OTL logfile created on: 2010-12-11 14:20:11 - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\adamss\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 511,00 Mb Total Physical Memory | 72,00 Mb Available Physical Memory | 14,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 68,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 8,99 Gb Total Space | 3,24 Gb Free Space | 36,01% Space Free | Partition Type: NTFS Drive D: | 39,06 Gb Total Space | 2,44 Gb Free Space | 6,25% Space Free | Partition Type: NTFS Drive E: | 9,77 Gb Total Space | 3,14 Gb Free Space | 32,15% Space Free | Partition Type: NTFS Drive F: | 19,52 Gb Total Space | 2,13 Gb Free Space | 10,92% Space Free | Partition Type: FAT32 Drive G: | 35,46 Gb Total Space | 0,57 Gb Free Space | 1,60% Space Free | Partition Type: NTFS Computer Name: ADAMSS-5449F4F9 | User Name: adamss | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-12-11 14:18:47 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\adamss\Moje dokumenty\Pobieranie\OTL(2).exe PRC - [2010-11-16 00:04:58 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- E:\Program\Update\realsched.exe PRC - [2010-10-27 21:39:35 | 000,308,224 | ---- | M] () -- E:\Program\adobe media player\Adobe Media Player\Adobe Media Player.exe PRC - [2010-10-27 07:21:28 | 000,912,344 | ---- | M] (Mozilla Corporation) -- E:\Mozilla Firefox\firefox.exe PRC - [2010-10-05 16:31:52 | 000,387,584 | ---- | M] () -- F:\sterowniki\keyboard\KBDAP32A.EXE PRC - [2010-03-09 11:24:10 | 002,769,336 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-03-09 11:24:08 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2007-02-10 23:33:02 | 000,188,416 | ---- | M] (A4Tech Co.,Ltd.) -- F:\sterowniki\A4Tech\Mouse\Amoumain.exe PRC - [2006-10-26 23:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- E:\excel\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2006-01-02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-12-11 14:18:47 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\adamss\Moje dokumenty\Pobieranie\OTL(2).exe MOD - [2010-11-16 00:05:15 | 000,040,448 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll MOD - [2009-07-11 23:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll MOD - [2009-07-11 23:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll MOD - [2007-02-10 21:17:28 | 000,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\system32\Amhooker.dll MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-03-09 11:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-03-09 11:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-03-09 11:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2006-10-26 23:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\excel\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-11-20 14:22:50 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-03-09 11:12:54 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-03-09 11:12:33 | 000,162,640 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-03-09 11:09:08 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-03-09 11:08:41 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-03-09 11:08:30 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-03-09 11:08:15 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009-03-02 15:00:46 | 000,095,592 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\StarPortLite.sys -- (StarPortLite) StarPort Storage Controller (Lite) DRV - [2007-02-10 01:04:50 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amps2prt.sys -- (Amps2prt) DRV - [2006-05-03 17:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2001-09-10 00:30:00 | 000,042,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viaudio.sys -- (VIAudio) VIA AC'97 Enhanced Audio Controller (WDM) DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-823518204-602162358-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-823518204-602162358-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-11-16 00:05:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: E:\Mozilla Firefox\components [2010-12-11 13:36:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: E:\Mozilla Firefox\plugins [2010-12-07 17:58:03 | 000,000,000 | ---D | M] [2010-10-05 14:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adamss\Dane aplikacji\Mozilla\Extensions [2010-10-25 22:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adamss\Dane aplikacji\Mozilla\Firefox\Profiles\798c1s7g.default\extensions [2010-10-10 20:03:09 | 000,002,426 | ---- | M] () -- C:\Documents and Settings\adamss\Dane aplikacji\Mozilla\Firefox\Profiles\798c1s7g.default\searchplugins\askcom.xml [2010-12-11 13:07:35 | 000,001,860 | ---- | M] () -- C:\Documents and Settings\adamss\Dane aplikacji\Mozilla\Firefox\Profiles\798c1s7g.default\searchplugins\search.xml O1 HOSTS File: ([2001-10-26 14:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\excel\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-823518204-602162358-725345543-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [Adobe Reader Speed Launcher] F:\Program\Adobe Reader\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [GProton] C:\Documents and Settings\All Users\GProton.exe () O4 - HKLM..\Run: [GrooveMonitor] E:\excel\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [OFFICEKB] F:\sterowniki\keyboard\KBDAP32A.EXE () O4 - HKLM..\Run: [TkBellExe] E:\Program\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WheelMouse] f:\sterowniki\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.) O4 - HKLM..\Run: [WinampAgent] F:\Program\Winamp\winampa.exe File not found O4 - HKU\S-1-5-21-823518204-602162358-725345543-1003..