"=hex(2):43,00,3a,00,5c,00,57,00,49,00,4e,00,44,00,4f,00,57,00,53,\
  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,77,00,75,00,\
  61,00,75,00,73,00,65,00,72,00,76,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security]
"Security"=hex:01,00,14,80,78,00,00,00,84,00,00,00,14,00,00,00,30,00,00,00,02,\
  00,1c,00,01,00,00,00,02,80,14,00,ff,00,0f,00,01,01,00,00,00,00,00,01,00,00,\
  00,00,02,00,48,00,03,00,00,00,00,00,14,00,9d,00,02,00,01,01,00,00,00,00,00,\
  05,0b,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
  20,02,00,00,00,00,14,00,ff,01,0f,00,01,01,00,00,00,00,00,05,12,00,00,00,01,\
  01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum]
"0"="Root\\LEGACY_WUAUSERV\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
  00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
  6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"DisplayName"="Zapora systemu Windows/Udostępnianie połączenia internetowego"
"DependOnService"=hex(7):4e,00,65,00,74,00,6d,00,61,00,6e,00,00,00,57,00,69,00,\
  6e,00,4d,00,67,00,6d,00,74,00,00,00,00,00
"DependOnGroup"=hex(7):00,00
"ObjectName"="LocalSystem"
"Description"="Zapewnia usługi translacji adresów sieciowych, adresowania, rozpoznawania nazw i/lub blokowania dostępu intruzów wszystkim komputerom w sieci domowej lub biurowej."

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch]
"Epoch"=dword:0000042e

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
  00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
  69,00,70,00,6e,00,61,00,74,00,68,00,6c,00,70,00,2e,00,64,00,6c,00,6c,00,00,\
  00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
  00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
  05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
  20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\
  00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
  00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup]
"ServiceUpgrade"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate]
"All"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum]
"0"="Root\\LEGACY_SHAREDACCESS\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

:OTL
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (zpcrzw)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (zirlwy)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (wfimgv)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (trvulq)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (tcgzov)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (snvstx)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (psmtdu)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (poagaq)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (mhkokt)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (meybip)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (jtewpo)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (jfpjss)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (grkjfn)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (fvnwhs)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (czwxrx)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (cktqpz)
DRV - [2012-07-09 02:46:48 | 000,374,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\CCE\ccekrnl.dat -- (chidmv)
-08-10 21:48:17 | 000,003,998 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\searchplugins\sweetim.xml
[O2 - BHO: (wxDfast Class) - {A5A7F150-0D6F-F74C-7336-C649409F28E5} - C:\Documents and Settings\All Users\Dane aplikacji\wxDfast\bhoclass.dll File not found
O20 - AppInit_DLLs: (c:\progra~1\sprote~1\sprote~1.dll) - c:\Program Files\SProtector\sprotector.dll ()
[2012-08-01 10:35:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\036E1BA62B17D979F207C2D481CB3EF3
[2012-07-30 15:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\SProtector

:Files
netsh winsock reset /C

:Commands
[emptytemp]

