OTL logfile created on: 2011-03-04 오후 4:18:15 - Run 6 OTL by OldTimer - Version 3.2.22.2 Folder = C:\Users\Aleksander\Downloads\Mozilla Firefox Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00000412 | Country: Korea | Language: KOR | Date Format: yyyy-MM-dd 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 82.00% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 195.31 Gb Total Space | 38.43 Gb Free Space | 19.68% Space Free | Partition Type: NTFS Drive D: | 736.20 Gb Total Space | 205.65 Gb Free Space | 27.93% Space Free | Partition Type: NTFS Drive E: | 7.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Drive H: | 931.51 Gb Total Space | 456.93 Gb Free Space | 49.05% Space Free | Partition Type: NTFS Drive I: | 14.90 Gb Total Space | 2.94 Gb Free Space | 19.73% Space Free | Partition Type: FAT32 Computer Name: ALEKSANDER-PC | User Name: Aleksander | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-03-02 21:22:41 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-03-02 00:50:13 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Aleksander\Downloads\Mozilla Firefox\OTL.exe PRC - [2010-05-20 23:56:36 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe PRC - [2010-05-20 23:56:32 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe PRC - [2010-05-20 23:56:18 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe PRC - [2010-05-20 22:40:20 | 000,539,184 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe PRC - [2009-12-11 21:45:10 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009-12-11 21:44:40 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-06-03 15:18:08 | 000,066,560 | ---- | M] () -- C:\Windows\jwpen.exe PRC - [2008-01-21 03:24:13 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- D:\Program Files\RocketDock\RocketDock.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-03-02 00:50:13 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Aleksander\Downloads\Mozilla Firefox\OTL.exe MOD - [2010-08-31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-03-03 22:39:00 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-08-02 23:11:31 | 003,732,680 | ---- | M] (INCA Internet Co., Ltd.) [Disabled | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2010-05-20 23:56:36 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2010-05-20 23:56:32 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService) SRV - [2010-05-20 23:56:18 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service) SRV - [2010-05-20 22:40:20 | 000,539,184 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2010-04-27 15:42:04 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60) SRV - [2010-04-13 15:39:56 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-12-11 21:44:40 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2008-07-11 18:00:06 | 000,080,392 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service) SRV - [2008-06-03 15:18:08 | 000,066,560 | ---- | M] () [Auto | Running] -- C:\Windows\jwpen.exe -- (HWSuperPowerTablet) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-12-15 15:57:35 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2010-05-20 23:56:56 | 000,854,064 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86) DRV - [2010-05-20 23:56:56 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci) DRV - [2010-05-20 23:56:40 | 000,014,896 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmparport.sys -- (VMparport) DRV - [2010-05-20 23:55:04 | 000,024,624 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd) DRV - [2010-05-20 23:53:58 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif) DRV - [2010-05-20 22:40:08 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon) DRV - [2010-05-20 20:19:20 | 000,036,400 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge) DRV - [2010-05-20 20:19:20 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmusb.sys -- (vmusb) DRV - [2010-05-20 20:19:20 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV - [2010-04-27 15:41:40 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60) DRV - [2010-02-13 12:39:24 | 000,223,440 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt) DRV - [2010-02-12 18:06:44 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-12-11 22:03:58 | 005,188,096 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009-12-11 22:03:58 | 005,188,096 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag) DRV - [2009-12-11 20:50:52 | 000,125,440 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2009-11-19 00:24:50 | 000,097,792 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009-07-20 19:33:37 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009-07-20 19:33:36 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-04-19 18:13:08 | 000,026,056 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009-03-27 01:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cpuz132_x32.sys -- (cpuz132) DRV - [2008-02-14 07:56:02 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007-07-18 11:32:14 | 000,154,784 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\V0260Vid.sys -- (V0260VID) DRV - [2007-05-11 10:40:42 | 000,329,728 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Dr71WU.sys -- (RT73) DRV - [2007-03-30 10:10:28 | 000,005,632 