OTL logfile created on: 11/5/2011 5:29:51 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Dodatek Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
767.00 Mb Total Physical Memory | 557.00 Mb Available Physical Memory | 73.00% Memory free
707.00 Mb Paging File | 584.00 Mb Available in Paging File | 83.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.65 Gb Total Space | 10.15 Gb Free Space | 54.41% Space Free | Partition Type: NTFS
Drive D: | 18.65 Gb Total Space | 8.85 Gb Free Space | 47.48% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled] --  -- (HidServ)
SRV - File not found [On_Demand] --  -- (AppMgmt)
SRV - [2008/06/20 06:08:08 | 000,065,536 | ---- | M] (France Telecom SA) [Disabled] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (VcommMgr)
DRV - File not found [Kernel | On_Demand] --  -- (VComm)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] --  -- (CnxTgNW)
DRV - File not found [Kernel | On_Demand] --  -- (CnxEtU)
DRV - File not found [Kernel | On_Demand] --  -- (CnxEtP)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | Boot] --  -- (BTHidMgr)
DRV - File not found [Kernel | Boot] --  -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand] --  -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand] --  -- (BT)
DRV - File not found [Kernel | On_Demand] --  -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand] --  -- (BlueletAudio)
DRV - [2009/08/22 14:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand] -- D:\RivaTuner\RivaTuner32.sys -- (RivaTuner32)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006/03/01 13:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2003/09/23 05:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2002/03/11 21:57:00 | 000,043,776 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\viaudio.sys -- (VIAudio) VIA AC'97 Enhanced Audio Controller (WDM)
DRV - [2001/11/21 12:29:36 | 000,011,889 | ---- | M] (WayTech Development, Inc.) [Kernel | System] -- C:\WINDOWS\System32\drivers\kbfilter.sys -- (kbfilter)
DRV - [2001/10/22 12:31:06 | 000,029,696 | R--- | M] (VIA Technologies, Inc.              ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fetnd5a.sys -- (FETNDIS)
DRV - [2001/08/17 16:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001/08/17 16:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001/08/17 16:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001/08/17 16:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001/08/17 16:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001/08/17 16:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001/08/17 16:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001/08/17 16:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001/08/17 16:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2000/10/25 16:27:24 | 000,003,000 | R--- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\SetupNT.sys -- (SetupNT)
DRV - [1999/08/30 13:49:56 | 000,003,680 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Iteio.sys -- (iteio)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Drill_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = wyborcza.pl/0,0.html?p=020
IE - HKU\Drill_ON_C\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll ()
IE - HKU\Drill_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\JA_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
IE - HKU\JA_ON_C\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll ()
IE - HKU\JA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\Real Alternative\Browser\Plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\Real Alternative\Browser\Plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8:  
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: D:\Mozilla Firefox\components [2011/11/02 10:55:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: D:\Mozilla Firefox\plugins
 
[2010/10/17 05:40:48 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
 
O1 HOSTS File: ([2011/05/31 15:10:48 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O4 - HKU\JA_ON_C..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10w_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Drill_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Drill_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Drill_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\JA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\Drill_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/16 11:30:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/11/02 10:56:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Drill\Dane aplikacji\Mozilla
[2011/11/02 10:54:47 | 014,779,360 | ---- | C] (Mozilla) -- C:\Documents and Settings\Drill\Pulpit\Firefox Setup 7.0.1.exe
[2011/11/02 10:51:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Drill\Recent
[2011/11/02 05:40:18 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2011/10/31 08:22:58 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Drill\Pulpit\OTL.exe
[2011/10/31 04:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Drill\Dane aplikacji\EurekaLog
[2011/10/29 09:50:44 | 001,564,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Drill\Pulpit\TDSSKiller.exe