Użytkownik ordynat edytował ten post 22 08 2012 - 14:04

All processes killed
========== OTL ==========
Service zpcrzw stopped successfully!
Service zpcrzw deleted successfully!
E:\CCE\ccekrnl.dat moved successfully.
Service zirlwy stopped successfully!
Service zirlwy deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service wfimgv stopped successfully!
Service wfimgv deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service trvulq stopped successfully!
Service trvulq deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service tcgzov stopped successfully!
Service tcgzov deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service snvstx stopped successfully!
Service snvstx deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service psmtdu stopped successfully!
Service psmtdu deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service poagaq stopped successfully!
Service poagaq deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service mhkokt stopped successfully!
Service mhkokt deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service meybip stopped successfully!
Service meybip deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service jtewpo stopped successfully!
Service jtewpo deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service jfpjss stopped successfully!
Service jfpjss deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service grkjfn stopped successfully!
Service grkjfn deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service fvnwhs stopped successfully!
Service fvnwhs deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service czwxrx stopped successfully!
Service czwxrx deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service cktqpz stopped successfully!
Service cktqpz deleted successfully!
File E:\CCE\ccekrnl.dat not found.
Service chidmv stopped successfully!
Service chidmv deleted successfully!
File E:\CCE\ccekrnl.dat not found.
File - BHO: (wxDfast Class) - {A5A7F150-0D6F-F74C-7336-C649409F28E5} - C:\Documents and Settings\All Users\Dane aplikacji\wxDfast\bhoclass.dll File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\sprote~1\sprote~1.dll deleted successfully.
c:\Program Files\SProtector\sprotector.dll moved successfully.
Folder C:\Documents and Settings\All Users\Dane aplikacji\036E1BA62B17D979F207C2D481CB3EF3\ not found.
C:\Program Files\SProtector folder moved successfully.
========== FILES ==========
[color=#A23BEC]< netsh winsock reset /C >[/color]
Pomy˜lnie zresetowano Winsock Catalog.
Musisz ponownie uruchomi† komputer, aby ukoäczy† resetowanie.
E:\cmd.bat deleted successfully.
E:\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 13916041 bytes
->Temporary Internet Files folder emptied: 8670602 bytes
->FireFox cache emptied: 525044605 bytes
->Flash cache emptied: 7975 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 4022340 bytes
->Flash cache emptied: 697 bytes

User: Paweł
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 112094 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2352022 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 529,00 mb


OTL by OldTimer - Version 3.2.58.1 log created on 08222012_144538
Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_1eb4.dat not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...

OTL logfile created on: 2012-08-22 14:51:17 - Run 3
OTL by OldTimer - Version 3.2.58.1	 Folder = E:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,50 Gb Total Physical Memory | 3,10 Gb Available Physical Memory | 88,53% Memory free
5,34 Gb Paging File | 5,12 Gb Available in Paging File | 95,85% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 8,68 Gb Free Space | 35,55% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 96,41 Gb Free Space | 65,81% Space Free | Partition Type: NTFS
Drive E: | 146,48 Gb Total Space | 135,60 Gb Free Space | 92,57% Space Free | Partition Type: NTFS
Drive F: | 148,37 Gb Total Space | 92,88 Gb Free Space | 62,60% Space Free | Partition Type: NTFS
Drive H: | 6,55 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PAWE-39F3FEC025 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-08-21 12:23:08 | 000,596,480 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2012-05-15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2008-04-14 18:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) -- E:\Nero 7\InCD\InCDsrv.exe
PRC - [2006-10-13 17:04:02 | 000,707,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2006-10-13 17:01:06 | 000,207,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2006-01-30 18:00:00 | 000,098,304 | R--- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-05-15 12:18:00 | 001,570,624 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nView.dll
MOD - [2012-05-15 12:18:00 | 000,357,184 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nvShell.dll
MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-07-18 21:36:35 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-06-19 16:26:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012-05-15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) [Auto | Running] -- E:\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2007-04-13 21:09:56 | 000,792,112 | ---- | M] (Nero AG) [On_Demand | Stopped] -- E:\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2006-10-13 17:01:06 | 000,207,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012-05-31 00:19:37 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-05-30 20:18:33 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2012-05-30 20:18:32 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2012-05-30 20:18:32 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2009-05-08 08:52:28 | 001,358,720 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008-04-13 20:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (usb_rndis)
DRV - [2008-02-14 11:42:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007-05-15 15:55:36 | 000,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007-05-15 15:55:36 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007-05-15 15:55:36 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007-05-15 15:55:36 | 000,016,304 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2007-04-16 14:16:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006-10-13 17:04:28 | 001,966,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {17C45DEA-D545-4231-967D-29852435A7BB}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{17C45DEA-D545-4231-967D-29852435A7BB}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "GadgetBox"
FF - prefs.js..browser.search.defaultenginename,S: S", "GadgetBox"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: "http://search.gboxapp.com/?affid=gb2&q="
FF - prefs.js..browser.search.order.1: "GadgetBox"
FF - prefs.js..browser.search.order.1,S: S", "GadgetBox"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngine,S: S", "GadgetBox"
FF - prefs.js..browser.startup.homepage: "http://search.gboxapp.com/?affid=gb2"
FF - prefs.js..keyword.URL: "http://search.gboxapp.com/?affid=gb2&q="
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "82.17.181.100"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "82.17.181.100"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "82.17.181.100"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "82.17.181.100"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2012-07-18 21:36:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2012-06-07 15:50:50 | 000,000,000 | ---D | M]

