Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.2 Ran by SYSTEM at 2012-01-17 12:59:37 Running from H:\ Windows 7 Home Premium (X64) OS Language: Polish The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x] HKLM\...\Run: [lxctmon.exe] "C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe" [291760 2006-11-22] () HKLM-x32\...\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start [81920 2005-08-11] (Macrovision Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.) Tcpip\..\Interfaces\{33DFCA3C-F4D8-45FA-91B1-27736C4F291C}: [NameServer]8.26.56.26,156.154.70.22 Tcpip\..\Interfaces\{6CD65957-6ED0-438E-B2E8-D5FDFDCF3E03}: [NameServer]193.41.112.18 193.41.112.14 Tcpip\..\Interfaces\{FF5E237A-8074-4BC8-BFED-D5E38163EE29}: [NameServer]193.41.112.18 193.41.112.14 SubSystems: [Windows] ==> ZeroAccess ==================== Services (Whitelisted) ====== 3 Adobe LM Service; "C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" [69632 2010-09-30] (Adobe Systems) 2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe svc [551896 2011-04-14] (Protection Technology) 3 Autodesk Licensing Service; "C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe" [85096 2010-10-15] (Autodesk) 3 FLEXnet Licensing Service 64; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe" [1030600 2010-10-22] (Macrovision Europe Ltd.) 2 lxct_device; C:\Windows\system32\lxctcoms.exe -service [566192 2006-11-22] ( ) 2 mi-raysat_3dsmax2010_64; "C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe" [86016 2009-03-12] () 2 ProtexisLicensing; "C:\Program Files (x86)\Common Files\Protexis\License Service\PSIService.exe" [174656 2006-11-02] () 2 tosrfhid; C:\Windows\System32\WinVd32.dll [5120 2009-07-14] (Iomega) ========================== Drivers (Whitelisted) ============= 3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [140160 2006-12-20] (QUALCOMM Incorporated) 1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [2715824 2011-04-14] (Protection Technology) 3 AtcL001; C:\Windows\System32\DRIVERS\l160x64.sys [61440 2009-10-13] (Atheros Communications, Inc.) 3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-14] (Microsoft Corporation) 3 LHidFilt; C:\Windows\System32\DRIVERS\LHidFilt.Sys [54800 2008-02-29] (Logitech, Inc.) 3 LMouFilt; C:\Windows\System32\DRIVERS\LMouFilt.Sys [57360 2008-02-29] (Logitech, Inc.) 3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () 0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-03-02] (Duplex Secure Ltd.) 3 catchme; \??\C:\ComboFix\catchme.sys [x] ========================== NetSvcs (Whitelisted) =========== NETSVC: tosrfhid ============ One Month Created Files and Folders ============== 2012-01-16 23:55 - 2012-01-16 23:55 - 0020098 ____A C:\Users\user\Desktop\ComboFix2.txt 2012-01-16 23:52 - 2012-01-16 23:52 - 0020098 ____A C:\ComboFix.txt 2012-01-16 23:25 - 2012-01-16 23:25 - 0017170 ____A C:\Users\user\Desktop\ComboFix.txt 2012-01-16 23:19 - 2011-06-26 07:45 - 0256000 ____A C:\Windows\PEV.exe 2012-01-16 23:19 - 2010-11-07 18:20 - 0208896 ____A C:\Windows\MBR.exe 2012-01-16 23:19 - 2009-04-20 05:56 - 0060416 ____A (NirSoft) C:\Windows\NIRCMD.exe 2012-01-16 23:19 - 2000-08-31 01:00 - 0518144 ____A (SteelWerX) C:\Windows\SWREG.exe 2012-01-16 23:19 - 2000-08-31 01:00 - 0406528 ____A (SteelWerX) C:\Windows\SWSC.exe 2012-01-16 23:19 - 2000-08-31 01:00 - 0098816 ____A C:\Windows\sed.exe 2012-01-16 23:19 - 2000-08-31 01:00 - 0080412 ____A C:\Windows\grep.exe 2012-01-16 23:19 - 2000-08-31 01:00 - 0068096 ____A C:\Windows\zip.exe 2012-01-16 23:11 - 2012-01-16 23:11 - 230630450 ____A C:\Windows\MEMORY.DMP 2012-01-16 23:11 - 2012-01-16 23:11 - 0271408 ____A C:\Windows\Minidump\011612-28844-01.dmp 2012-01-16 23:03 - 2012-01-16 23:03 - 0271408 ____A C:\Windows\Minidump\011612-19983-01.dmp 2012-01-16 23:01 - 2012-01-16 23:01 - 0271408 ____A C:\Windows\Minidump\011612-31059-01.dmp 2012-01-16 22:58 - 2012-01-16 22:58 - 0271408 ____A C:\Windows\Minidump\011612-31137-01.dmp 2012-01-16 22:34 - 2012-01-16 22:34 - 0271408 ____A C:\Windows\Minidump\011612-19874-01.dmp 2012-01-16 22:32 - 2012-01-17 09:32 - 1039240 ____A C:\Windows\ntbtlog.txt 2012-01-16 22:21 - 2012-01-16 22:21 - 0000000 ____D C:\Users\user\Desktop\OLD 2012-01-16 22:20 - 2012-01-16 22:20 - 0000103 ____A C:\Users\user\Desktop\etap2.txt 2012-01-16 22:12 - 2012-01-16 22:12 - 0008152 ____A C:\Users\user\Desktop\FIX.REG 2012-01-16 19:39 - 2012-01-16 23:48 - 0003342 ____A C:\Windows\PFRO.log 2012-01-16 19:39 - 2012-01-16 23:48 - 0000392 ____A C:\Windows\setupact.log 2012-01-16 19:39 - 2012-01-16 19:39 - 0000000 ____A C:\Windows\setuperr.log 2012-01-16 18:53 - 2012-01-16 23:44 - 4385658 ____R (Swearware) C:\Users\user\Desktop\ComboFix.exe 2012-01-16 18:43 - 2012-01-16 23:52 - 0000000 ____D C:\Qoobox 2012-01-16 15:39 - 2012-01-16 15:39 - 0000000 ____D C:\Users\All Users\CPA_VA 2012-01-16 15:39 - 2012-01-16 15:39 - 0000000 ____D C:\ProgramData\CPA_VA 2012-01-16 15:38 - 2012-01-16 18:29 - 0000000 ____D C:\Users\Public\Documents\COMODO 2012-01-16 