OTL logfile created on: 2012-08-20 22:16:39 - Run 1 OTL by OldTimer - Version 3.2.58.1 Folder = D:\Pobrane pliki Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,50 Gb Total Physical Memory | 0,87 Gb Available Physical Memory | 58,23% Memory free 1,85 Gb Paging File | 1,27 Gb Available in Paging File | 68,81% Paging File free Paging file location(s): C:\pagefile.sys 512 512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 4,86 Gb Total Space | 0,20 Gb Free Space | 4,14% Space Free | Partition Type: NTFS Drive D: | 48,85 Gb Total Space | 8,51 Gb Free Space | 17,41% Space Free | Partition Type: NTFS Drive E: | 20,81 Gb Total Space | 0,65 Gb Free Space | 3,11% Space Free | Partition Type: NTFS Drive G: | 39,96 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: XYZ | User Name: BLABLABLA | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-20 22:14:45 | 000,596,480 | ---- | M] (OldTimer Tools) -- D:\Pobrane pliki\OTL.exe PRC - [2012-07-17 23:36:44 | 000,913,888 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-07-09 01:32:36 | 005,834,240 | ---- | M] () -- C:\top net info\top_netinfo.exe PRC - [2012-06-16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Internet Security\Engine\19.8.0.14\ccsvchst.exe PRC - [2010-08-02 12:40:56 | 000,199,600 | ---- | M] (Telefónica I+D) -- D:\Program Files\O2\Connection Manager\ImpWiFiSvc.exe PRC - [2010-03-15 20:11:02 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-04-16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-08-19 14:18:18 | 000,997,888 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\894d87c08a9a5b5923e7104055a616d2\System.Management.ni.dll MOD - [2012-08-18 22:40:49 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll MOD - [2012-08-15 18:14:31 | 000,676,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\0418eb6dbffe9b46aa4c989153d6a3b5\System.Security.ni.dll MOD - [2012-08-15 18:14:15 | 005,449,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll MOD - [2012-08-15 18:14:04 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll MOD - [2012-08-15 18:13:57 | 007,867,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll MOD - [2012-08-15 18:13:36 | 011,485,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll MOD - [2012-07-17 23:36:44 | 002,003,424 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-07-09 01:32:36 | 005,834,240 | ---- | M] () -- C:\top net info\top_netinfo.exe MOD - [2011-06-06 12:55:36 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-06-16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- D:\Program Files\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe -- (NIS) SRV - [2010-08-02 12:40:56 | 000,199,600 | ---- | M] (Telefónica I+D) [Auto | Running] -- D:\Program Files\O2\Connection Manager\ImpWiFiSvc.exe -- (TGCM_ImportWiFiSvc) SRV - [2010-03-25 10:45:44 | 000,495,616 | ---- | M] (Locktime Software) [Disabled | Stopped] -- D:\Program Files\NetLimiter 2 Monitor\nlsvc.exe -- (nlsvc) SRV - [2010-03-15 20:11:02 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService) SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Disabled | Stopped] -- D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11210.sys -- (EraserUtilDrv11210) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a0st8oht) DRV - [2012-08-20 22:03:59 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2012-08-20 19:08:03 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120820.002\navex15.sys -- (NAVEX15) DRV - [2012-08-20 19:08:03 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120820.002\naveng.sys -- (NAVENG) DRV - [2012-08-17 06:13:56 | 000,369,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120817.001\IDSXpx86.sys -- (IDSxpx86) DRV - [2012-08-06 11:31:36 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2012-08-03 01:44:00 | 000,821,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120803.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2012-07-06 04:17:57 | 000,574,112 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NIS\1308000.00E\srtsp.sys -- (SRTSP) DRV - [2012-07-06 04:17:57 | 000,032,928 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1308000.00E\srtspx.sys -- (SRTSPX) DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012-06-07 06:43:43 | 000,132,768 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1308000.00E\ccsetx86.sys -- (ccSet_NIS) DRV - [2012-06-05 16:33:00 | 000,158,552 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2012-06-05 16:33:00 | 000,116,056 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2012-06-05 16:33:00 | 000,104,792 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2012-06-05 16:33:00 | 000,091,992 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - [2012-06-05 16:33:00 | 000,082,776 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxUSB.sys -- (VBoxUSB) DRV - [2012-05-22 03:37:12 | 000,924,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1308000.00E\symefa.sys -- (SymEFA) DRV - [2012-04-18 04:13:32 | 000,388,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1308000.00E\symtdi.sys -- (SYMTDI) DRV - [2012-04-18 03:42:14 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1308000.00E\ironx86.sys -- (SymIRON) DRV - [2011-07-25 20:18:36 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1308000.00E\symds.sys -- (SymDS) DRV - [2010-07-08 13:41:44 | 000,026,008 | ---- | M] (Telefónica I+D) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tidnet.sys -- (tidnet) DRV - [2010-03-25 10:49:06 | 000,082,360 | ---- | M] (Locktime Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nltdi.sys -- (nltdi) DRV - [2010-03-01 18:35:24 | 000,050,304 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vodafone_K3805-z_cdc_ecm.sys -- (vodafone_K3805-z_cdc_ecm) DRV - [2010-03-01 18:35:22 | 000,080,000 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum) DRV - [2010-03-01 18:35:22 | 000,009,728 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vodafone_K3805-z_cpo.sys -- (vodafone_K3805-z_cpo) DRV - [2010-03-01 18:35:20 | 000,086,016 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vodafone_K3805-z_cdc_acm.sys -- (vodafone_K3805-z_cdc_acm) DRV - [2009-12-30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt) DRV - [2009-03-25 14:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2008-09-24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) DRV - [2003-12-31 05:58:46 | 000,069,504 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-725345543-1450960922-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-725345543-1450960922-839522115-1004\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-725345543-1450960922-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-725345543-1450960922-839522115-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&tt=3212_6&babsrc=SP_ss&mntrId=74f0001d000000000000005345000000 IE - HKU\S-1-5-21-725345543-1450960922-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012-08-20 19:30:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012-08-20 22:08:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012-07-17 23:36:44 | 000,000,000 | ---D | M] [2012-06-11 21:02:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\Mozilla\Extensions [2012-08-08 15:30:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\Mozilla\Firefox\Profiles\extensions [2012-08-08 18:02:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\Mozilla\Firefox\Profiles\extensions\extensions [2012-07-07 22:56:39 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com [2012-08-08 18:02:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\Mozilla\Firefox\Profiles\, cache - Mozilla\extensions O1 HOSTS File: ([2004-08-04 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files\Norton Internet Security\Engine\19.8.0.14\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton Internet Security\Engine\19.8.0.14\ips\ipsbho.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Internet Security\Engine\19.8.0.14\coieplg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-725345543-1450960922-839522115-1004\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4 - HKLM..\Run: [Connection Manager] D:\Program Files\O2\Connection Manager\emmsn.exe (Telefónica I+D) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-725345543-1450960922-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1 O7 - HKU\S-1-5-21-725345543-1450960922-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-725345543-1450960922-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O7 - HKU\S-1-5-21-725345543-1450960922-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{996A4CCB-02D2-4F16-BD50-D66742C87371}: NameServer = 10.2.0.1 10.2.0.2 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-06-11 20:33:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-03-16 19:29:05 | 000,000,119 | R--- | M] () - G:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{260ce3f4-b3f6-11e1-80dd-001485251d49}\Shell - "" = AutoRun O33 - MountPoints2\{260ce3f4-b3f6-11e1-80dd-001485251d49}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe -- [2010-02-09 17:03:25 | 000,274,432 | R--- | M] (Vodafone) O33 - MountPoints2\{8a7a3157-bc62-11e1-810d-fda7979515d6}\Shell - "" = AutoRun O33 - MountPoints2\{8a7a3157-bc62-11e1-810d-fda7979515d6}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe -- [2010-02-09 17:03:25 | 000,274,432 | R--- | M] (Vodafone) O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-20 22:03:42 | 000,924,320 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symefa.sys [2012-08-20 22:03:42 | 000,388,216 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symtdi.sys [2012-08-20 22:03:42 | 000,345,208 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symtdiv.sys [2012-08-20 22:03:42 | 000,340,088 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symds.sys [2012-08-20 22:03:42 | 000,318,584 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symnets.sys [2012-08-20 22:03:42 | 000,032,928 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\srtspx.sys [2012-08-20 22:03:41 | 000,574,112 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\srtsp.sys [2012-08-20 22:03:41 | 000,149,624 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\ironx86.sys [2012-08-20 22:03:41 | 000,132,768 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\ccsetx86.sys [2012-08-20 22:03:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1308000.00E [2012-08-20 19:16:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\O2 [2012-08-20 19:12:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\BLABLABLA\Recent [2012-08-20 19:00:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS [2012-08-20 19:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Norton Internet Security [2012-08-20 19:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton [2012-08-20 18:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller [2012-08-20 18:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller [2012-08-19 18:48:13 | 000,000,000 | ---D | C] -- C:\Program Files\PANDORA.TV [2012-08-19 18:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ask [2012-08-19 17:37:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\HD Tune Pro [2012-08-19 17:36:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\HD Tune Pro [2012-08-18 22:06:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2012-08-18 22:03:58 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2012-08-16 19:23:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BLABLABLA\VirtualBox VMs [2012-08-15 18:12:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BLABLABLA\Ustawienia lokalne\Dane aplikacji\Paint.NET [2012-08-12 22:12:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BLABLABLA\AlwaysOnPC [2012-08-09 19:43:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2012-08-08 15:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Tarma Installer [2012-08-08 15:22:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Games for Windows - LIVE [2012-08-08 15:22:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE [2012-08-06 22:46:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon [2012-08-06 22:46:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\YourFileDownloader [2012-08-06 11:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BLABLABLA\Ustawienia lokalne\Dane aplikacji\Fallout3 [2012-08-06 11:42:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Bethesda Softworks [2012-08-06 11:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Fallout3 [2012-08-06 11:41:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2012-08-06 11:37:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2012-08-06 11:37:24 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2012-08-06 11:37:16 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll [2012-08-06 11:36:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive [2012-08-06 11:33:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Alcohol 120% [2012-08-05 19:28:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BLABLABLA\Menu Start\Programy\WinRAR [2012-08-05 19:28:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR [2012-08-03 19:04:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\DMCache [2012-08-02 00:38:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Puran Defrag [2012-07-31 21:15:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2012-07-31 21:14:31 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4r.dll [2012-07-31 21:14:31 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll [2012-07-31 20:46:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\iolo [2012-07-31 20:44:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\iolo [2012-07-31 17:49:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\Locktime [2012-07-31 17:47:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NetLimiter 2 Monitor [2012-07-31 17:47:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Locktime [2012-07-29 16:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BLABLABLA\Ustawienia lokalne\Dane aplikacji\PackageAware [2012-07-29 15:32:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Vodafone [2012-07-29 15:32:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Vodafone [2012-07-29 15:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone [2012-07-27 22:07:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BLABLABLA\Ustawienia lokalne\Dane aplikacji\PCHealth [2012-07-27 21:30:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-07-26 23:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BLABLABLA\Ustawienia lokalne\Dane aplikacji\Rawr [2012-07-26 22:33:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2012-07-26 22:32:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-08-20 22:06:45 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\Your File Updater.job [2012-08-20 22:06:39 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2012-08-20 22:06:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-08-20 22:06:21 | 000,577,506 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\Cat.DB [2012-08-20 22:05:41 | 002,883,584 | ---- | M] () -- C:\Documents and Settings\BLABLABLA\NTUSER.DAT [2012-08-20 22:05:25 | 001,577,920 | -H-- | M] () -- C:\Documents and Settings\BLABLABLA\Ustawienia lokalne\Dane aplikacji\IconCache.db [2012-08-20 22:03:59 | 000,141,944 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS [2012-08-20 22:03:59 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL [2012-08-20 22:03:59 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT [2012-08-20 22:03:59 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF [2012-08-20 19:16:31 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Connection Manager.lnk [2012-08-20 19:13:08 | 000,002,098 | ---- | M] () -- D:\BLABLABLA - Moje dokumenty\cc_20120611_224005.reg [2012-08-20 19:00:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\NUSchedule.job [2012-08-20 18:41:15 | 000,000,593 | ---- | M] () -- C:\Documents and Settings\BLABLABLA\Pulpit\HWMonitor_x32.exe.lnk [2012-08-19 17:08:33 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\BLABLABLA\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-08-18 23:03:01 | 000,125,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-08-18 22:56:13 | 001,249,600 