[2012-05-30 22:38:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions
[2012-08-22 14:26:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\extensions
[2012-08-19 14:03:00 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\extensions\plugin@videofiledownload.com
[2012-08-20 17:02:51 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\searchplugins\GadgetBox.xml
[2012-08-10 21:48:17 | 000,003,998 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\searchplugins\sweetim.xml
[2012-08-13 13:11:28 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- E:\PROGRAM FILES\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION

O1 HOSTS File: ([2001-10-26 13:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	   localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (wxDfast Class) - {A5A7F150-0D6F-F74C-7336-C649409F28E5} - C:\Documents and Settings\All Users\Dane aplikacji\wxDfast\bhoclass.dll File not found
O2 - BHO: (VideoFileDownload) - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - C:\Program Files\OpenApp\bho_project.dll (VideoFileDownload)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - E:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] E:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Pobierz plik wideo w FDM - E:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Pobierz w FDM - E:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Pobierz wszystkie pliki w FDM - E:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Pobierz zaznaczone pliki w FDM - E:\Program Files\Free Download Manager\dlselected.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1345638704468 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9907540-FD68-4CF4-84D2-B4CEDBC2889A}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - about:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-05-30 19:16:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012-05-06 17:23:13 | 000,000,070 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{693c38c2-aa9c-11e1-9562-0026ed9c602a}\Shell - "" = AutoRun
O33 - MountPoints2\{693c38c2-aa9c-11e1-9562-0026ed9c602a}\Shell\AutoRun\command - "" = H:\LANLauncher.exe
O33 - MountPoints2\{a5271361-aaf0-11e1-9565-0026ed9c602a}\Shell - "" = AutoRun
O33 - MountPoints2\{a5271361-aaf0-11e1-9565-0026ed9c602a}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2012-05-06 17:23:13 | 000,582,014 | R--- | M] (EA Sports												   )
O33 - MountPoints2\{b653bc49-aaa4-11e1-9564-0026ed9c602a}\Shell - "" = AutoRun
O33 - MountPoints2\{b653bc49-aaa4-11e1-9564-0026ed9c602a}\Shell\AutoRun\command - "" = H:\LANLauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-08-22 14:39:00 | 000,696,520 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-08-22 14:39:00 | 000,073,416 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-08-22 14:34:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Opera
[2012-08-22 14:34:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2012-08-22 14:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-08-22 09:32:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\RK_Quarantine
[2012-08-21 12:00:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012-08-21 11:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2012-08-21 11:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-08-20 23:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Everest Poker
[2012-08-20 23:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Everest Poker
[2012-08-20 17:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\SEGA
[2012-08-20 17:02:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GBox
[2012-08-20 17:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\Przyspiesz Komputer
[2012-08-19 14:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\MyTorrents
[2012-08-19 14:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\OpenApp
[2012-08-19 14:02:41 | 000,000,000 | ---D | C] -- C:\Program Files\smartdl
[2012-08-15 00:07:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\FIFA 12
[2012-08-15 00:04:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA Sports
[2012-08-14 12:02:01 | 000,000,000 | ---D | C] -- C:\Downloads
[2012-08-13 13:11:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
[2012-08-13 13:11:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Download Manager
[2012-08-11 15:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2012-08-11 10:46:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2012-08-10 21:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickDownload
[2012-08-01 11:17:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Comodo
[2012-08-01 10:54:13 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012-08-01 10:35:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\036E1BA62B17D979F207C2D481CB3EF3
[2012-07-30 13:10:02 | 000,000,000 | ---D | C] -- C:\Casino
[2012-07-25 09:27:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Macromedia
[2012-07-25 08:38:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Adobe
[2012-07-25 01:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes
[2012-07-25 01:07:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2012-07-24 18:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012-07-24 18:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\uTorrent
[2012-07-24 18:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2012-07-24 09:40:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\muza do auta

