OTL logfile created on: 2012-07-30 11:50:04 - Run 3 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\Administrator.T-FF6353124EF64\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,94 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 80,42% Memory free 3,79 Gb Paging File | 3,57 Gb Available in Paging File | 94,33% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,22 Gb Total Space | 65,07 Gb Free Space | 87,67% Space Free | Partition Type: NTFS Drive D: | 195,32 Gb Total Space | 170,99 Gb Free Space | 87,54% Space Free | Partition Type: NTFS Drive E: | 196,21 Gb Total Space | 192,37 Gb Free Space | 98,04% Space Free | Partition Type: NTFS Computer Name: T-FF6353124EF64 | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-29 18:46:16 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Moje dokumenty\Pobieranie\OTL.exe PRC - [2012-07-21 10:06:57 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-07-21 10:06:56 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-01-11 18:11:56 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2011-03-02 13:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2009-02-27 21:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-07-21 10:06:57 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-07-10 10:33:19 | 000,935,008 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0) SRV - [2012-04-26 14:08:24 | 000,793,048 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2011-08-02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2011-12-13 19:27:30 | 007,069,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2011-07-11 02:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2011-07-11 02:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH) DRV - [2010-04-08 20:30:10 | 000,168,040 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts) DRV - [2010-03-22 12:29:08 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2010-03-04 12:02:10 | 000,013,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2010-03-04 12:02:08 | 000,070,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2009-11-18 08:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 08:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.) IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=6d73ef2f-4520-11e1-87d6-0024213eb551&q={searchTerms} IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120221143658922&tb_oid=21-02-2012&tb_mrud=21-02-2012 IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-02-08 14:37:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\11.1.0.12\ [2012-07-10 10:33:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-21 10:06:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-02-25 20:52:43 | 000,000,000 | ---D | M] [2012-07-29 17:19:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Dane aplikacji\Mozilla\Extensions [2012-05-15 20:20:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-07-21 10:06:57 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-02-25 20:52:33 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-10-03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll [2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-24 19:43:11 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-07-10 10:33:16 | 000,003,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012-01-17 19:33:10 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-06-24 19:43:11 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-24 19:43:11 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-24 19:43:11 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-06-24 19:43:11 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-24 19:43:11 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2012-07-29 17:37:05 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (VshareComplete) - {222f31fb-a14e-4af2-bb14-997f28294370} - C:\Documents and Settings\operator\Dane aplikacji\VshareComplete\VshareComplete.dll (SimplyGen) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll () O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll (Softonic.com) O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll (Softonic.com) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe (HP) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [qbmhbusklbskqpy] C:\Documents and Settings\All Users\Dane aplikacji\qbmhbusk.exe () O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC016E9B-E191-4D25-BA45-CBBABEDE1636}: DhcpNameServer = 8.8.8.8 8.8.4.4 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-01-07 11:17:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-29 18:52:35 | 000,000,000 | ---D | C] -- C:\_OTL [2012-07-29 18:12:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Dane aplikacji\Malwarebytes [2012-07-29 18:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2012-07-29 18:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2012-07-29 18:07:35 | 000,000,000 | ---D | C] -- C:\rsit [2012-07-29 18:02:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Menu Start\Programy\Narzędzia administracyjne [2012-07-29 18:02:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Moje dokumenty\Moje wideo [2012-07-29 18:02:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Moje dokumenty\Moje obrazy [2012-07-29 18:02:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Moje dokumenty\Moja muzyka [2012-07-29 17:46:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Dane aplikacji\WinRAR [2012-07-29 17:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Moje dokumenty\Pobieranie [2012-07-29 17:21:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Dane aplikacji\Macromedia [2012-07-29 17:21:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Dane aplikacji\Adobe [2012-07-29 17:19:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Ustawienia lokalne\Dane aplikacji\Mozilla [2012-07-29 17:19:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Dane aplikacji\Mozilla [2012-07-29 17:19:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\IETldCache [2012-07-29 17:19:03 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Dane aplikacji\Microsoft [2012-07-29 17:19:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\SendTo [2012-07-29 17:19:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Dane aplikacji [2012-07-29 17:19:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Menu Start [2012-07-29 17:19:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Menu Start\Programy\Autostart [2012-07-29 17:19:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Menu Start\Programy\Akcesoria [2012-07-29 17:19:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Cookies [2012-07-29 17:19:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Szablony [2012-07-29 17:19:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Recent [2012-07-29 17:19:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\PrintHood [2012-07-29 17:19:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\NetHood [2012-07-29 17:19:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Ulubione [2012-07-29 17:19:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Pulpit [2012-07-29 17:19:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Moje dokumenty [2012-07-29 17:19:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-07-29 17:19:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Ustawienia lokalne [2012-07-29 17:02:56 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC [2012-07-29 16:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\logljleslaljxlt [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-30 11:36:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-07-30 09:43:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-07-29 19:14:43 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RMAutoUpdate.job [2012-07-29 19:14:40 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-07-29 19:14:40 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012-07-29 18:28:00 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-07-29 17:54:43 | 000,266,208 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-07-29 17:37:05 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2012-07-29 17:02:00 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2012-07-29 16:22:30 | 000,000,051 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\ogcgcqcxdnukwib [2012-07-29 16:22:23 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\qbmhbusk.exe [2012-07-29 16:22:23 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\ndaoctfv.exe [2012-07-22 19:00:09 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job [2012-07-05 11:19:34 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-29 18:22:08 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-07-29 17:19:03 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Menu Start\Programy\Pomoc zdalna.lnk [2012-07-29 17:19:03 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Administrator.T-FF6353124EF64\Menu Start\Programy\Windows Media Player.lnk [2012-07-29 16:22:30 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\qbmhbusk.exe [2012-07-29 16:22:30 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ndaoctfv.exe [2012-07-29 16:22:24 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ogcgcqcxdnukwib [2012-06-06 17:55:58 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe [2012-05-28 19:10:48 | 000,000,130 | ---- | C] () -- C:\WINDOWS\mikromap.INI [2012-05-28 19:08:52 | 000,000,023 | ---- | C] () -- C:\WINDOWS\WinKalk.ini [2012-05-28 19:07:59 | 000,000,058 | ---- | C] () -- C:\WINDOWS\coder.ini [2012-05-28 14:55:32 | 000,162,304 | ---- | C] () -- C:\Program Files\UNWISE.EXE [2012-02-03 18:25:00 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2012-01-11 18:34:01 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\prnunins.exe [2012-01-08 09:59:41 | 000,010,084 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2012-01-07 12:07:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-01-07 12:04:50 | 000,266,208 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-01-07 11:45:22 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT [2012-01-07 11:20:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-01-07 11:15:19 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D1B5B4F1 @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:E25BED53 @Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A1454082 < End of report >