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\HYRDBios.sys -- (HYRDBios) DRV - [2007-03-26 09:09:56 | 000,006,400 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HWDrawing.sys -- (VHWDrawing) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1144524802-840280565-2537418528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1144524802-840280565-2537418528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E8 19 92 5E 1D 16 CA 01 [binary data] IE - HKU\S-1-5-21-1144524802-840280565-2537418528-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1144524802-840280565-2537418528-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1144524802-840280565-2537418528-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www2.ling.pl/index.html" FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:0.4.5.15 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86 FF - prefs.js..extensions.enabledItems: cfxHelper@Triton:1.2 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2 FF - prefs.js..extensions.enabledItems: externalip@erik.morlin:0.9.9.6 FF - prefs.js..extensions.enabledItems: {ca8b7b3d-b6e6-438f-b935-601b3de48d66}:1.1.6 FF - prefs.js..extensions.enabledItems: fontfinder@bendodson.com:1.0 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1 FF - prefs.js..extensions.enabledItems: {c151d79e-e61b-4a90-a887-5a46d38fba99}:2.6.1 FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.9.4 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4 FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.3 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: cfxe@Triton:3.6.5 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-02 21:22:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-02 21:22:42 | 000,000,000 | ---D | M] [2010-06-03 18:20:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Extensions [2011-03-03 19:22:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions [2010-06-08 22:32:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-06-03 18:27:52 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2010-06-03 18:27:52 | 000,000,000 | ---D | M] (4chan) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2010-09-23 15:45:51 | 000,000,000 | ---D | M] (Pearl Crescent Page Saver Basic) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\{c151d79e-e61b-4a90-a887-5a46d38fba99} [2010-06-03 18:27:49 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66} [2010-12-24 01:34:59 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-10-09 09:50:59 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2010-06-17 17:51:35 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\{dc572301-7619-498c-a57d-39143191b318} [2011-01-26 16:18:02 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011-01-08 12:24:52 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1} [2010-11-13 11:09:24 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2010-06-03 18:23:49 | 000,000,000 | ---D | M] (Chromifox Extreme) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\cfxe@Triton [2010-06-03 18:27:52 | 000,000,000 | ---D | M] (Chromifox Companion) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\cfxHelper@Triton [2010-06-03 18:27:52 | 000,000,000 | ---D | M] (external IP) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\externalip@erik.morlin [2011-02-07 16:51:05 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\firebug@software.joehewitt.com [2010-06-03 18:27:48 | 000,000,000 | ---D | M] (Font Finder) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\fontfinder@bendodson.com [2011-02-16 23:08:57 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Aleksander\AppData\Roaming\mozilla\Firefox\Profiles\3zpbu8lr.default\extensions\tineye@ideeinc.com [2011-03-01 15:13:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-08-25 10:44:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2011-01-21 20:18:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-03-01 15:13:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-02-02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-11-13 18:52:47 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-11-13 18:52:47 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-11-13 18:52:47 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-11-13 18:52:47 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-11-13 18:52:47 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-11-13 18:52:47 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-01-31 17:21:26 | 000,002,111 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 menelgame.pl www.menelgame.pl change.menelgame.pl O1 - Hosts: 127.0.0.1 content.cpxinteractive.com O1 - Hosts: 127.0.0.1 adserving.cpxinteractive.com O1 - Hosts: 127.0.0.1 www.axill.com O1 - Hosts: 127.0.0.1 content.globalinteractive.com O1 - Hosts: 127.0.0.1 ad.globalinteractive.com O1 - Hosts: 127.0.0.1 adserver.adreactor.com O1 - Hosts: 127.0.0.1 ad.media-servers.net O1 - Hosts: 127.0.0.1 www.funtonia.com O1 - Hosts: 127.0.0.1 www.google-analytics.com O1 - Hosts: 127.0.0.1 pagead2.googlesyndication.com O1 - Hosts: 127.0.0.1 idm.hit.gemius.pl O1 - Hosts: 127.0.0.1 adidm.idmnet.pl O1 - Hosts: 127.0.0.1 limg.adspirit.de O1 - Hosts: 127.0.0.1 peb.itendix.de O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 16 more lines... O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-1144524802-840280565-2537418528-1000..