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-08-22 14:50:39 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1960408961-1645522239-682003330-500.job
[2012-08-22 14:50:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-08-22 14:45:40 | 000,555,448 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-08-22 14:45:40 | 000,493,190 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-08-22 14:45:40 | 000,104,478 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-08-22 14:45:40 | 000,083,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-08-22 14:39:00 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-08-22 14:39:00 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-08-20 23:29:09 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Everest Poker.lnk
[2012-08-19 20:18:44 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-18 10:01:05 | 000,087,182 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\49030910.pdf
[2012-08-17 23:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-08-16 15:29:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1960408961-1645522239-682003330-500.job
[2012-08-16 10:13:42 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-08-15 00:04:34 | 000,000,868 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\UEFA EURO 2012.lnk
[2012-08-13 13:11:29 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Free Download Manager.lnk
[2012-08-05 18:39:00 | 000,000,540 | ---- | M] () -- C:\settings.ini
[2012-07-30 15:34:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-07-27 20:36:53 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk
[2012-07-25 01:00:08 | 000,000,223 | RHS- | M] () -- C:\boot.ini

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-08-20 23:29:09 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Everest Poker.lnk
[2012-08-20 20:10:13 | 004,364,728 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1960408961-1645522239-682003330-500-0.dat
[2012-08-20 20:10:13 | 000,279,006 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2012-08-18 10:01:04 | 000,087,182 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\49030910.pdf
[2012-08-15 00:04:34 | 000,000,868 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\UEFA EURO 2012.lnk
[2012-08-13 13:11:29 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Free Download Manager.lnk
[2012-08-05 18:39:00 | 000,000,540 | ---- | C] () -- C:\settings.ini
[2012-07-24 18:48:14 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk
[2012-07-18 23:23:07 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2012-07-05 13:34:08 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012-06-04 18:25:21 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-06-01 17:15:22 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-05-31 00:03:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-05-30 23:36:37 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1018.dll
[2012-05-30 23:36:36 | 000,442,368 | R--- | C] () -- C:\WINDOWS\System32\zshp1018.exe
[2012-05-30 23:16:02 | 000,000,038 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2012-05-30 21:07:58 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-05-30 21:06:46 | 001,502,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-05-30 20:23:35 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012-05-30 20:23:35 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012-05-30 20:23:35 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012-05-30 20:23:29 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012-05-30 20:19:10 | 000,003,948 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012-05-30 19:19:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-05-30 19:14:16 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
< End of report >

Folders to delete:
C:\Documents and Settings\All Users\Dane aplikacji\036E1BA62B17D979F207C2D481CB3EF3

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform:  Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
Folder "C:\Documents and Settings\All Users\Dane aplikacji\036E1BA62B17D979F207C2D481CB3EF3" deleted successfully.
Completed script processing.
*******************
Finished!  Terminate.

Farbar Service Scanner Version: 06-08-2012
Ran by Administrator (administrator) on 22-08-2012 at 21:45:13
Running from "E:\"
Microsoft Windows XP Professional Dodatek Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
Firewall Disabled Policy:
==================

System Restore:
============
System Restore Disabled Policy:
========================