14:17 - 2012-01-16 22:30 - 1474832 ____A C:\Windows\System32\Drivers\sfi.dat 2012-01-16 14:16 - 2012-01-16 18:31 - 0000000 ____D C:\Program Files (x86)\Comodo 2012-01-16 14:16 - 2012-01-16 14:16 - 1700352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll 2012-01-16 14:06 - 2012-01-16 14:13 - 63042984 ____A (COMODO) C:\Users\user\Downloads\cav_installer_x64.exe 2012-01-16 13:52 - 2009-07-14 01:00 - 0006656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\beep.sys_old 2012-01-16 10:54 - 2012-01-16 10:54 - 0156868 ____A C:\Users\user\Downloads\CLT.zip 2012-01-16 05:08 - 2012-01-16 20:07 - 0085796 ____A C:\Users\user\Downloads\OTL.Txt 2012-01-16 05:04 - 2012-01-16 05:05 - 0584192 ____A (OldTimer Tools) C:\Users\user\Downloads\OTL.exe 2012-01-16 00:45 - 2012-01-16 00:45 - 0001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-01-16 00:45 - 2012-01-16 00:45 - 0000000 ____D C:\Users\user\AppData\Roaming\Malwarebytes 2012-01-16 00:45 - 2012-01-16 00:45 - 0000000 ____D C:\Users\All Users\Malwarebytes 2012-01-16 00:45 - 2012-01-16 00:45 - 0000000 ____D C:\ProgramData\Malwarebytes 2012-01-16 00:45 - 2012-01-16 00:45 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-01-16 00:45 - 2011-12-10 15:24 - 0023152 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2012-01-16 00:42 - 2012-01-16 00:44 - 10847608 ____A (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-1.60.0.1800.exe 2012-01-16 00:29 - 2012-01-16 00:30 - 0000000 ____D C:\Program Files (x86)\Eusing Free Registry Cleaner 2012-01-16 00:29 - 2012-01-16 00:29 - 0001059 ____A C:\Users\user\Desktop\Eusing Free Registry Cleaner.lnk 2012-01-16 00:29 - 2012-01-16 00:29 - 0001059 ____A C:\Users\UpdatusUser\Desktop\Eusing Free Registry Cleaner.lnk 2012-01-16 00:28 - 2012-01-16 00:28 - 0977520 ____A C:\Users\user\Downloads\EFRCSetup.exe 2012-01-16 00:25 - 2012-01-16 00:26 - 0542658 ____A C:\Users\user\Documents\cc_20120116_002543.reg 2012-01-16 00:22 - 2012-01-16 00:22 - 0000828 ____A C:\Users\Public\Desktop\CCleaner.lnk 2012-01-16 00:22 - 2012-01-16 00:22 - 0000000 ____D C:\Program Files\CCleaner 2012-01-16 00:20 - 2012-01-16 23:49 - 0001040 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-01-16 00:20 - 2012-01-16 23:30 - 0001044 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2012-01-16 00:20 - 2012-01-16 00:25 - 0000000 ____D C:\Program Files (x86)\Google 2012-01-16 00:20 - 2012-01-16 00:20 - 0000000 ____D C:\Users\user\AppData\Local\Google 2012-01-16 00:17 - 2012-01-16 00:18 - 3562624 ____A (Piriform Ltd) C:\Users\user\Downloads\ccsetup314.exe 2012-01-13 23:01 - 2012-01-13 23:01 - 0129335 ____A C:\Users\user\Downloads\Wozki_spacerowe_Camaro_04.jpg 2012-01-11 23:49 - 2012-01-11 23:49 - 0000000 ____D C:\Users\user\Downloads\Ant Videos 2012-01-11 23:34 - 2012-01-11 23:34 - 0000000 ____D C:\Users\user\AppData\Roaming\NVIDIA 2012-01-11 23:31 - 2012-01-11 23:31 - 0002054 ____A C:\Users\user\Desktop\e-pity2011.lnk 2012-01-11 23:31 - 2012-01-11 23:31 - 0000000 ____D C:\Users\user\AppData\Roaming\e-pity 2012-01-11 23:13 - 2012-01-11 23:13 - 0000020 ___SH C:\Users\UpdatusUser\ntuser.ini 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Ustawienia lokalne 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Szablony 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\PrintHood 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\NetHood 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Moje dokumenty 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Menu Start 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Documents\Moje wideo 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Documents\Moje obrazy 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Documents\Moja muzyka 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Dane aplikacji 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Temporary Internet Files 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Historia 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Dane aplikacji 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 ____D C:\Users\UpdatusUser\AppData\LocalLow 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 ____D C:\users\UpdatusUser 2012-01-11 23:13 - 2012-01-02 13:48 - 0000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia 2012-01-11 23:13 - 2009-07-14 19:09 - 0000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Media Center Programs 2012-01-11 23:12 - 2011-10-15 09:53 - 7581504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 5578560 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 2542912 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 24796992 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 24742720 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 2401088 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 2232128 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 2099520 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 18871616 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 17248576 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 15693120 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 1533248 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco64.