\Run: [RocketDock] D:\Program Files\RocketDock\RocketDock.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1144524802-840280565-2537418528-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1144524802-840280565-2537418528-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 4 O7 - HKU\S-1-5-21-1144524802-840280565-2537418528-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 1 O7 - HKU\S-1-5-21-1144524802-840280565-2537418528-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0 O7 - HKU\S-1-5-21-1144524802-840280565-2537418528-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Aleksander\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Aleksander\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008-07-28 02:49:18 | 000,251,192 | R--- | M] (CAPCOM CO., LTD.) - E:\autorun.exe -- [ UDF ] O32 - AutoRun File - [2008-04-04 07:18:54 | 000,000,052 | R--- | M] () - E:\Autorun.inf -- [ UDF ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-03-04 16:11:49 | 000,000,000 | ---D | C] -- C:\_OTL [2011-03-03 23:43:25 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2011-03-03 23:42:11 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2011-03-03 23:42:11 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2011-03-03 23:42:11 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2011-03-03 23:39:32 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll [2011-03-03 23:39:32 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll [2011-03-03 23:38:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2011-03-03 23:37:52 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011-03-03 23:37:52 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011-03-03 23:37:52 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011-03-03 23:37:52 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011-03-03 23:37:52 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011-03-03 23:37:52 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011-03-03 23:37:52 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011-03-03 23:37:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011-03-03 23:37:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011-03-03 23:37:51 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011-03-03 23:37:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011-03-03 23:37:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011-03-03 23:37:50 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011-03-03 23:37:50 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011-03-03 23:37:50 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011-03-03 23:37:50 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011-03-03 23:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011-03-03 23:37:44 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011-03-03 23:37:44 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011-03-03 23:37:38 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2011-03-03 23:37:24 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011-03-03 23:37:20 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2011-03-03 23:37:20 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2011-03-03 23:37:20 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2011-03-03 23:37:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2011-03-03 23:37:02 | 002,038,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011-03-03 23:36:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011-03-03 23:36:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2011-03-03 23:36:23 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL [2011-03-03 23:36:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2011-03-03 23:36:20 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2011-03-03 23:36:18 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2011-03-03 23:36:10 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011-03-03 23:36:10 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2011-03-03 23:36:10 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011-03-03 23:36:07 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2011-03-03 23:36:06 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2011-03-03 23:36:05 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011-03-03 23:36:04 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2011-03-03 23:36:03 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2011-03-03 23:36:03 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2011-03-03 23:35:57 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm [2011-03-03 23:35:54 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2011-03-03 23:35:53 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2011-03-03 23:35:52 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2011-03-01 15:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011-03-01 15:13:22 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011-03-01 15:13:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011-03-01 15:13:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011-02-28 19:26:04 | 000,000,000 | ---D | C] -- C:\Users\Aleksander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II [2011-02-27 16:03:11 | 000,000,000 | ---D | C] -- C:\Users\Aleksander\Documents\Adobe Scripts [2011-02-24 20:47:25 | 000,000,000 | ---D | C] -- C:\Users\Aleksander\AppData\Roaming\.minecraft server [2011-02-24 20:46:31 | 000,000,000 | ---D | C] -- C:\Users\Aleksander\AppData\Roaming\.minecraft [2011-02-23 19:23:38 | 000,000,000 | -H-D | C] -- C:\ProgramData\{BF329843-149E-4A5A-82A1-0250286442D0} [2011-02-23 19:21:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\{4275E5EA-6E30-48EB-A209-F964539CBE1C} [2011-02-23 19:20:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Digidesign [2011-02-23 18:46:52 | 000,000,000 | ---D | C] -- C:\Users\Aleksander\Documents\Native Instruments [2011-02-23 18:46:52 | 000,000,000 | ---D | C] -- C:\Users\Aleksander\AppData\Local\Native Instruments [2011-02-23 18:45:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments [2011-02-23 18:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Native Instruments [2011-02-23 18:45:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A6DB2A6F-FF9D-453F-99D6-C1AA54BC0C14} [2011-02-23 18:45:08 | 000,000,000 | ---D | C] -- C:\Program Files\Native Instruments [2011-02-15 14:17:39 | 000,000,000 | ---D | C] -- C:\Users\Aleksander\AppData\Local\CrashRpt [1 C:\Users\Aleksander\Documents\*.tmp files -> C:\Users\Aleksander\Documents\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-03-04 16:15:39 | 000,003,116 | ---- | M] () -- C:\Windows\HWTablet.bin [2011-03-04 16:15:10 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-03-04 16:15:10 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-03-04 16:15:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-03-04 15:58:15 | 000,665,630 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-03-04 15:58:15 | 000,598,432 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-03-04 15:58:15 | 000,133,318 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-03-04 15:58:15 | 000,106,288 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-03-04 15:52:51 | 004,847,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-03-03 22:05:48 | 515,914,133 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011-03-03 21:23:02 | 000,000,020 | ---- | M] () -- C:\Users\Aleksander\defogger_reenable [2011-03-03 00:51:59 | 000,006,398 | ---- | M] () -- C:\Windows\WINCMD.INI [2011-03-03 00:46:57 | 000,000,308 | ---- | M] () -- C:\Windows\wcx_ftp.ini [2011-03-01 18:32:28 | 000,073,728 | ---- | M] () -- C:\Users\Aleksander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-27 17:37:34 | 000,000,144 | ---- | M] () -- C:\Users\Aleksander\Documents\a.php [2011-02-23 21:22:00 | 000,018,908 | ---- | M] () -- C:\Users\Aleksander\Documents\form_sound.html [2011-02-22 19:38:15 | 000,003,012 | ---- | M] () -- C:\Users\Aleksander\Documents\plakat.html [2011-02-15 14:18:01 | 000,000,004 | ---- | M] () -- C:\Users\Aleksander\AppData\Roaming\steam_md4.dat [2011-02-02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011-02-02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011-02-02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011-02-02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011-02-02 17:11:20 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [1 C:\Users\Aleksander\Documents\*.tmp files -> C:\Users\Aleksander\Documents\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-03-03 21:22:49 | 000,000,020 | ---- | C] () -- C:\Users\Aleksander\defogger_reenable [2011-03-02 22:38:45 | 000,190,225 | ---- | C] () -- C:\Users\Aleksander\1255549721922_2.png [2011-02-23 21:21:59 | 000,018,908 | ---- | C] () -- C:\Users\Aleksander\Documents\form_sound.html [2011-02-22 04:08:44 | 000,003,012 | ---- | C] () -- C:\Users\Aleksander\Documents\plakat.html [2011-02-15 14:18:01 | 000,000,004 | ---- | C] () -- C:\Users\Aleksander\AppData\Roaming\steam_md4.dat [2010-10-22 21:16:01 | 000,000,565 | ---- | C] () -- C:\Windows\SIERRA.INI [2010-09-18 17:20:14 | 000,000,938 | ---- | C] () -- C:\Users\Aleksander\AppData\Roaming\MPQEditor.ini [2010-08-25 10:05:48 | 000,000,132 | ---- | C] () -- C:\Users\Aleksander\AppData\Roaming\Adobe PNG Format CS5 Prefs [2010-06-26 16:47:07 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2010-06-26 16:47:07 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2010-06-26 16:47:07 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2010-06-26 16:46:00 | 000,026,952 | ---- | C] () -- C:\Windows\DIIUnin.dat [2010-01-24 18:58:05 | 000,000,552 | ---- | C] () -- C:\Users\Aleksander\AppData\Local\d3d8caps.dat [2010-01-24 18:44:49 | 000,043,217 | ---- | C] () -- C:\Windows\War3Unin.dat [2009-12-14 17:01:07 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009-12-14 17:01:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009-12-11 20:49:46 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll [2009-11-18 16:11:56 | 000,197,624 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2009-10-26 20:06:06 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2009-10-09 16:42:17 | 000,000,245 | ---- | C] () -- C:\Users\Aleksander\AppData\Local\RAExpertHistory.xml [2009-09-14 15:51:36 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009-07-20 19:33:37 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009-07-20 