OTL logfile created on: 2011-03-09 15:30:42 - Run 5 OTL by OldTimer - Version 3.2.20.6 Folder = D:\fixitpc Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 87,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 92,00% Paging File free Paging file location(s): [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14,65 Gb Total Space | 9,11 Gb Free Space | 62,18% Space Free | Partition Type: NTFS Drive D: | 218,23 Gb Total Space | 151,89 Gb Free Space | 69,60% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 18,19 Gb Free Space | 3,91% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 155,12 Gb Free Space | 16,65% Space Free | Partition Type: NTFS Drive G: | 931,51 Gb Total Space | 49,43 Gb Free Space | 5,31% Space Free | Partition Type: NTFS Computer Name: WF | User Name: Q3A | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-03-02 22:54:45 | 001,905,152 | ---- | M] (K2T.eu, Kaworu) -- C:\Program Files\K2T\WTW\wtw.exe PRC - [2011-02-18 14:30:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\fixitpc\OTL.exe PRC - [2011-01-20 10:05:40 | 002,548,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe PRC - [2011-01-20 10:05:34 | 001,803,224 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2010-07-28 16:36:12 | 000,005,120 | ---- | M] () -- C:\Program Files\Prio\prio_svc.exe PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-09-12 13:05:16 | 000,054,784 | ---- | M] (EnTech Taiwan) -- C:\Program Files\MultiRes\MultiRes.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-02-18 14:30:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\fixitpc\OTL.exe MOD - [2010-12-29 01:42:04 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-07-28 16:36:30 | 000,010,960 | ---- | M] (O&K Software) -- C:\Program Files\Prio\prio.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-01-20 10:05:34 | 001,803,224 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2010-08-10 12:26:40 | 001,570,056 | ---- | M] (Raxco Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent) SRV - [2010-08-10 12:26:30 | 001,475,848 | ---- | M] (Raxco Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine) SRV - [2010-07-28 16:36:12 | 000,005,120 | ---- | M] () [Auto | Running] -- C:\Program Files\Prio\prio_svc.exe -- (prio_svc) SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-24 18:21:10 | 006,340,200 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2011-01-12 08:01:51 | 000,094,784 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect) DRV - [2011-01-12 08:01:50 | 000,239,368 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard) DRV - [2011-01-12 08:01:50 | 000,027,576 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2010-12-22 04:07:00 | 009,887,104 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-07-28 16:36:28 | 000,051,408 | ---- | M] (Xeno) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prio.sys -- (prio) DRV - [2010-07-07 04:51:37 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2010-07-07 04:51:37 | 000,130,136 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2010-06-17 08:44:26 | 000,135,184 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS) DRV - [2010-02-11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008-11-12 16:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts) DRV - [2008-10-09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV - [2008-08-01 10:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2008-08-01 10:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2008-05-24 21:09:10 | 000,073,728 | ---- | M] (EZB Systems, Inc.) [File_System | On_Demand | Stopped] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2008-04-15 13:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-06-29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD) DRV - [2006-07-01 23:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2003-04-19 00:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tandpl.sys -- (tandpl) DRV - [2003-03-02 17:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\enodpl.sys -- (enodpl) DRV - [2002-07-17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (ASPI32) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-606747145-926492609-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-606747145-926492609-682003330-1003\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-606747145-926492609-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.param.yahoo-fr: "" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "" FF - prefs.js..browser.search.param.yahoo-fr-ja: "" FF - prefs.js..browser.startup.homepage: "chrome://fastdial/content/fastdial.html" FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908 FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1 FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1 FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:3.4 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4 FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.8.2 FF - prefs.js..network.proxy.backup.ftp: "http://www.anonimek.pl/" FF - prefs.js..network.proxy.backup.ftp_port: 80 FF - prefs.js..network.proxy.backup.gopher: "http://www.anonimek.pl/" FF - prefs.js..network.proxy.backup.gopher_port: 80 FF - prefs.js..network.proxy.backup.socks: "http://www.anonimek.pl/" FF - prefs.js..network.proxy.backup.socks_port: 80 FF - prefs.js..network.proxy.backup.ssl: "http://www.anonimek.pl/" FF - prefs.js..network.proxy.backup.ssl_port: 80 FF - prefs.js..network.proxy.ftp: "91.121.91.61" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.gopher: "91.121.91.61" FF - prefs.js..network.proxy.gopher_port: 3128 FF - prefs.js..network.proxy.http: "91.121.91.61" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "91.121.91.61" FF - prefs.js..network.proxy.socks_port: 3128 FF - prefs.js..network.proxy.ssl: "91.121.91.61" FF - prefs.js..network.proxy.ssl_port: 3128 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-05 10:46:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-05 10:46:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0b12\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components [2011-02-26 15:34:59 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011-03-05 18:59:54 | 000,000,000 | ---D | M] [2011-01-08 14:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Extensions [2011-01-08 13:00:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011-01-08 