Security Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2008-04-14 18:50] - [2008-04-14 18:50] - 0126464 ____A (Microsoft Corporation) 6B4AFE7C676CFF3EFF2DC06A4EE945F7
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll
[2008-04-14 18:50] - [2009-04-20 19:09] - 0045568 ____A (Microsoft Corporation) 4CE42967710BEB87AE805D9DA7A87499
C:\WINDOWS\system32\ipnathlp.dll
[2009-01-30 16:28] - [2009-01-30 16:28] - 0330752 ____A (Microsoft Corporation) 415E4EBF192A9D68C28DE0541BE48307
C:\WINDOWS\system32\netman.dll
[2008-04-14 18:50] - [2008-04-14 18:50] - 0198144 ____A (Microsoft Corporation) 4FE97D0B1B182DF2A9BDD4C02155EF5E
C:\WINDOWS\system32\wbem\WMIsvc.dll
[2012-05-30 19:13] - [2008-04-14 18:51] - 0145408 ____A (Microsoft Corporation) 70C22297534A88B0AD0568900AB5A6D9
C:\WINDOWS\system32\srsvc.dll
[2012-05-30 19:14] - [2008-04-14 18:50] - 0171520 ____A (Microsoft Corporation) 316D0E66074AE4CDE641C50D3A1C5148
C:\WINDOWS\system32\Drivers\sr.sys
[2012-05-30 19:14] - [2008-04-14 18:04] - 0073472 ____A (Microsoft Corporation) EB032822BE406EF220D546DDFFCF0002
C:\WINDOWS\system32\wscsvc.dll
[2008-04-14 18:51] - [2008-04-14 18:51] - 0080896 ____A (Microsoft Corporation) B6669F49D42E09BC0F9889FAA0F3336D
C:\WINDOWS\system32\wbem\WMIsvc.dll
[2012-05-30 19:13] - [2008-04-14 18:51] - 0145408 ____A (Microsoft Corporation) 70C22297534A88B0AD0568900AB5A6D9
C:\WINDOWS\system32\wuauserv.dll
[2012-05-30 19:15] - [2008-04-14 18:51] - 0006656 ____A (Microsoft Corporation) 04550D5EB7EE82C115DB547C01DF09FD
C:\WINDOWS\system32\qmgr.dll
[2012-05-30 19:15] - [2008-04-14 18:50] - 0409088 ____A (Microsoft Corporation) 78200FAA6FD9C69394134C238C87FB7F
C:\WINDOWS\system32\es.dll
[2009-01-30 16:27] - [2009-01-30 16:27] - 0253952 ____A (Microsoft Corporation) 5BB3E442E43C7BB0F38203F23C920D3C
C:\WINDOWS\system32\cryptsvc.dll
[2008-04-14 18:50] - [2008-04-14 18:50] - 0062464 ____A (Microsoft Corporation) 6B105FE95F2E9F0B6346044BA59D41C9
C:\WINDOWS\system32\svchost.exe
[2008-04-14 18:51] - [2008-04-14 18:51] - 0014336 ____A (Microsoft Corporation) 8607D35D92528E2DF386F19A960D23CE
C:\WINDOWS\system32\rpcss.dll
[2008-04-14 18:50] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) A37311D9D628C1042A2836731787F0F3
C:\WINDOWS\system32\services.exe
[2008-04-14 18:51] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02A467E27AF55F7064C5B251E587315F

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0700000004000000010000000200000003000000050000000600000007000000
IpSec Tag value is correct.
**** End of log ****

OTL logfile created on: 2012-08-22 21:45:53 - Run 4
OTL by OldTimer - Version 3.2.58.1	 Folder = E:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,50 Gb Total Physical Memory | 2,87 Gb Available Physical Memory | 82,02% Memory free
5,34 Gb Paging File | 4,90 Gb Available in Paging File | 91,74% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 7,90 Gb Free Space | 32,35% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 96,41 Gb Free Space | 65,81% Space Free | Partition Type: NTFS
Drive E: | 146,48 Gb Total Space | 135,60 Gb Free Space | 92,57% Space Free | Partition Type: NTFS
Drive F: | 148,37 Gb Total Space | 90,14 Gb Free Space | 60,75% Space Free | Partition Type: NTFS
Drive H: | 6,55 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PAWE-39F3FEC025 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-08-22 17:00:46 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-08-21 12:23:08 | 000,596,480 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2012-07-18 21:36:35 | 000,913,888 | ---- | M] (Mozilla Corporation) -- E:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-05-15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2008-04-14 18:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) -- E:\Nero 7\InCD\InCDsrv.exe
PRC - [2006-10-13 17:04:02 | 000,707,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2006-10-13 17:01:06 | 000,207,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2006-01-30 18:00:00 | 000,098,304 | R--- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-08-22 14:39:00 | 009,813,704 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2012-07-18 21:36:35 | 002,003,424 | ---- | M] () -- E:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-05-15 12:18:00 | 001,570,624 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nView.dll
MOD - [2012-05-15 12:18:00 | 000,357,184 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nvShell.dll
MOD - [2012-05-14 11:25:36 | 000,083,968 | ---- | M] () -- E:\Program Files\Free Download Manager\fdmumsp.dll
MOD - [2012-05-14 11:24:12 | 000,173,056 | ---- | M] () -- E:\Program Files\Free Download Manager\Firefox\extension\components\vmsfdmff.dll
MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-08-22 17:00:46 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-07-18 21:36:35 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-06-19 16:26:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012-05-15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) [Auto | Running] -- E:\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2007-04-13 21:09:56 | 000,792,112 | ---- | M] (Nero AG) [On_Demand | Stopped] -- E:\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2006-10-13 17:01:06 | 000,207,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012-05-31 00:19:37 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-05-30 20:18:33 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2012-05-30 20:18:32 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2012-05-30 20:18:32 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2009-05-08 08:52:28 | 001,358,720 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008-04-13 20:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (usb_rndis)
DRV - [2008-02-14 11:42:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007-05-15 15:55:36 | 000,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007-05-15 15:55:36 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007-05-15 15:55:36 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007-05-15 15:55:36 | 000,016,304 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2007-04-16 14:16:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006-10-13 17:04:28 | 001,966,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {17C45DEA-D545-4231-967D-29852435A7BB}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{17C45DEA-D545-4231-967D-29852435A7BB}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "GadgetBox"
FF - prefs.js..browser.search.defaultenginename,S: S", "GadgetBox"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: "http://search.gboxapp.com/?affid=gb2&q="
FF - prefs.js..browser.search.order.1: "GadgetBox"
FF - prefs.js..browser.search.order.1,S: S", "GadgetBox"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngine,S: S", "GadgetBox"
FF - prefs.js..browser.startup.homepage: "http://search.gboxapp.com/?affid=gb2"
FF - prefs.js..keyword.URL: "http://search.gboxapp.com/?affid=gb2&q="
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "82.17.181.100"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "82.17.181.100"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "82.17.181.100"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "82.17.181.100"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2012-07-18 21:36:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2012-06-07 15:50:50 | 000,000,000 | ---D | M]

