OTL logfile created on: 2012-07-25 11:29:22 - Run 1
OTL by OldTimer - Version 3.2.54.1     Folder = C:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,99 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 86,44% Memory free
3,84 Gb Paging File | 3,77 Gb Available in Paging File | 98,07% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 222,86 Gb Total Space | 176,82 Gb Free Space | 79,34% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,19 Gb Free Space | 61,85% Space Free | Partition Type: NTFS
Drive F: | 14,88 Gb Total Space | 3,31 Gb Free Space | 22,26% Space Free | Partition Type: FAT32
 
Computer Name: PC-MACIEJB | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-07-25 11:04:28 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2006-09-14 01:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\011166~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -- (0111661225851089mcinstcleanup)
SRV - [2012-07-19 15:10:36 | 000,792,512 | ---- | M] (Spigot, Inc.) [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012-07-12 11:47:48 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2009-10-07 09:21:14 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-10-07 09:16:50 | 000,472,280 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008-12-15 15:30:17 | 000,082,584 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008-10-15 17:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Stopped] -- C:\Program Files\RealVNC\VNC4\winvnc4.exe -- (WinVNC4)
SRV - [2008-04-07 07:10:52 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Stopped] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2007-01-04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2009-10-07 09:18:36 | 000,035,168 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009-10-07 09:12:22 | 000,054,184 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2009-10-07 09:11:10 | 000,040,824 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008-12-16 13:23:00 | 000,018,944 | ---- | M] (Aladdin Knowledge Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aksusb.sys -- (aksusb)
DRV - [2008-12-16 13:22:59 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2008-05-27 02:52:18 | 000,051,072 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MHIKEY10.sys -- (MHIKEY10)
DRV - [2008-02-12 12:14:50 | 000,586,240 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2008-01-04 00:10:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-11-06 19:23:56 | 004,622,848 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007-09-11 15:40:30 | 000,238,976 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\akshasp.sys -- (akshasp)
DRV - [2006-09-27 00:07:46 | 000,040,256 | ---- | M] ( MM Electronics,  DATOM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kmm4xusb.sys -- (KMM4xUSB)
DRV - [2004-08-03 19:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004-08-03 19:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004-08-03 19:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004-08-03 19:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004-08-03 19:29:46 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004-08-03 19:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004-08-03 19:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004-08-03 19:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004-08-03 19:29:42 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004-08-03 19:29:40 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004-08-03 19:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004-08-03 19:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004-08-03 19:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004-08-03 19:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004-08-03 19:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2002-04-04 07:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\symmpi.sys -- (Symmpi)
DRV - [2001-08-17 22:49:10 | 000,026,624 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irstusb.sys -- (STIrUsb)
DRV - [2000-11-25 12:38:48 | 000,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\KMM4XNT.SYS -- (Kmm4xNT)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/ins/ins_1326888281_515542
IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKLM\..\SearchScopes\{1746D6A5-376D-4486-8522-AC18352AEF3A}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcmdtie7-pl-pl
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/ins/ins_1326888281_515542
IE - HKCU\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKCU\..\SearchScopes\{1746D6A5-376D-4486-8522-AC18352AEF3A}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcmdtie7-pl-pl
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.wp.pl/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=302398&ilc=12&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=302398"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp498@crossrider.com: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\RewardsArcade\498\Firefox [2011-12-07 11:05:32 | 000,000,000 | ---D | M]
 