19:33:36 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009-06-19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2009-05-23 13:45:30 | 000,000,600 | ---- | C] () -- C:\Users\Aleksander\AppData\Roaming\winscp.rnd [2009-05-13 20:34:57 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2009-05-07 14:28:02 | 000,000,308 | ---- | C] () -- C:\Windows\wcx_ftp.ini [2009-05-07 14:27:45 | 000,006,398 | ---- | C] () -- C:\Windows\WINCMD.INI [2009-05-05 11:59:25 | 000,000,098 | ---- | C] () -- C:\Users\Aleksander\AppData\Local\fusioncache.dat [2009-04-18 13:38:37 | 000,073,728 | ---- | C] () -- C:\Users\Aleksander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-04-18 13:29:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009-04-18 13:18:36 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2009-04-18 13:02:46 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2009-04-18 12:59:05 | 000,077,824 | ---- | C] () -- C:\Windows\System32\jwusbchk.dll [2009-04-18 12:59:04 | 000,299,008 | ---- | C] () -- C:\Windows\System32\HWTabTray.exe [2009-04-18 12:59:04 | 000,090,112 | ---- | C] () -- C:\Windows\System32\WinTab32.dll [2009-04-18 12:59:04 | 000,077,824 | ---- | C] () -- C:\Windows\System32\jwusbchk32.dll [2009-04-18 12:59:04 | 000,073,728 | ---- | C] () -- C:\Windows\System32\JWKey.dll [2009-04-18 12:59:04 | 000,066,560 | ---- | C] () -- C:\Windows\jwpen.exe [2009-04-18 12:59:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\HWKeyPlus.exe [2009-04-18 12:59:04 | 000,029,696 | ---- | C] () -- C:\Windows\System32\JWPen.dll [2009-04-18 12:59:04 | 000,028,672 | ---- | C] () -- C:\Windows\HWCkPenT.dll [2009-04-18 12:59:04 | 000,013,824 | ---- | C] () -- C:\Windows\DevInst.exe [2009-04-18 12:59:04 | 000,011,264 | ---- | C] () -- C:\Windows\HWDevInst.exe [2009-04-18 12:59:04 | 000,003,116 | ---- | C] () -- C:\Windows\HWTablet.bin [2009-04-18 12:47:01 | 000,001,356 | ---- | C] () -- C:\Users\Aleksander\AppData\Local\d3d9caps.dat [2009-02-18 18:55:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe [2009-02-03 21:52:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe [2008-03-06 01:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2008-01-21 07:24:14 | 000,665,630 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2008-01-21 07:24:14 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2008-01-21 07:24:14 | 000,133,318 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2008-01-21 07:24:14 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2007-06-21 07:34:08 | 000,203,328 | R--- | C] () -- C:\Windows\GSetup.exe [2006-11-02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006-11-02 13:47:37 | 004,847,792 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 11:33:01 | 000,598,432 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006-11-02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006-11-02 11:33:01 | 000,106,288 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006-11-02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006-11-02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006-11-02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006-11-02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2011-02-24 22:29:39 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\.minecraft [2011-02-24 20:47:25 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\.minecraft server [2011-02-28 22:57:59 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\BitTorrent [2009-08-21 19:02:27 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\COWON [2009-06-05 21:59:11 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\DAEMON Tools Lite [2010-01-11 21:45:04 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\Dev-Cpp [2010-10-10 23:40:15 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\DiskAid [2009-05-01 20:39:58 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\DNA [2010-08-04 18:43:00 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\EarMaster [2009-11-21 22:19:55 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\ExportTool [2010-04-23 17:22:02 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\Facebook [2009-06-05 22:11:54 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\Leadertech [2010-12-08 18:49:04 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\LolClient [2009-05-31 18:14:20 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\Mount&Blade [2010-09-28 17:39:32 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\Mount&Blade Warband [2009-05-22 16:12:40 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\MXSkypeRecorder [2009-05-18 17:12:57 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\Nvu [2010-07-20 18:54:11 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\RenPy [2010-10-01 20:08:13 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2009-08-30 00:03:10 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\Synthesia [2010-02-13 12:42:31 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\TrueCrypt [2009-05-13 20:49:05 | 000,000,000 | ---D | M] -- C:\Users\Aleksander\AppData\Roaming\Ubisoft [2011-03-04 16:12:09 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:05EE1EEF @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:45690DD4 < End of report >