\Run: [Gadu-Gadu] F:\Program\Gadu-Gadu\gg.exe File not found O4 - Startup: C:\Documents and Settings\adamss\Menu Start\Programy\Autostart\Adobe Media Player.lnk = E:\Program\adobe media player\Adobe Media Player\Adobe Media Player.exe () O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-823518204-602162358-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-823518204-602162358-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-823518204-602162358-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\excel\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\excel\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\excel\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\excel\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 157.25.5.18 217.8.168.244 157.25.5.18 217.8.168.244 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\excel\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\excel\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-10-05 13:35:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-12-08 19:59:52 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2005-07-02 11:08:44 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-12-08 19:59:52 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-08 19:59:52 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-08 19:59:54 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2010-12-08 19:59:53 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{3410f54d-ed93-11df-a53a-00304f396e15}\Shell\ArcaVirMenu\command - "" = J:\ArcaVir2009USBMenu.exe -- File not found O33 - MountPoints2\{3410f54d-ed93-11df-a53a-00304f396e15}\Shell\AutoRun\command - "" = J:\ArcaVir2009USBMenu.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-12-11 12:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adamss\Dane aplikacji\Lavasoft [2010-12-10 09:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adamss\Dane aplikacji\Malwarebytes [2010-12-10 09:17:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-12-10 09:17:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-12-10 09:17:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-12-08 19:59:52 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2010-12-07 11:12:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adamss\Pulpit\biologia [2010-11-21 14:30:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adamss\Pulpit\chemia [2010-11-20 14:25:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adamss\Moje dokumenty\StarBurn [2010-11-20 14:25:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adamss\Dane aplikacji\StarBurn [2010-11-20 14:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adamss\Moje dokumenty\SaveTubeVideo [2010-11-20 14:22:30 | 000,095,592 | ---- | C] (Rocket Division Software) -- C:\WINDOWS\System32\drivers\StarPortLite.sys [2010-11-16 23:49:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adamss\Pulpit\Kaśka [2010-11-16 00:05:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\adamss\Moje dokumenty\Moje wideo [2010-11-16 00:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2010-11-16 00:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2010-11-16 00:05:09 | 000,199,904 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2010-11-16 00:05:01 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2010-11-16 00:05:01 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2010-11-16 00:05:00 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2010-11-16 00:04:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real [2010-11-16 00:04:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adamss\Dane aplikacji\Real [2010-11-13 18:23:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adamss\Pulpit\majca od kasi janickiej ksiazka pieniązka [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-12-11 14:18:45 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-823518204-602162358-725345543-1003.job [2010-12-11 14:18:45 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-823518204-602162358-725345543-1003.job [2010-12-11 13:07:34 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\adamss\Menu Start\Programy\Autostart\Adobe Media Player.lnk [2010-12-11 13:07:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-11 13:07:04 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys [2010-12-10 09:17:32 | 000,000,522 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-12-10 08:49:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-12-08 22:38:22 | 000,057,629 | ---- | M] () -- C:\Documents and Settings\adamss\Pulpit\mamwyjebane.jpg [2010-12-08 00:43:53 | 000,013,463 | ---- | M] () -- C:\Documents and Settings\adamss\Pulpit\BIOLOGIA.docx [2010-12-04 20:20:53 | 007,793,152 | RHS- | M] () -- C:\Documents and Settings\All Users\GProton.exe [2010-11-30 10:29:34 | 000,030,565 | ---- | M] () -- C:\Documents and Settings\adamss\Pulpit\sprawozdanie nr 3.docx [2010-11-30 10:29:01 | 000,041,931 | ---- | M] () -- C:\Documents and Settings\adamss\Pulpit\SPRAWOZDANIE nr 1.docx [2010-11-29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-11-28 21:55:50 | 000,019,336 | ---- | M] () -- C:\Documents and Settings\adamss\Pulpit\sprawozdanie 2 chemia.docx [2010-11-28 21:12:01 | 000,026,911 | ---- | M] () -- C:\Documents and Settings\adamss\Pulpit\kasia-chemia1.docx [2010-11-28 19:55:22 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\adamss\Pulpit\Zasada oznaczenia.doc [2010-11-24 20:05:09 | 000,001,421 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-11-21 20:35:52 | 000,012,271 | ---- | M] () -- C:\Documents and Settings\adamss\Pulpit\Zeszyt1.xlsx [2010-11-21 15:45:46 | 000,072,192 | ---- | M] () -- C:\Documents and Settings\adamss\Pulpit\Aplikacja S EXCEL1 2010 wersja dla studentów.doc [2010-11-20 15:27:23 | 000,000,539 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Far Cry.lnk [2010-11-20 14:22:50 | 