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 1454400 ____A (NVIDIA Corporation) C:\Windows\System32\nvgenco64.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 12971840 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys 2012-01-11 23:12 - 2011-10-15 09:53 - 0068928 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll 2012-01-11 23:12 - 2011-10-15 09:53 - 0061248 ____A (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2012-01-11 23:11 - 2012-01-11 23:11 - 0000000 ____D C:\NVIDIA 2012-01-11 22:46 - 2012-01-11 23:08 - 155182440 ____A (NVIDIA Corporation) C:\Users\user\Downloads\285.62-desktop-win7-winvista-64bit-english-whql.exe 2012-01-11 22:40 - 2012-01-11 22:40 - 0001188 ____A C:\Users\Public\Desktop\Switch to Gaming Mode.lnk 2012-01-11 22:40 - 2012-01-11 22:40 - 0000000 ____D C:\Users\All Users\IObit 2012-01-11 22:40 - 2012-01-11 22:40 - 0000000 ____D C:\ProgramData\IObit 2012-01-11 22:40 - 2012-01-11 22:40 - 0000000 ____D C:\Program Files (x86)\IObit 2012-01-11 22:39 - 2012-01-11 22:39 - 0000000 ____D C:\Windows\pss 2012-01-11 22:35 - 2012-01-11 22:36 - 5798832 ____A (IObit ) C:\Users\user\Downloads\gamebooster.exe 2012-01-11 16:07 - 2012-01-11 16:07 - 0004286 ____A C:\Users\user\Documents\v9.ico 2012-01-11 16:07 - 2012-01-11 16:07 - 0001150 ____A C:\Users\user\Documents\337_16.ico 2012-01-11 16:07 - 2012-01-11 16:07 - 0001144 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\system.tmp.LOG2 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\system.tmp.LOG1 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\software.tmp.LOG2 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\software.tmp.LOG1 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\security.tmp.LOG2 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\security.tmp.LOG1 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\sam.tmp.LOG2 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\sam.tmp.LOG1 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\default.tmp.LOG2 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\default.tmp.LOG1 2012-01-11 15:39 - 2012-01-16 23:47 - 0000000 ____D C:\Windows\ERDNT 2012-01-11 10:59 - 2012-01-11 10:59 - 0000000 ____D C:\Users\user\AppData\Local\ESET 2012-01-11 10:46 - 2012-01-11 10:46 - 0000000 ____D C:\Users\All Users\Avira 2012-01-11 10:46 - 2012-01-11 10:46 - 0000000 ____D C:\ProgramData\Avira 2012-01-11 10:46 - 2012-01-11 10:46 - 0000000 ____D C:\Program Files (x86)\Avira 2012-01-11 10:46 - 2011-12-15 15:00 - 0130760 ____A (Avira GmbH) C:\Windows\System32\Drivers\avipbb.sys 2012-01-11 10:46 - 2011-12-15 15:00 - 0097312 ____A (Avira GmbH) C:\Windows\System32\Drivers\avgntflt.sys 2012-01-11 10:46 - 2011-12-15 15:00 - 0027760 ____A (Avira GmbH) C:\Windows\System32\Drivers\avkmgr.sys 2012-01-11 10:43 - 2012-01-11 10:48 - 57517056 ____A C:\Users\user\Downloads\eav_nt64_plk.msi 2012-01-11 10:35 - 2012-01-11 10:44 - 87264656 ____A C:\Users\user\Downloads\avira_free_antivirus_en.exe 2012-01-11 10:34 - 2011-12-07 11:44 - 52988224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe 2012-01-11 10:33 - 2012-01-11 10:34 - 15161664 ____A (Microsoft Corporation) C:\Users\user\Downloads\windows-kb890830-v4.3.exe 2012-01-11 09:34 - 2011-11-19 15:58 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll 2012-01-11 09:34 - 2011-11-19 15:01 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2012-01-11 09:34 - 2011-11-17 07:41 - 1731920 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll 2012-01-11 09:34 - 2011-11-17 06:38 - 1292080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2012-01-11 09:34 - 2011-10-26 06:25 - 1572864 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll 2012-01-11 09:34 - 2011-10-26 06:25 - 0366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll 2012-01-11 09:34 - 2011-10-26 05:32 - 1328128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2012-01-11 09:34 - 2011-10-26 05:32 - 0514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2012-01-11 09:34 - 2011-10-14 06:31 - 0918528 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-01-11 09:34 - 2011-10-14 05:24 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-01-06 13:45 - 2012-01-06 13:45 - 0000000 ____D C:\Users\user\AppData\Local\Apps\2.0 2012-01-06 02:52 - 2012-01-06 02:53 - 8210724 ____A C:\Users\user\Downloads\a53177842cb09c9c32baec23f0c62fa2.zip 2012-01-05 19:53 - 2012-01-05 19:53 - 0000655 ____A C:\Users\user\Desktop\PETER — skrót.lnk 2012-01-02 16:07 - 2012-01-02 16:07 - 0672474 ____A C:\Users\user\Downloads\ofertadniaw2a.pdf 2012-01-02 16:06 - 2012-01-02 16:06 - 0629170 ____A C:\Users\user\Downloads\oferta dnia w1.pdf 2012-01-02 13:52 - 2012-01-11 23:23 - 0000000 ____D C:\Users\user\AppData\Roaming\Applian FLV and Media Player 2012-01-02 13:49 - 2012-01-02 13:56 - 0000000 ____D C:\Program Files (x86)\fliptoast 2012-01-02 13:49 - 2012-01-02 13:49 - 0000995 ____A C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fliptoast.lnk 2012-01-02 13:49 - 2012-01-02 13:49 - 0000000 ____D C:\Users\user\AppData\Roaming\com.w3i.FlipToast 2012-01-02 13:49 - 2012-01-02 13:49 - 0000000 ____D C:\Program Files (x86)\Applian Technologies 2012-01-02 13:48 - 2012-01-02 13:48 - 0000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2012-01-02 13:48 - 2012-01-02 13:48 - 0000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2012-01-01 22:45 - 2012-01-01 22:45 - 2606837 ____A C:\Users\user\Downloads\ODYSSEY_VICTORY_PUBLIKACJA.pdf 2011-12-29 20:44 - 2011-12-29 20:44 - 0213169 ____A C:\Users\user\Downloads\imazi.pdf 2011-12-28 16:18 - 2011-12-28 16:18 - 1065380 ____A C:\Users\user\Downloads\oferta_06_12_2011.pdf 2011-12-28 15:13 - 2011-12-28 15:13 - 0355833 ____A C:\Users\user\Downloads\skiferlim_20_kg_(endret_fra_steinlim)_pl1kv.sikret.pdf 2011-12-21 13:49 - 2011-12-21 13:49 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2011-12-21 00:23 - 2011-12-21 00:23 - 0024306 ____A C:\Users\user\Downloads\Wet Fingers - Turn Me On _www.mp3q.pl_.mp3 ============ 3 Months Modified Files and Folders ============= 2012-01-17 12:59 - 2012-01-17 12:59 - 0000000 ____D C:\FRST 2012-01-17 12:31 - 2002-01-01 05:09 - 3220529152 __ASH C:\hiberfil.sys 2012-01-17 09:32 - 2012-01-16 22:32 - 1039240 ____A C:\Windows\ntbtlog.txt 2012-01-17 00:26 - 2010-09-14 18:36 - 1702358 ____A C:\Windows\WindowsUpdate.log 2012-01-17 00:26 - 2009-07-14 05:45 - 0014832 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-01-17 00:26 - 2009-07-14 05:45 - 0014832 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-01-16 23:56 - 2010-10-13 15:40 - 0000334 ____A C:\Windows\red_dialer.ini 2012-01-16 23:55 - 2012-01-16 23:55 - 0020098 ____A C:\Users\user\Desktop\ComboFix2.txt 2012-01-16 23:52 - 2012-01-16 23:52 - 0020098 ____A C:\ComboFix.txt 2012-01-16 23:52 - 2012-01-16 18:43 - 0000000 ____D C:\Qoobox 2012-01-16 23:49 - 2012-01-16 00:20 - 0001040 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-01-16 23:49 - 2009-07-14 03:34 - 0000215 ____A C:\Windows\system.ini 2012-01-16 23:49 - 2009-07-14 03:34 - 0000027 ____A C:\Windows\System32\Drivers\etc\hosts 2012-01-16 23:48 - 2012-01-16 19:39 - 0003342 ____A C:\Windows\PFRO.log 2012-01-16 23:48 - 2012-01-16 19:39 - 0000392 ____A C:\Windows\setupact.log 2012-01-16 23:48 - 2010-09-26 23:42 - 0000000 ____D C:\Users\All Users\NVIDIA 2012-01-16 23:48 - 2010-09-26 23:42 - 0000000 ____D C:\ProgramData\NVIDIA 2012-01-16 23:48 - 2009-07-14 06:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT 2012-01-16 23:48 - 2009-07-14 03:34 - 61079552 ____A C:\Windows\System32\config\software.bak 2012-01-16 23:48 - 2009-07-14 03:34 - 18087936 ____A C:\Windows\System32\config\system.bak 2012-01-16 23:48 - 2009-07-14 03:34 - 0262144 ____A C:\Windows\System32\config\security.bak 2012-01-16 23:48 - 2009-07-14 03:34 - 0258048 ____A C:\Windows\System32\config\default.bak 2012-01-16 23:48 - 2009-07-14 03:34 - 0061440 ____A C:\Windows\System32\config\sam.bak 2012-01-16 23:47 - 2012-01-11 15:39 - 0000000 ____D C:\Windows\ERDNT 2012-01-16 23:44 - 2012-01-16 18:53 - 4385658 ____R (Swearware) C:\Users\user\Desktop\ComboFix.exe 2012-01-16 23:30 - 2012-01-16 00:20 - 0001044 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2012-01-16 23:25 - 2012-01-16 23:25 - 0017170 ____A C:\Users\user\Desktop\ComboFix.txt 2012-01-16 23:11 - 2012-01-16 23:11 - 230630450 ____A C:\Windows\MEMORY.DMP 2012-01-16 23:11 - 2012-01-16 23:11 - 0271408 ____A C:\Windows\Minidump\011612-28844-01.dmp 2012-01-16 23:11 - 2010-10-21 18:50 - 0000000 ____D C:\Windows\Minidump 2012-01-16 23:03 - 2012-01-16 23:03 - 0271408 ____A C:\Windows\Minidump\011612-19983-01.dmp 2012-01-16 23:01 - 2012-01-16 23:01 - 0271408 ____A C:\Windows\Minidump\011612-31059-01.dmp 2012-01-16 22:58 - 2012-01-16 22:58 - 0271408 ____A C:\Windows\Minidump\011612-31137-01.dmp 2012-01-16 22:34 - 2012-01-16 22:34 - 0271408 ____A C:\Windows\Minidump\011612-19874-01.dmp 2012-01-16 22:30 - 2012-01-16 14:17 - 1474832 ____A C:\Windows\System32\Drivers\sfi.dat 2012-01-16 22:21 - 2012-01-16 22:21 - 0000000 ____D C:\Users\user\Desktop\OLD 2012-01-16 22:20 - 2012-01-16 22:20 - 0000103 ____A C:\Users\user\Desktop\etap2.txt 2012-01-16 22:12 - 2012-01-16 22:12 - 0008152 ____A C:\Users\user\Desktop\FIX.REG 2012-01-16 20:07 - 2012-01-16 05:08 - 0085796 ____A C:\Users\user\Downloads\OTL.Txt 2012-01-16 19:39 - 2012-01-16 19:39 - 0000000 ____A C:\Windows\setuperr.log 2012-01-16 18:31 - 2012-01-16 14:16 - 0000000 ____D C:\Program Files (x86)\Comodo 2012-01-16 18:29 - 2012-01-16 15:38 - 0000000 ____D C:\Users\Public\Documents\COMODO 2012-01-16 15:39 - 2012-01-16 15:39 - 0000000 ____D C:\Users\All Users\CPA_VA 2012-01-16 15:39 - 2012-01-16 15:39 - 0000000 ____D C:\ProgramData\CPA_VA 2012-01-16 14:16 - 2012-01-16 14:16 - 1700352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll 2012-01-16 14:13 - 2012-01-16 14:06 - 63042984 ____A (COMODO) C:\Users\user\Downloads\cav_installer_x64.exe 2012-01-16 13:52 - 2010-09-26 23:12 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox 2012-01-16 13:52 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\system 2012-01-16 13:18 - 2010-10-22 16:08 - 0000000 ____D C:\Users\user\AppData\Roaming\ArcaMicroScan 2012-01-16 10:54 - 2012-01-16 10:54 - 0156868 ____A C:\Users\user\Downloads\CLT.zip 2012-01-16 09:55 - 2010-12-28 01:09 - 0000000 ____D C:\Users\user\AppData\Roaming\ArcaVirMicroScan 2012-01-16 09:55 - 2010-12-28 01:09 - 0000000 ____D C:\Program Files\ArcaVirMicroScan 2012-01-16 09:47 - 2009-07-14 18:55 - 0697896 ____A C:\Windows\System32\perfh015.dat 2012-01-16 09:47 - 2009-07-14 18:55 - 0135006 ____A C:\Windows\System32\perfc015.dat 2012-01-16 09:47 - 2009-07-14 06:13 - 1549932 ____A C:\Windows\System32\PerfStringBackup.INI 2012-01-16 05:05 - 2012-01-16 05:04 - 0584192 ____A (OldTimer Tools) C:\Users\user\Downloads\OTL.exe 2012-01-16 00:45 - 2012-01-16 00:45 - 0001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-01-16 00:45 - 2012-01-16 00:45 - 0000000 ____D C:\Users\user\AppData\Roaming\Malwarebytes 2012-01-16 00:45 - 2012-01-16 00:45 - 0000000 ____D C:\Users\All Users\Malwarebytes 2012-01-16 00:45 - 2012-01-16 00:45 - 0000000 ____D C:\ProgramData\Malwarebytes 2012-01-16 00:45 - 2012-01-16 00:45 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-01-16 00:44 - 2012-01-16 00:42 - 10847608 ____A (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-1.60.0.1800.exe 2012-01-16 00:30 - 2012-01-16 00:29 - 0000000 ____D C:\Program Files (x86)\Eusing Free Registry Cleaner 2012-01-16 00:29 - 2012-01-16 00:29 - 0001059 ____A C:\Users\user\Desktop\Eusing Free Registry Cleaner.lnk 2012-01-16 00:29 - 2012-01-16 00:29 - 0001059 ____A C:\Users\UpdatusUser\Desktop\Eusing Free Registry Cleaner.lnk 2012-01-16 00:28 - 2012-01-16 00:28 - 0977520 ____A C:\Users\user\Downloads\EFRCSetup.exe 2012-01-16 00:26 - 2012-01-16 00:25 - 0542658 ____A C:\Users\user\Documents\cc_20120116_002543.reg 2012-01-16 00:25 - 2012-01-16 00:20 - 0000000 ____D C:\Program Files (x86)\Google 2012-01-16 00:24 - 2010-09-14 19:32 - 0000000 ____D C:\Windows\Panther 2012-01-16 00:24 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\ModemLogs 2012-01-16 00:22 - 2012-01-16 00:22 - 0000828 ____A C:\Users\Public\Desktop\CCleaner.lnk 2012-01-16 00:22 - 2012-01-16 00:22 - 0000000 ____D C:\Program Files\CCleaner 2012-01-16 00:20 - 2012-01-16 00:20 - 0000000 ____D C:\Users\user\AppData\Local\Google 2012-01-16 00:18 - 2012-01-16 00:17 - 3562624 ____A (Piriform Ltd) C:\Users\user\Downloads\ccsetup314.exe 2012-01-13 23:01 - 2012-01-13 23:01 - 0129335 ____A C:\Users\user\Downloads\Wozki_spacerowe_Camaro_04.jpg 2012-01-12 20:29 - 2010-09-27 10:35 - 0000000 ____D C:\Users\user\Graphisoft 2012-01-12 13:24 - 2010-09-30 18:53 - 0002828 __ASH C:\Windows\SysWOW64\KGyGaAvL.sys 2012-01-12 01:40 - 2010-09-27 00:00 - 54008112 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2012-01-11 23:49 - 2012-01-11 23:49 - 0000000 ____D C:\Users\user\Downloads\Ant Videos 2012-01-11 23:34 - 2012-01-11 23:34 - 0000000 ____D C:\Users\user\AppData\Roaming\NVIDIA 2012-01-11 23:31 - 2012-01-11 23:31 - 0002054 ____A C:\Users\user\Desktop\e-pity2011.lnk 2012-01-11 23:31 - 2012-01-11 23:31 - 0000000 ____D C:\Users\user\AppData\Roaming\e-pity 2012-01-11 23:31 - 2011-03-11 22:29 - 0000000 ____D C:\Program Files (x86)\e-file 2012-01-11 23:23 - 2012-01-02 13:52 - 0000000 ____D C:\Users\user\AppData\Roaming\Applian FLV and Media Player 2012-01-11 23:14 - 2011-02-16 18:36 - 0000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2012-01-11 23:13 - 2012-01-11 23:13 - 0000020 ___SH C:\Users\UpdatusUser\ntuser.ini 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Ustawienia lokalne 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Szablony 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\PrintHood 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\NetHood 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Moje dokumenty 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Menu Start 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Documents\Moje wideo 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Documents\Moje obrazy 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Documents\Moja muzyka 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\Dane aplikacji 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Temporary Internet Files 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Historia 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Dane aplikacji 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 ____D C:\Users\UpdatusUser\AppData\LocalLow 2012-01-11 23:13 - 2012-01-11 23:13 - 0000000 ____D C:\users\UpdatusUser 2012-01-11 23:13 - 2010-09-27 00:15 - 0000000 ____D C:\Program Files\NVIDIA Corporation 2012-01-11 23:11 - 2012-01-11 23:11 - 0000000 ____D C:\NVIDIA 2012-01-11 23:08 - 2012-01-11 22:46 - 155182440 ____A (NVIDIA