[2012-05-30 22:38:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions
[2012-08-22 14:26:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\extensions
[2012-08-19 14:03:00 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\extensions\plugin@videofiledownload.com
[2012-08-20 17:02:51 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\searchplugins\GadgetBox.xml
[2012-08-10 21:48:17 | 000,003,998 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3h39800.default\searchplugins\sweetim.xml
[2012-08-13 13:11:28 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- E:\PROGRAM FILES\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION

O1 HOSTS File: ([2001-10-26 13:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	   localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (wxDfast Class) - {A5A7F150-0D6F-F74C-7336-C649409F28E5} - C:\Documents and Settings\All Users\Dane aplikacji\wxDfast\bhoclass.dll File not found
O2 - BHO: (VideoFileDownload) - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - C:\Program Files\OpenApp\bho_project.dll (VideoFileDownload)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - E:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] E:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Pobierz plik wideo w FDM - E:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Pobierz w FDM - E:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Pobierz wszystkie pliki w FDM - E:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Pobierz zaznaczone pliki w FDM - E:\Program Files\Free Download Manager\dlselected.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1345638704468 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9907540-FD68-4CF4-84D2-B4CEDBC2889A}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - about:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-05-30 19:16:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012-05-06 17:23:13 | 000,000,070 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{693c38c2-aa9c-11e1-9562-0026ed9c602a}\Shell - "" = AutoRun
O33 - MountPoints2\{693c38c2-aa9c-11e1-9562-0026ed9c602a}\Shell\AutoRun\command - "" = H:\LANLauncher.exe
O33 - MountPoints2\{a5271361-aaf0-11e1-9565-0026ed9c602a}\Shell - "" = AutoRun
O33 - MountPoints2\{a5271361-aaf0-11e1-9565-0026ed9c602a}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2012-05-06 17:23:13 | 000,582,014 | R--- | M] (EA Sports												   )
O33 - MountPoints2\{b653bc49-aaa4-11e1-9564-0026ed9c602a}\Shell - "" = AutoRun
O33 - MountPoints2\{b653bc49-aaa4-11e1-9564-0026ed9c602a}\Shell\AutoRun\command - "" = H:\LANLauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-08-22 21:43:19 | 000,000,000 | ---D | C] -- C:\Avenger
[2012-08-22 17:01:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-08-22 17:00:58 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-08-22 17:00:58 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012-08-22 17:00:55 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-08-22 17:00:55 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-08-22 17:00:55 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012-08-22 17:00:43 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-08-22 14:39:00 | 000,696,520 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-08-22 14:39:00 | 000,073,416 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-08-22 14:34:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Opera
[2012-08-22 14:34:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera
[2012-08-22 14:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-08-22 09:32:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\RK_Quarantine
[2012-08-21 12:00:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012-08-21 11:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2012-08-21 11:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-08-20 23:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Everest Poker
[2012-08-20 23:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Everest Poker
[2012-08-20 17:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\SEGA
[2012-08-20 17:02:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GBox
[2012-08-20 17:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\Przyspiesz Komputer
[2012-08-19 14:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\MyTorrents
[2012-08-19 14:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\OpenApp
[2012-08-19 14:02:41 | 000,000,000 | ---D | C] -- C:\Program Files\smartdl
[2012-08-15 00:07:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\FIFA 12
[2012-08-15 00:04:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA Sports
[2012-08-14 12:02:01 | 000,000,000 | ---D | C] -- C:\Downloads
[2012-08-13 13:11:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager
[2012-08-13 13:11:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Download Manager
[2012-08-11 15:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2012-08-11 10:46:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2012-08-10 21:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickDownload
[2012-08-01 11:17:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Comodo
[2012-08-01 10:54:13 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012-07-30 13:10:02 | 000,000,000 | ---D | C] -- C:\Casino
[2012-07-25 09:27:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Macromedia
[2012-07-25 08:38:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Adobe
[2012-07-25 01:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes
[2012-07-25 01:07:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2012-07-24 18:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012-07-24 18:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\uTorrent
[2012-07-24 18:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2012-07-24 09:40:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\muza do auta