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/11/02 14:37:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/02 14:19:25 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2011/11/02 14:18:51 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/02 12:57:09 | 000,000,262 | -HS- | M] () -- C:\boot.ini
[2011/11/02 10:55:54 | 000,000,490 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011/11/02 10:54:47 | 014,779,360 | ---- | M] (Mozilla) -- C:\Documents and Settings\Drill\Pulpit\Firefox Setup 7.0.1.exe
[2011/11/02 10:35:48 | 001,564,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Drill\Pulpit\TDSSKiller.exe
[2011/11/02 10:33:54 | 001,008,092 | ---- | M] () -- C:\Documents and Settings\Drill\Pulpit\rkill.exe
[2011/11/02 04:43:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/31 08:23:01 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Drill\Pulpit\OTL.exe
[2011/10/31 04:01:35 | 000,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011/10/31 04:01:35 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/10/31 04:01:35 | 000,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011/10/31 04:01:35 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/29 16:42:02 | 000,049,400 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/10/29 09:42:34 | 001,545,436 | ---- | M] () -- C:\Documents and Settings\Drill\Pulpit\tdsskiller.zip
[2011/10/29 06:55:43 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/10/28 13:35:12 | 000,114,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/28 04:16:27 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Drill\Pulpit\rn9dvqmi.exe
[2011/10/26 15:53:43 | 000,023,236 | ---- | M] () -- C:\Documents and Settings\Drill\Pulpit\dream.house.(2011).pob.1cd.(4261454).zip
[2011/10/21 10:59:23 | 004,964,737 | ---- | M] () -- C:\Documents and Settings\Drill\Pulpit\LOSI-0.4.5.exe
[2011/10/21 10:56:30 | 001,784,257 | ---- | M] () -- C:\Documents and Settings\Drill\Pulpit\GeoShell_R4.11.10_Setup.exe
[2011/10/17 11:00:37 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Drill\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/12 12:01:10 | 000,002,313 | ---- | M] () -- C:\Documents and Settings\Drill\Pulpit\HiJackThis.lnk
[2011/10/09 09:04:24 | 002,764,854 | ---- | M] () -- C:\Documents and Settings\Drill\Pulpit\panorama.bmp
[2011/10/09 08:42:55 | 000,000,060 | ---- | M] () -- C:\WINDOWS\wininit.ini
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/11/02 10:55:54 | 000,000,490 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011/11/02 10:33:49 | 001,008,092 | ---- | C] () -- C:\Documents and Settings\Drill\Pulpit\rkill.exe
[2011/11/02 04:30:51 | 804,835,328 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/29 09:41:14 | 001,545,436 | ---- | C] () -- C:\Documents and Settings\Drill\Pulpit\tdsskiller.zip
[2011/10/28 04:16:26 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Drill\Pulpit\rn9dvqmi.exe
[2011/10/26 15:52:31 | 000,023,236 | ---- | C] () -- C:\Documents and Settings\Drill\Pulpit\dream.house.(2011).pob.1cd.(4261454).zip
[2011/10/21 10:59:04 | 004,964,737 | ---- | C] () -- C:\Documents and Settings\Drill\Pulpit\LOSI-0.4.5.exe
[2011/10/21 10:56:21 | 001,784,257 | ---- | C] () -- C:\Documents and Settings\Drill\Pulpit\GeoShell_R4.11.10_Setup.exe
[2011/10/09 09:04:23 | 002,764,854 | ---- | C] () -- C:\Documents and Settings\Drill\Pulpit\panorama.bmp
[2011/10/09 08:42:55 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/09/18 09:13:53 | 000,017,310 | ---- | C] () -- C:\Documents and Settings\Drill\.recently-used.xbel
[2011/09/01 17:37:24 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/09/01 17:37:24 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/04/13 06:09:59 | 000,001,378 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ss.ini
[2011/04/13 05:59:42 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\csdlocalmon.dll
[2011/03/24 16:31:18 | 000,001,296 | ---- | C] () -- C:\Documents and Settings\Drill\.lmmsrc.xml
[2010/10/24 12:07:16 | 000,000,895 | ---- | C] () -- C:\Documents and Settings\Drill\masks
[2010/10/22 11:00:00 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SysInfo.dll
[2010/09/27 14:50:29 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\GkSui18.EXE
[2010/08/05 07:25:53 | 000,001,432 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/04 14:06:08 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
[2010/07/04 08:09:09 | 000,000,542 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/05/26 06:34:21 | 000,550,418 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2010/05/04 12:31:37 | 000,673,280 | ---- | C] () -- C:\WINDOWS\is-0HH9O.exe
[2010/02/18 10:26:24 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/02/02 06:56:12 | 000,000,130 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2010/01/25 18:19:37 | 000,000,030 | ---- | C] () -- C:\WINDOWS\RefreshLock.ini
[2009/12/27 08:29:50 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\imgproc.dll
[2009/11/18 15:46:08 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Drill\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/04 15:04:10 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/10/25 10:23:34 | 000,169,192 | ---- | C] () -- C:\WINDOWS\hpoins27.dat
[2009/10/25 10:23:34 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl27.dat
[2009/10/23 11:08:58 | 000,003,680 | R--- | C] () -- C:\WINDOWS\System32\drivers\Iteio.sys