Corporation) C:\Users\user\Downloads\285.62-desktop-win7-winvista-64bit-english-whql.exe 2012-01-11 22:41 - 2011-05-19 21:48 - 0000000 ____D C:\Users\user\AppData\Local\Microsoft Games 2012-01-11 22:40 - 2012-01-11 22:40 - 0001188 ____A C:\Users\Public\Desktop\Switch to Gaming Mode.lnk 2012-01-11 22:40 - 2012-01-11 22:40 - 0000000 ____D C:\Users\All Users\IObit 2012-01-11 22:40 - 2012-01-11 22:40 - 0000000 ____D C:\ProgramData\IObit 2012-01-11 22:40 - 2012-01-11 22:40 - 0000000 ____D C:\Program Files (x86)\IObit 2012-01-11 22:39 - 2012-01-11 22:39 - 0000000 ____D C:\Windows\pss 2012-01-11 22:36 - 2012-01-11 22:35 - 5798832 ____A (IObit ) C:\Users\user\Downloads\gamebooster.exe 2012-01-11 22:26 - 2010-09-26 22:51 - 0000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics 2012-01-11 16:07 - 2012-01-11 16:07 - 0004286 ____A C:\Users\user\Documents\v9.ico 2012-01-11 16:07 - 2012-01-11 16:07 - 0001150 ____A C:\Users\user\Documents\337_16.ico 2012-01-11 16:07 - 2012-01-11 16:07 - 0001144 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk 2012-01-11 16:07 - 2010-09-26 23:12 - 0000000 ____D C:\Users\user\AppData\Roaming\Mozilla 2012-01-11 15:52 - 2009-07-14 04:20 - 0000000 __RHD C:\users\Default 2012-01-11 15:52 - 2009-07-14 04:20 - 0000000 ___RD C:\users\Public 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\system.tmp.LOG2 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\system.tmp.LOG1 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\software.tmp.LOG2 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\software.tmp.LOG1 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\security.tmp.LOG2 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\security.tmp.LOG1 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\sam.tmp.LOG2 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\sam.tmp.LOG1 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\default.tmp.LOG2 2012-01-11 15:45 - 2012-01-11 15:45 - 0000000 __ASH C:\Windows\System32\config\default.tmp.LOG1 2012-01-11 15:44 - 2010-09-14 18:43 - 0000000 ____D C:\users\user 2012-01-11 14:41 - 2009-07-14 06:08 - 0032608 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2012-01-11 10:59 - 2012-01-11 10:59 - 0000000 ____D C:\Users\user\AppData\Local\ESET 2012-01-11 10:50 - 2010-09-14 18:43 - 0000000 ____D C:\Users\user\AppData\LocalLow 2012-01-11 10:48 - 2012-01-11 10:43 - 57517056 ____A C:\Users\user\Downloads\eav_nt64_plk.msi 2012-01-11 10:46 - 2012-01-11 10:46 - 0000000 ____D C:\Users\All Users\Avira 2012-01-11 10:46 - 2012-01-11 10:46 - 0000000 ____D C:\ProgramData\Avira 2012-01-11 10:46 - 2012-01-11 10:46 - 0000000 ____D C:\Program Files (x86)\Avira 2012-01-11 10:44 - 2012-01-11 10:35 - 87264656 ____A C:\Users\user\Downloads\avira_free_antivirus_en.exe 2012-01-11 10:34 - 2012-01-11 10:33 - 15161664 ____A (Microsoft Corporation) C:\Users\user\Downloads\windows-kb890830-v4.3.exe 2012-01-10 19:46 - 2010-09-30 15:59 - 0000000 ____D C:\Users\user\AppData\Roaming\Abvent_Artlantis3 2012-01-06 13:45 - 2012-01-06 13:45 - 0000000 ____D C:\Users\user\AppData\Local\Apps\2.0 2012-01-06 02:53 - 2012-01-06 02:52 - 8210724 ____A C:\Users\user\Downloads\a53177842cb09c9c32baec23f0c62fa2.zip 2012-01-05 19:53 - 2012-01-05 19:53 - 0000655 ____A C:\Users\user\Desktop\PETER — skrót.lnk 2012-01-02 16:18 - 2011-08-09 22:21 - 0000000 ____D C:\Users\user\AppData\Roaming\Audacity 2012-01-02 16:07 - 2012-01-02 16:07 - 0672474 ____A C:\Users\user\Downloads\ofertadniaw2a.pdf 2012-01-02 16:06 - 2012-01-02 16:06 - 0629170 ____A C:\Users\user\Downloads\oferta dnia w1.pdf 2012-01-02 13:56 - 2012-01-02 13:49 - 0000000 ____D C:\Program Files (x86)\fliptoast 2012-01-02 13:49 - 2012-01-02 13:49 - 0000995 ____A C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fliptoast.lnk 2012-01-02 13:49 - 2012-01-02 13:49 - 0000000 ____D C:\Users\user\AppData\Roaming\com.w3i.FlipToast 2012-01-02 13:49 - 2012-01-02 13:49 - 0000000 ____D C:\Program Files (x86)\Applian Technologies 2012-01-02 13:49 - 2010-09-30 17:06 - 0000000 ____D C:\Users\All Users\Adobe 2012-01-02 13:49 - 2010-09-30 17:06 - 0000000 ____D C:\ProgramData\Adobe 2012-01-02 13:48 - 2012-01-11 23:13 - 0000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia 2012-01-02 13:48 - 2012-01-02 13:48 - 0000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2012-01-02 13:48 - 2012-01-02 13:48 - 0000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2012-01-02 13:48 - 2010-09-30 17:08 - 0000000 ____D C:\Users\user\AppData\Local\Adobe 2012-01-02 13:48 - 2010-09-30 17:06 - 0000000 ____D C:\Program Files (x86)\Adobe 2012-01-02 13:48 - 2010-09-26 23:10 - 0000000 ____D C:\Users\user\AppData\Roaming\Adobe 2012-01-01 22:45 - 2012-01-01 22:45 - 2606837 ____A C:\Users\user\Downloads\ODYSSEY_VICTORY_PUBLIKACJA.pdf 2011-12-29 20:44 - 2011-12-29 20:44 - 0213169 ____A C:\Users\user\Downloads\imazi.pdf 2011-12-28 16:18 - 2011-12-28 16:18 - 1065380 ____A C:\Users\user\Downloads\oferta_06_12_2011.pdf 2011-12-28 15:13 - 2011-12-28 15:13 - 0355833 ____A C:\Users\user\Downloads\skiferlim_20_kg_(endret_fra_steinlim)_pl1kv.sikret.pdf 2011-12-21 13:49 - 2011-12-21 13:49 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2011-12-21 00:23 - 2011-12-21 00:23 - 0024306 ____A C:\Users\user\Downloads\Wet Fingers - Turn Me On _www.mp3q.pl_.mp3 2011-12-18 13:43 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\rescache 2011-12-15 20:53 - 2011-12-15 20:53 - 0074137 ____A C:\Users\user\Downloads\regulamin.pdf 2011-12-15 15:00 - 2012-01-11 10:46 - 0130760 ____A (Avira GmbH) C:\Windows\System32\Drivers\avipbb.sys 2011-12-15 15:00 - 2012-01-11 10:46 - 0097312 ____A (Avira GmbH) C:\Windows\System32\Drivers\avgntflt.sys 2011-12-15 15:00 - 2012-01-11 10:46 - 0027760 ____A (Avira GmbH) C:\Windows\System32\Drivers\avkmgr.sys 2011-12-14 20:23 - 2009-07-14 05:45 - 0377256 ____A C:\Windows\System32\FNTCACHE.DAT 2011-12-14 20:19 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\SysWOW64\pl-PL 2011-12-14 20:19 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\System32\pl-PL 2011-12-12 10:15 - 2011-12-12 10:15 - 5087726 ____A C:\Users\user\Downloads\S7_BCz_wariant1_Kielpin.pdf 2011-12-12 10:09 - 2011-12-12 10:09 - 4482827 ____A C:\Users\user\Downloads\S7_BCz_wariant2_Kolejowa.pdf 2011-12-11 21:10 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\System32\NDF 2011-12-10 15:24 - 2012-01-16 00:45 - 0023152 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2011-12-09 23:47 - 2011-12-09 23:47 - 0812579 ____A C:\Users\user\Downloads\Lomianki_2-3.pdf 2011-12-09 23:19 - 2011-12-09 23:19 - 5774085 ____A C:\Users\user\Downloads\brukowa_przebudowa_ronda_08_11_2011.pdf 2011-12-09 23:09 - 2011-12-09 23:09 - 1718030 ____A C:\Users\user\Downloads\096_3) INFORMACJA DLA WYKONAWCÓW.pdf 2011-12-07 11:44 - 2012-01-11 10:34 - 52988224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe 2011-11-27 22:00 - 2011-11-27 21:59 - 0050597 ____A C:\Users\user\Graphic1.JPG 2011-11-24 05:52 - 2011-12-14 13:21 - 3145216 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2011-11-23 13:33 - 2011-05-29 08:56 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2011-11-21 13:32 - 2010-10-21 21:29 - 0001064 ____A C:\Users\Public\Desktop\Tikkurila Colours.lnk 2011-11-21 13:32 - 2010-10-21 21:29 - 0000000 ____D C:\Program Files (x86)\Tikkurila Colours 2011-11-21 00:24 - 2011-11-21 00:24 - 0748174 ____A C:\Users\user\Downloads\Przycisk PL1 1-funkcyjny biały (do stelaży PRO).pdf 2011-11-20 19:59 - 2011-11-20 19:58 - 8623453 ____A C:\Users\user\Downloads\ulotka-baterie-lazienkowe.pdf 2011-11-20 19:50 - 2011-11-20 19:50 - 0275393 ____A C:\Users\user\Downloads\dupa.zip 2011-11-20 19:45 - 2011-11-20 19:45 - 1348594 ____A C:\Users\user\Downloads\baty chopina.zip 2011-11-20 19:37 - 2011-11-20 19:37 - 0118281 ____A C:\Users\user\Downloads\mu6110.dwg 2011-11-20 17:50 - 2011-11-20 17:50 - 0039406 ____A C:\Users\user\Downloads\cubic era bid.zip 2011-11-20 17:48 - 2011-11-20 17:48 - 0042396 ____A C:\Users\user\Downloads\cubic era.zip 2011-11-20 10:24 - 2011-11-20 10:24 - 0614100 ____A C:\Users\user\Downloads\XWP1171-pdf.zip 2011-11-20 10:04 - 2011-11-20 10:04 - 0134620 ____A C:\Users\user\Downloads\XWP1171.3DS 2011-11-20 10:02 - 2011-11-20 10:02 - 0139643 ____A C:\Users\user\Downloads\XWP1170.3DS 2011-11-19 15:58 - 2012-01-11 09:34 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll 2011-11-19 15:01 - 2012-01-11 09:34 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2011-11-17 07:41 - 2012-01-11 09:34 - 1731920 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll 2011-11-17 06:38 - 2012-01-11 09:34 - 1292080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2011-11-16 12:22 - 2010-09-26 23:09 - 0101096 ____A C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT 2011-11-16 07:57 - 2011-11-16 07:57 - 0000000 ____D C:\Users\Public\Documents\sun 2011-11-16 07:56 - 2011-11-16 07:56 - 0001158 ____A C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk 2011-11-16 07:56 - 2010-09-27 13:59 - 0000000 ____D C:\Program Files (x86)\OpenOffice.org 3 2011-11-16 07:54 - 2010-09-27 10:06 - 0000000 ____D C:\Program Files (x86)\Java 2011-11-16 07:53 - 2009-07-14 04:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared 2011-11-15 16:41 - 2011-11-15 16:41 - 0351434 ____A C:\Users\user\Downloads\312-315_mirano.pdf 2011-11-15 16:18 - 2011-11-15 16:18 - 0301194 ____A C:\Users\user\Downloads\108_OPLA.pdf 2011-11-11 07:49 - 2011-12-14 13:24 - 12261888 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2011-11-11 07:49 - 2011-12-14 13:23 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2011-11-11 06:40 - 2011-12-14 13:23 - 10991104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2011-11-11 06:40 - 2011-12-14 13:23 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2011-11-10 05:59 - 2010-10-12 23:47 - 0000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2011-11-10 05:52 - 2009-07-14 04:20 - 0000000 ____D C:\Program Files\Common Files\System 2011-11-07 20:01 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\System32\config\TxR 