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-08-22 21:47:49 | 000,555,448 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-08-22 21:47:48 | 000,493,190 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-08-22 21:47:48 | 000,104,478 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-08-22 21:47:48 | 000,083,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-08-22 21:43:35 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1960408961-1645522239-682003330-500.job
[2012-08-22 21:43:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-08-22 19:25:42 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-22 17:00:47 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012-08-22 17:00:46 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012-08-22 17:00:46 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012-08-22 17:00:46 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-08-22 17:00:46 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-08-22 17:00:46 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-08-22 17:00:46 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012-08-22 14:39:00 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-08-22 14:39:00 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-08-20 23:29:09 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Everest Poker.lnk
[2012-08-18 10:01:05 | 000,087,182 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\49030910.pdf
[2012-08-17 23:58:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-08-16 15:29:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1960408961-1645522239-682003330-500.job
[2012-08-16 10:13:42 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-08-15 00:04:34 | 000,000,868 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\UEFA EURO 2012.lnk
[2012-08-13 13:11:29 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Free Download Manager.lnk
[2012-08-05 18:39:00 | 000,000,540 | ---- | M] () -- C:\settings.ini
[2012-07-30 15:34:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-07-27 20:36:53 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk
[2012-07-25 01:00:08 | 000,000,223 | RHS- | M] () -- C:\boot.ini

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-08-20 23:29:09 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Everest Poker.lnk
[2012-08-20 20:10:13 | 004,364,728 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1960408961-1645522239-682003330-500-0.dat
[2012-08-20 20:10:13 | 000,279,006 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2012-08-18 10:01:04 | 000,087,182 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\49030910.pdf
[2012-08-15 00:04:34 | 000,000,868 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\UEFA EURO 2012.lnk
[2012-08-13 13:11:29 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Free Download Manager.lnk
[2012-08-05 18:39:00 | 000,000,540 | ---- | C] () -- C:\settings.ini
[2012-07-24 18:48:14 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk
[2012-07-18 23:23:07 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2012-07-05 13:34:08 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012-06-04 18:25:21 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-06-01 17:15:22 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-05-31 00:03:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-05-30 23:36:37 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1018.dll
[2012-05-30 23:36:36 | 000,442,368 | R--- | C] () -- C:\WINDOWS\System32\zshp1018.exe
[2012-05-30 23:16:02 | 000,000,038 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2012-05-30 21:07:58 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-05-30 21:06:46 | 001,502,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-05-30 20:23:35 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012-05-30 20:23:35 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012-05-30 20:23:35 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012-05-30 20:23:29 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012-05-30 20:19:10 | 000,003,948 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012-05-30 19:19:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-05-30 19:14:16 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
< End of report >