[2009/10/23 05:42:22 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/10/23 03:39:42 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/10/23 03:21:50 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll
[2009/10/23 03:21:19 | 000,003,000 | R--- | C] () -- C:\WINDOWS\System32\SetupNT.sys
[2009/10/23 02:47:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/10/16 12:11:57 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/10/16 12:10:17 | 000,114,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/16 11:32:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/10/16 11:26:41 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/05/15 04:07:10 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\CSD_IRIVER_GEN.DLL
[2006/10/22 06:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 06:22:00 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/10/22 06:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/22 06:22:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/10/22 06:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 06:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 06:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/22 06:22:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/10/22 06:22:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/10/22 06:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 06:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2002/09/23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/23 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/23 08:00:00 | 000,355,830 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2002/09/23 08:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2002/09/23 08:00:00 | 000,311,740 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/09/23 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/23 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/23 08:00:00 | 000,049,712 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2002/09/23 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/23 08:00:00 | 000,040,128 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/09/23 08:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2002/09/23 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/23 08:00:00 | 000,004,486 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/23 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/09/23 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/09/16 11:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\SACore
[2010/10/22 10:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\BESTplayer
[2011/07/03 06:59:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\DAEMON Tools Lite
[2011/03/15 08:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\EAC
[2010/08/26 04:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\Emisja
[2011/10/31 04:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\EurekaLog
[2011/03/29 16:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\fltk.org
[2010/02/15 06:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\foobar2000
[2009/11/12 15:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\GlarySoft
[2011/09/15 06:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\gtk-2.0
[2010/10/22 17:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\HamsterSoft
[2010/08/31 09:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\ipla
[2010/02/17 09:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\Leadertech
[2010/02/21 12:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\Notepad++
[2010/11/05 06:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\OnLive App
[2011/11/02 14:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\PCToolsFirewallPlus
[2010/11/12 17:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Drill\Dane aplikacji\uTorrent
[2010/05/03 11:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JA\Dane aplikacji\DAEMON Tools Lite
[2010/01/03 09:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JA\Dane aplikacji\foobar2000
[2010/01/01 07:14:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JA\Dane aplikacji\Gadu-Gadu
[2010/09/11 03:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JA\Dane aplikacji\GlarySoft
[2009/10/23 08:46:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JA\Dane aplikacji\Nowe Gadu-Gadu
[2009/10/23 08:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JA\Dane aplikacji\OpenFM
[2011/05/28 15:03:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JA\Dane aplikacji\PCToolsFirewallPlus
[2010/08/25 02:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\SACore
[2009/11/22 10:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth
[2009/11/21 10:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010/07/04 08:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeRIP
[2010/08/01 06:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010/08/31 09:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2009/10/23 08:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011/11/02 13:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011/09/10 06:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Zoom Player
[2011/11/02 14:19:25 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 48 bytes -> C:\Documents and Settings\All Users\DRM:مايكروسوفت
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C31F31E6
< End of report >