2011-11-07 20:00 - 2010-10-22 08:53 - 0000000 ____D C:\Users\All Users\FLEXnet 2011-11-07 20:00 - 2010-10-22 08:53 - 0000000 ____D C:\ProgramData\FLEXnet 2011-11-07 20:00 - 2010-10-15 09:12 - 0000000 ____D C:\Users\user\AppData\Roaming\HateML 2011-11-07 20:00 - 2009-07-14 19:09 - 0000000 ___RD C:\Users\Public\Recorded TV 2011-11-07 20:00 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\registration 2011-11-07 20:00 - 2009-07-14 04:20 - 0000000 ____D C:\Windows\AppCompat 2011-11-05 22:46 - 2011-11-05 22:46 - 1045444 ____A C:\Users\user\Downloads\KP4_TX4+BPza.zip 2011-11-05 22:45 - 2011-11-05 22:45 - 2507094 ____A C:\Users\user\Downloads\kpl-KP4_TX5a_165.zip 2011-11-05 06:41 - 2011-12-14 13:24 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2011-11-05 06:41 - 2011-12-14 13:23 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2011-11-05 06:41 - 2011-12-14 13:23 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2011-11-05 06:38 - 2011-12-14 13:24 - 9018880 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2011-11-05 06:38 - 2011-12-14 13:23 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2011-11-05 06:38 - 2011-12-14 13:23 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2011-11-05 06:37 - 2011-12-14 13:23 - 2454528 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2011-11-05 06:37 - 2011-12-14 13:23 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2011-11-05 06:32 - 2011-12-14 13:21 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll 2011-11-05 05:35 - 2011-12-14 13:23 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2011-11-05 05:34 - 2011-12-14 13:23 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2011-11-05 05:34 - 2011-12-14 13:23 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2011-11-05 05:31 - 2011-12-14 13:23 - 5997056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2011-11-05 05:31 - 2011-12-14 13:23 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2011-11-05 05:31 - 2011-12-14 13:23 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2011-11-05 05:30 - 2011-12-14 13:23 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2011-11-05 05:30 - 2011-12-14 13:23 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2011-11-05 05:26 - 2011-12-14 13:21 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2011-11-05 04:32 - 2011-12-14 13:23 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2011-11-05 03:48 - 2011-12-14 13:23 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2011-11-04 23:21 - 2011-11-04 23:21 - 0184011 ____A C:\Users\user\Downloads\LKPG90.3ds 2011-11-04 22:28 - 2011-11-04 22:28 - 0203201 ____A C:\Users\user\Downloads\XBN0390.3ds 2011-10-29 21:29 - 2011-10-29 21:29 - 0000000 __SHD C:\Windows\System32\%APPDATA% 2011-10-27 09:18 - 2011-10-27 09:18 - 0000000 ____D C:\Windows\System32\Macromed 2011-10-26 06:25 - 2012-01-11 09:34 - 1572864 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll 2011-10-26 06:25 - 2012-01-11 09:34 - 0366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll 2011-10-26 06:21 - 2011-12-14 13:24 - 0043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2011-10-26 05:32 - 2012-01-11 09:34 - 1328128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2011-10-26 05:32 - 2012-01-11 09:34 - 0514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2011-10-24 10:04 - 2011-10-24 10:04 - 0000561 ____A C:\Users\user\Desktop\LISTA ZAKUPOW.ods — skrót.lnk 2011-10-21 16:11 - 2011-10-21 16:11 - 0034041 ____A C:\Users\user\Downloads\dinozaur.jpg 2011-10-21 14:57 - 2011-10-21 14:57 - 0002973 ____A C:\Windows\SysWOW64\jupdate-1.6.0_29-b11.log ========================= Known DLLs (Whitelisted) ============ ========================= Bamital & volsnap Check ============ C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ========================= Memory info ====================== Percentage of memory in use: 14% Total physical RAM: 4095.12 MB Available physical RAM: 3488.59 MB Total Pagefile: 4093.27 MB Available Pagefile: 3480.21 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ======================= Partitions ========================= 2 Drive c: (SYSTEM) (Fixed) (Total:97.65 GB) (Free:19.08 GB) NTFS ==>[Drive with boot components (obtanied from BCD)] 3 Drive e: (DANE) (Fixed) (Total:200.43 GB) (Free:50.22 GB) NTFS 4 Drive f: (RIGHT NOW) (Fixed) (Total:200.43 GB) (Free:185.48 GB) NTFS 5 Drive g: (GRMCHPXFREO_PL_DVD) (CDROM) (Total:2.91 GB) (Free:0 GB) UDF 6 Drive h: (ANABELLA) (Removable) (Total:7.46 GB) (Free:3.01 GB) FAT32 7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 8 Drive y: (BAZY) (Fixed) (Total:97.65 GB) (Free:61.18 GB) NTFS Nr dysku Stan Rozmiar Wolne Dyn GPT -------- ------------- ------- ------- --- --- Dysk 0 Online 298 GB 9 MB Dysk 1 Online 298 GB 9 MB Dysk 2 Online 7656 MB 0 B Trwa opuszczanie programu DiskPart... ========================================================== Last Boot: 2012-01-10 00:52 ======================= End Of Log ==========================