[2009-06-04 07:26:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions
[2011-08-08 08:39:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\fgztlefx.default\extensions
[2009-09-04 07:05:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\fgztlefx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-08-08 08:39:06 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\fgztlefx.default\extensions\ffxtlbr@babylon.com
[2010-10-08 13:09:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-04-23 13:47:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-23 13:47:45 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010-04-23 13:47:43 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2006-03-02 04:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe ()
O4 - HKLM..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe (RICOH CO.,LTD.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\CREATOR\Remind_XP.exe ()
O4 - HKLM..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [WSManHTTPConfig] C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\912\WSManHTTPConfig.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - C:\Documents and Settings\All Users\Dane aplikacji\AOL\ieToolbar\resources\pl-PL\local\search.html ()
O9 - Extra Button: Pasek narzędzi AOL - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1B18DE1-0DD8-4ED9-9EA3-5D5B8552314E}: DhcpNameServer = 10.0.0.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-25 11:25:42 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2012-07-25 09:44:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012-07-25 09:03:37 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012-07-25 08:08:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje wideo
[2012-07-25 08:08:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012-07-24 10:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\hellomoto
[2012-07-24 06:55:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Search Settings
[2012-07-24 06:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012-07-24 06:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2012-07-24 06:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar
[2012-07-23 14:29:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Krotoszyn - budowa budynku administracyjnego
[2012-07-12 11:47:45 | 009,822,920 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012-07-11 15:16:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Dom Kasia Pułkownik
[2012-07-06 07:35:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\GRAFICOLOR-wykonawczy
[2012-07-06 06:55:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012-07-05 11:56:22 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-07-05 11:56:22 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-07-05 11:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012-06-29 11:31:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Brama - Hala mag-prod
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Administrator\Pulpit\*.tmp files -> C:\Documents and Settings\Administrator\Pulpit\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-07-25 11:24:48 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-07-25 11:24:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-07-25 11:22:24 | 000,377,648 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-07-25 11:04:28 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2012-07-25 10:47:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-07-25 09:03:44 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012-07-12 11:47:47 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-07-12 11:47:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-07-12 11:47:45 | 009,822,920 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012-07-11 15:22:27 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-07-11 13:52:07 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Administrator\Pulpit\*.tmp files -> C:\Documents and Settings\Administrator\Pulpit\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-07-25 09:03:44 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012-07-25 09:03:40 | 000,262,400 | RHS- | C] () -- C:\cmldr
[2012-07-24 10:11:46 | 000,292,183 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Atest_zawory_kulowe_wodne.jpg
[2012-07-24 10:10:15 | 000,289,565 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Atest_zawory_zwrotne.jpg
[2012-07-05 11:56:23 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-05-11 15:12:10 | 001,045,288 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2012-05-11 08:28:20 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-04-23 13:37:44 | 000,000,138 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2012-04-23 13:36:41 | 000,000,691 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2012-04-23 13:33:28 | 000,175,188 | ---- | C] () -- C:\WINDOWS\hppins10.dat
[2012-04-23 13:33:28 | 000,005,186 | ---- | C] () -- C:\WINDOWS\hppmdl10.dat
[2012-04-23 13:33:19 | 000,000,623 | ---- | C] () -- C:\WINDOWS\System32\hppapr10.dat
[2011-12-15 14:23:44 | 000,037,976 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft Excel 97-2003.ADR
[2011-12-15 14:07:17 | 000,038,487 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Wartości oddzielone przecinkami (Windows).ADR
[2011-12-15 14:03:02 | 000,038,491 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Wartości oddzielone tabulatorami (Windows).ADR
[2011-12-15 13:49:07 | 000,009,366 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft Excel 97-2003.EML
[2011-12-15 13:48:57 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011-08-08 08:39:23 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011-04-11 10:33:08 | 000,000,430 | ---- | C] () -- C:\Documents and Settings\Administrator\efaktura.properties
[2011-02-22 13:45:34 | 000,000,353 | ---- | C] () -- C:\WINDOWS\pdf2word.INI
[2011-02-22 12:45:31 | 000,243,119 | ---- | C] () -- C:\Documents and Settings\Administrator\1
[2010-11-29 14:44:07 | 000,000,014 | ---- | C] () -- C:\WINDOWS\hpmssnpjt.ini
[2010-11-25 14:56:43 | 000,000,226 | ---- | C] () -- C:\WINDOWS\PMJobCli.ini
[2010-11-25 14:56:40 | 000,012,309 | ---- | C] () -- C:\WINDOWS\PMRicMb.ini
[2010-11-25 14:56:40 | 000,007,873 | ---- | C] () -- C:\WINDOWS\PMRicPMb.ini
[2010-11-25 14:56:40 | 000,005,390 | ---- | C] () -- C:\WINDOWS\PMPrtMb.ini
[2010-11-25 14:56:40 | 000,004,644 | ---- | C] () -- C:\WINDOWS\PMRicFMb.ini
[2010-11-25 14:56:40 | 000,003,149 | ---- | C] () -- C:\WINDOWS\PMDvPrn.ini
[2010-11-25 14:56:40 | 000,002,102 | ---- | C] () -- C:\WINDOWS\PMDvDev.ini
[2010-11-25 14:56:40 | 000,002,047 | ---- | C] () -- C:\WINDOWS\PMDIOMb.ini
[2010-11-25 14:56:40 | 000,002,036 | ---- | C] () -- C:\WINDOWS\PMHostMb.ini
[2010-11-25 14:56:40 | 000,001,885 | ---- | C] () -- C:\WINDOWS\PMPSIOMb.ini
[2010-11-25 14:56:40 | 000,001,727 | ---- | C] () -- C:\WINDOWS\PMRicSMb.ini
[2010-11-25 14:56:40 | 000,001,706 | ---- | C] () -- C:\WINDOWS\PMRicCMb.ini
[2010-11-25 14:56:40 | 000,001,494 | ---- | C] () -- C:\WINDOWS\PMMib2Mb.ini
[2010-11-25 14:56:40 | 000,001,168 | ---- | C] () -- C:\WINDOWS\PMDvFax.ini
[2010-11-25 14:56:40 | 000,001,143 | ---- | C] () -- C:\WINDOWS\PMDPIMb.ini
[2010-11-25 14:56:40 | 000,001,094 | ---- | C] () -- C:\WINDOWS\PMAxsMb.ini
[2010-11-25 14:56:40 | 000,000,842 | ---- | C] () -- C:\WINDOWS\PMDvScan.ini
[2010-11-25 14:56:40 | 000,000,423 | ---- | C] () -- C:\WINDOWS\PMDvCopy.ini
[2010-11-25 14:56:40 | 000,000,332 | ---- | C] () -- C:\WINDOWS\PMSnmpMb.ini
[2010-11-25 14:56:33 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\rtcpf.dll
[2010-11-25 14:56:33 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RLPR.dll
[2010-11-25 14:56:31 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\rpnv2ui.dll
[2010-11-25 14:56:26 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\PMObservps.dll
[2010-11-25 14:56:25 | 000,002,255 | ---- | C] () -- C:\WINDOWS\PmData.Dat
[2010-11-25 14:23:58 | 000,061,031 | ---- | C] () -- C:\WINDOWS\ricdb.ini
[2010-11-25 14:23:55 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\RPCS.ini
[2010-08-05 12:12:42 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010-08-05 10:55:36 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010-08-03 11:22:47 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\Winlie.exe
[2009-05-22 08:51:05 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\Administrator\default.pls
[2008-11-25 08:55:50 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-10-13 12:10:18 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat

< End of report >