000,721,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-11-20 14:22:34 | 000,000,597 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\StarBurn.lnk [2010-11-19 09:22:49 | 008,542,862 | ---- | M] () -- C:\Documents and Settings\adamss\Pulpit\Mirami feat. VovaZiL'vova -2.flv [2010-11-17 16:07:26 | 000,851,817 | ---- | M] () -- C:\Documents and Settings\adamss\Pulpit\DSC00201.JPG [2010-11-16 01:20:08 | 000,016,116 | ---- | M] () -- C:\Documents and Settings\adamss\Pulpit\Jakość wody.docx [2010-11-16 00:05:24 | 000,000,489 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Free Offers.lnk [2010-11-16 00:05:24 | 000,000,487 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\RealPlayer.lnk [2010-11-16 00:05:09 | 000,199,904 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2010-11-16 00:05:01 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2010-11-16 00:05:01 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2010-11-16 00:05:00 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2010-11-15 11:10:16 | 000,336,896 | ---- | M] () -- C:\Documents and Settings\adamss\Pulpit\(3736) szeregi liczbowe-1.doc [2010-11-14 22:28:29 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\adamss\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-12-10 09:17:32 | 000,000,522 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-12-08 22:38:20 | 000,057,629 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\mamwyjebane.jpg [2010-12-07 19:58:43 | 000,013,463 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\BIOLOGIA.docx [2010-12-04 20:24:52 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-12-04 20:20:58 | 007,793,152 | RHS- | C] () -- C:\Documents and Settings\All Users\GProton.exe [2010-11-30 09:11:40 | 000,030,565 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\sprawozdanie nr 3.docx [2010-11-29 15:09:35 | 003,589,092 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\2007.3gp [2010-11-28 21:12:19 | 000,041,931 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\SPRAWOZDANIE nr 1.docx [2010-11-28 19:55:21 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\Zasada oznaczenia.doc [2010-11-28 16:06:20 | 000,670,894 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\MobileDoc.jar [2010-11-21 15:45:44 | 000,072,192 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\Aplikacja S EXCEL1 2010 wersja dla studentów.doc [2010-11-21 15:45:37 | 000,012,271 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\Zeszyt1.xlsx [2010-11-20 15:27:23 | 000,000,539 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Far Cry.lnk [2010-11-20 14:22:34 | 000,000,597 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\StarBurn.lnk [2010-11-19 15:27:32 | 008,542,862 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\Mirami feat. VovaZiL'vova -2.flv [2010-11-17 18:11:38 | 000,851,817 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\DSC00201.JPG [2010-11-16 23:53:59 | 000,060,994 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\KWASOWOŚĆ.pdf [2010-11-16 23:53:59 | 000,057,746 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\TWARDOŚĆ OG.pdf [2010-11-16 23:53:59 | 000,033,742 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\MĘTNOŚĆ nefelometr.pdf [2010-11-16 23:53:59 | 000,026,911 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\kasia-chemia1.docx [2010-11-16 23:53:59 | 000,019,336 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\sprawozdanie 2 chemia.docx [2010-11-16 23:53:58 | 000,016,116 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\Jakość wody.docx [2010-11-16 00:05:44 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-823518204-602162358-725345543-1003.job [2010-11-16 00:05:43 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-823518204-602162358-725345543-1003.job [2010-11-16 00:05:24 | 000,000,489 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Free Offers.lnk [2010-11-16 00:05:24 | 000,000,487 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\RealPlayer.lnk [2010-11-15 11:10:14 | 000,336,896 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\(3736) szeregi liczbowe-1.doc [2010-11-13 18:21:33 | 000,919,522 | ---- | C] () -- C:\Documents and Settings\adamss\Pulpit\DSC00059.JPG [2010-10-21 18:55:42 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-10-05 14:59:50 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-10-05 14:56:55 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\adamss\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-10-05 14:44:11 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [color=#E56717]========== LOP Check ==========[/color] [2010-10-21 19:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adamss\Dane aplikacji\DAEMON Tools [2010-10-21 19:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adamss\Dane aplikacji\DAEMON Tools Lite [2010-10-21 19:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adamss\Dane aplikacji\DAEMON Tools Pro [2010-10-27 21:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adamss\Dane aplikacji\FLVPlayer4Free [2010-10-10 11:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adamss\Dane aplikacji\Gadu-Gadu 10 [2010-12-05 23:40:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adamss\Dane aplikacji\ipla [2010-11-20 14:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adamss\Dane aplikacji\StarBurn [2010-12-06 01:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adamss\Dane aplikacji\uTorrent [2010-10-24 13:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-10-21 19:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-10-10 11:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-10-27 21:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [color=#E56717]========== Purity Check ==========[/color] < End of report >