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2012-08-18 22:56:13 | 000,555,462 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-08-18 22:56:13 | 000,493,190 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-08-18 22:56:13 | 000,104,494 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-08-18 22:56:13 | 000,083,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-08-17 12:03:36 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-08-15 18:10:56 | 000,019,240 | ---- | M] () -- C:\Documents and Settings\BLABLABLA\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2012-08-10 23:32:10 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2012-08-10 23:32:09 | 000,252,936 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2012-08-10 23:31:45 | 000,252,936 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2012-08-10 07:28:35 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\isolate.ini [2012-08-06 22:47:11 | 000,000,304 | ---- | M] () -- C:\user.js [2012-08-06 11:52:27 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\BLABLABLA\Pulpit\Fallout3.exe.lnk [2012-08-06 11:33:54 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Alcohol 120%.lnk [2012-08-06 11:31:36 | 000,685,816 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys [2012-07-31 23:21:16 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\BLABLABLA\fsutil [2012-07-31 21:32:29 | 000,074,703 | ---- | M] () -- C:\WINDOWS\System32\mfc45.dat [2012-07-31 20:47:51 | 000,000,406 | ---- | M] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg [2012-07-31 20:44:42 | 000,074,703 | ---- | M] () -- C:\WINDOWS\System32\mfc45.dll [2012-07-31 17:47:20 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\NetLimiter 2 Monitor.lnk [2012-07-27 19:20:09 | 000,089,599 | ---- | M] () -- D:\BLABLABLA - Moje dokumenty\DK Grzechu.xml [2012-07-27 18:10:27 | 000,087,194 | ---- | M] () -- D:\BLABLABLA - Moje dokumenty\Mag Grzeechu Przerobiony.xml [2012-07-26 23:44:04 | 000,087,149 | ---- | M] () -- D:\BLABLABLA - Moje dokumenty\RAWR MAG Grzeechu.xml [2012-07-26 22:59:46 | 000,000,511 | ---- | M] () -- C:\Documents and Settings\BLABLABLA\Pulpit\Rawr.exe.lnk [2012-07-26 18:52:37 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-07-26 18:52:37 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-20 22:06:09 | 000,577,506 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\Cat.DB [2012-08-20 22:03:42 | 000,007,877 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symnetv.cat [2012-08-20 22:03:42 | 000,007,492 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symds.cat [2012-08-20 22:03:42 | 000,007,458 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symnet.cat [2012-08-20 22:03:42 | 000,007,398 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\srtspx.cat [2012-08-20 22:03:42 | 000,003,435 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symefa.inf [2012-08-20 22:03:42 | 000,002,852 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symds.inf [2012-08-20 22:03:42 | 000,001,469 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symnetv.inf [2012-08-20 22:03:42 | 000,001,441 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symnet.inf [2012-08-20 22:03:42 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\srtspx.inf [2012-08-20 22:03:41 | 000,007,450 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\iron.cat [2012-08-20 22:03:41 | 000,007,446 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\ccsetx86.cat [2012-08-20 22:03:41 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\srtsp.inf [2012-08-20 22:03:41 | 000,000,827 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\ccsetx86.inf [2012-08-20 22:03:41 | 000,000,742 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\iron.inf [2012-08-20 22:03:26 | 000,008,942 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symvtcer.dat [2012-08-20 22:03:26 | 000,007,434 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\symefa.cat [2012-08-20 22:03:25 | 000,007,380 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\srtsp.cat [2012-08-20 22:03:25 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1308000.00E\isolate.ini [2012-08-20 19:16:31 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Connection Manager.lnk [2012-08-20 18:41:18 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\BLABLABLA\Pulpit\HWMonitor_x32.exe.lnk [2012-08-19 14:39:32 | 001,577,920 | -H-- | C] () -- C:\Documents and Settings\BLABLABLA\Ustawienia lokalne\Dane aplikacji\IconCache.db [2012-08-15 18:13:12 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Paint.NET.lnk [2012-08-06 22:47:10 | 000,000,304 | ---- | C] () -- C:\user.js [2012-08-06 22:46:14 | 000,000,316 | ---- | C] () -- C:\WINDOWS\tasks\Your File Updater.job [2012-08-06 11:52:27 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\BLABLABLA\Pulpit\Fallout3.exe.lnk [2012-08-06 11:41:05 | 000,137,872 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2012-08-06 11:33:53 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Alcohol 120%.lnk [2012-08-06 11:31:36 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2012-07-31 23:21:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\BLABLABLA\fsutil [2012-07-31 21:32:29 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dat [2012-07-31 21:17:23 | 000,000,256 | ---- | C] () -- C:\WINDOWS\tasks\NUSchedule.job [2012-07-31 20:47:51 | 000,000,406 | ---- | C] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg [2012-07-31 20:44:42 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll [2012-07-31 17:47:19 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\NetLimiter 2 Monitor.lnk [2012-07-27 18:41:59 | 000,089,599 | ---- | C] () -- D:\BLABLABLA - Moje dokumenty\DK Grzechu.xml [2012-07-27 17:49:13 | 000,087,194 | ---- | C] () -- D:\BLABLABLA - Moje dokumenty\Mag Grzeechu Przerobiony.xml [2012-07-26 23:49:57 | 000,132,066 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2012-07-26 23:01:41 | 000,087,149 | ---- | C] () -- D:\BLABLABLA - Moje dokumenty\RAWR MAG Grzeechu.xml [2012-07-26 22:59:48 | 000,000,511 | ---- | C] () -- C:\Documents and Settings\BLABLABLA\Pulpit\Rawr.exe.lnk [2012-06-14 00:40:47 | 000,015,360 | ---- | C] () -- C:\Documents and Settings\BLABLABLA\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-06-12 00:51:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-06-11 22:24:53 | 001,249,600 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2012-06-11 22:24:52 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-06-11 22:23:48 | 000,125,320 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-06-11 22:13:13 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2012-06-11 20:53:02 | 000,019,240 | ---- | C] () -- C:\Documents and Settings\BLABLABLA\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2012-06-11 20:46:49 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2012-06-11 20:46:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2012-06-11 20:41:21 | 000,252,936 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2012-06-11 20:41:19 | 000,252,936 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2012-06-11 20:41:19 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2012-06-11 20:41:13 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2012-06-11 20:37:48 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\BLABLABLA\ntuser.ini [2012-06-11 20:37:47 | 002,883,584 | ---- | C] () -- C:\Documents and Settings\BLABLABLA\NTUSER.DAT [2012-06-11 20:35:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-06-11 20:33:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2012-06-11 20:32:29 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2012-06-11 20:32:24 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2012-06-11 20:30:53 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2012-06-11 20:30:43 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2012-06-11 20:30:43 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2012-06-11 20:29:46 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2012-06-11 20:29:45 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2010-03-15 19:15:34 | 000,156,430 | R--- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\DeviceManager.xml.rc4 [color=#E56717]========== LOP Check ==========[/color] [2012-08-19 18:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ask [2012-08-06 22:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon [2012-06-11 22:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DriverGenius [2012-08-06 11:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Fallout3 [2012-07-31 22:30:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\iolo [2012-07-31 17:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Locktime [2012-06-26 15:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MDMA [2012-06-11 22:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MTA San Andreas All [2012-08-08 18:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tarma Installer [2012-06-11 20:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Telefónica [2012-07-31 21:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2012-07-29 15:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Vodafone [2012-08-17 17:14:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\.minecraft [2012-06-18 18:11:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\Auslogics [2012-07-07 22:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\BitComet [2012-08-06 22:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\DMCache [2012-08-19 17:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\HD Tune Pro [2012-07-31 17:49:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\Locktime [2012-06-21 01:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\MargonemMapki [2012-08-02 20:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\Nowe Gadu-Gadu [2012-06-22 23:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\OpenOffice.org [2012-06-12 20:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\Soldat [2012-06-11 20:57:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\Telefónica [2012-06-11 20:53:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\Vodafone [2012-08-06 22:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BLABLABLA\Dane aplikacji\YourFileDownloader [2012-06-11 20:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Vodafone [2012-07-31 20:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\iolo [2012-06-11 21:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Vodafone [2012-08-20 19:00:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\NUSchedule.job [2012-08-20 22:06:45 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\Your File Updater.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D3A96964 @Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D287FACF < End of report >