13:00:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Extensions\{a23983c0-fd0e-11dc-95ff-0800200c9a66} [2011-03-08 21:48:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\extensions [2011-03-04 18:02:11 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2011-01-08 13:00:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-01-08 13:00:41 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011-01-08 14:29:06 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-03-08 21:48:06 | 000,000,000 | ---D | M] (Check4Change) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\extensions\check4change-owner@mozdev.org [2011-01-08 13:00:42 | 000,000,000 | ---D | M] (Element Hiding Helper for Adblock Plus) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\extensions\elemhidehelper@adblockplus.org [2011-01-08 13:00:42 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\extensions\en-GB@dictionaries.addons.mozilla.org [2011-01-08 13:00:42 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\extensions\en-US@dictionaries.addons.mozilla.org [2011-02-13 00:14:08 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\extensions\fastdial@telega.phpnet.us [2011-01-08 13:00:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\extensions\nostmp [2010-10-27 06:37:26 | 000,002,767 | ---- | M] () -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\searchplugins\allegro-pl.xml [2010-10-27 06:37:26 | 000,001,406 | ---- | M] () -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\searchplugins\fbc-pl.xml [2010-09-08 15:03:56 | 000,002,221 | ---- | M] () -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\searchplugins\filmweb.xml [2010-10-27 06:37:26 | 000,002,371 | ---- | M] () -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\searchplugins\google.xml [2010-10-27 06:37:26 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\searchplugins\merlin-pl.xml [2010-09-08 15:04:45 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\searchplugins\mozilla-add-ons.xml [2010-10-27 06:37:26 | 000,000,858 | ---- | M] () -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\searchplugins\pwn-pl.xml [2010-10-27 06:37:26 | 000,001,183 | ---- | M] () -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\searchplugins\wikipedia-pl.xml [2010-10-27 06:37:26 | 000,001,683 | ---- | M] () -- C:\Documents and Settings\Q3A\Dane aplikacji\Mozilla\Firefox\Profiles\emd0hext.default\searchplugins\wp-pl.xml [2011-03-08 21:48:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-01-08 13:07:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-11-15 15:47:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2003-01-13 16:08:06 | 000,499,712 | ---- | M] (Morgan Multimedia) -- C:\Program Files\Mozilla Firefox\plugins\npjp2.dll [2010-04-01 18:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-04-01 18:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-04-01 18:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-04-01 18:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-04-01 18:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-04-01 18:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2008-04-15 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKU\S-1-5-21-606747145-926492609-682003330-1003..\Run: [Thunderbird] C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging) O4 - Startup: C:\Documents and Settings\Q3A\Menu Start\Programy\Autostart\MultiRes.lnk = C:\Program Files\MultiRes\MultiRes.exe (EnTech Taiwan) O4 - Startup: C:\Documents and Settings\Q3A\Menu Start\Programy\Autostart\WTW.lnk = C:\Program Files\K2T\WTW\wtw.exe (K2T.eu, Kaworu) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-606747145-926492609-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-606747145-926492609-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-21-606747145-926492609-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-606747145-926492609-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-606747145-926492609-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = [binary data] O7 - HKU\S-1-5-21-606747145-926492609-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = [binary data] O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (prio.dll) - C:\Program Files\Prio\prio.dll (O&K Software) O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-01-08 14:01:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{a22d8340-21af-11e0-983f-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{a22d8340-21af-11e0-983f-806d6172696f}\Shell\AutoRun\command - "" = I:\autorun.exe O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\System32\PDBoot.exe (Raxco Software, Inc.) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-03-09 15:06:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2011-03-09 15:05:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Q3A\Recent [2011-03-09 11:03:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2011-03-08 10:27:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinUHA [2011-03-08 08:03:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM [2011-03-07 21:41:05 | 000,000,000 | ---D | C] -- C:\Program Files\FileTypesMan [2011-03-06 20:47:11 | 001,833,576 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe [2011-03-06 20:47:11 | 001,489,512 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe [2011-03-06 20:47:11 | 000,891,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.CPL [2011-03-06 20:47:11 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe [2011-03-06 20:47:11 | 000,084,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE [2011-03-06 20:47:10 | 009,721,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.EXE [2011-03-06 20:47:09 | 006,340,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys [2011-03-06 20:47:09 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe [2011-03-06 20:47:09 | 000,055,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstXP.dll [2011-03-06 20:47:07 | 002,815,592 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE [2011-03-06 20:47:07 | 002,180,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe [2011-03-06 20:47:07 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys [2011-03-06 20:47:07 | 001,395,800 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys [2011-03-06 20:47:07 | 000,285,288 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL [2011-03-06 20:47:07 | 000,064,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE [2011-03-06 20:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011-03-06 20:47:05 | 001,284,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll [2011-03-05 19:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\.dvdcss [2011-03-05 19:22:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\.smplayer [2011-03-03 22:37:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\Dane aplikacji\DAEMON Tools Lite [2011-03-03 22:37:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-03-03 17:51:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\Dane aplikacji\Miranda [2011-03-03 17:50:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\Menu Start\Programy\Miranda IM [2011-03-03 17:50:57 | 000,000,000 | ---D | C] -- C:\Program Files\Miranda IM [2011-03-03 08:52:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\Moje dokumenty\SpellForce [2011-03-03 00:34:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2011-03-02 10:18:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\Ustawienia lokalne\Dane aplikacji\Temp [2011-03-02 09:44:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\Moje dokumenty\Pobieranie [2011-03-01 18:44:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\Dane aplikacji\Obsidium [2011-03-01 18:44:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AllMyMovies [2011-03-01 15:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\Karasoft [2011-03-01 15:43:37 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan [2011-03-01 13:06:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2011-03-01 13:06:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2011-02-28 20:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\TAK [2011-02-27 16:07:14 | 000,476,064 | ---- | C] (SpeedyFox) -- C:\Program Files\speedyfox.exe [2011-02-25 18:36:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeraCopy [2011-02-25 18:23:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2011-02-25 18:23:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2011-02-25 18:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\MSI Afterburner [2011-02-25 17:57:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-02-25 00:25:53 | 000,000,000 | -H-D | C] -- C:\VritualRoot [2011-02-24 23:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Geeks3D [2011-02-24 23:54:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\Dane aplikacji\FreeStone Group [2011-02-24 14:51:57 | 000,034,304 | ---- | C] (AMD, Inc.) -- C:\WINDOWS\System32\drivers\AmdLLD.sys [2011-02-24 14:51:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2011-02-24 14:51:32 | 000,043,520 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\System32\drivers\AmdK8.sys [2011-02-24 14:51:32 | 000,000,000 | ---D | C] -- C:\Program Files\AMD [2011-02-24 14:51:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\Dane aplikacji\InstallShield [2011-02-24 14:35:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\Dane aplikacji\.wtw [2011-02-24 12:24:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype [2011-02-19 11:35:16 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011-02-19 11:35:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011-02-19 11:35:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011-02-19 11:35:16 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2011-02-19 10:58:34 | 000,032,768 | ---- | C] (Frog ASPI / Millenod) -- C:\WINDOWS\System32\Wnaspi32.dll [2011-02-19 04:39:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SystemExplorer [2011-02-19 04:39:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\System Explorer [2011-02-17 10:56:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2011-02-16 12:58:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Metin2 [2011-02-14 19:36:12 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity [2011-02-12 20:24:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XNA [2011-02-12 14:20:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\Menu Start\Programy\Windows 7 USB DVD Download Tool [2011-02-12 14:20:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Q3A\Ustawienia lokalne\Dane aplikacji\Apps [2011-02-12 00:12:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2011-02-10 16:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\MHDD [2011-02-09 12:15:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2011-01-08 17:04:46 | 000,121,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll [2011-01-08 15:04:25 | 000,060,928 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll [2010-06-17 22:12:07 | 005,203,408 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files\FlashPlayer.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-03-09 15:22:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-03-09 15:07:26 | 000,000,222 | RHS- | M] () -- C:\boot.ini [2011-03-09 15:01:24 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-03-08 08:04:11 | 000,541,902 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-03-08 08:04:11 | 000,481,136 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-03-08 08:04:11 | 000,098,492 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-03-08 08:04:11 | 000,079,210 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-03-07 23:48:24 | 000,054,272 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000001-00000000-00000007-00001102-00000005-002F1102}.rfx [2011-03-07 23:02:18 | 000,003,231 | ---- | M] () -- C:\Documents and Settings\Q3A\Dane aplikacji\prio.ini [2011-03-07 16:29:52 | 000,251,288 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2011-03-07 16:29:52 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2011-03-07 16:29:51 | 000,251,284 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2011-03-04 02:46:15 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-03-02 17:19:10 | 000,000,433 | ---- | M] () -- C:\Documents and Settings\Q3A\Pulpit\192.168.1.101.lnk [2011-03-02 09:34:39 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-03-01 15:43:37 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo [2011-02-28 19:48:17 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\Q3A\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-28 12:32:37 | 000,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys [2011-02-27 20:09:19 | 000,000,550 | ---- | M] () -- C:\Documents and Settings\Q3A\Pulpit\Metin2 Client.lnk [2011-02-27 16:07:14 | 000,476,064 | ---- | M] (SpeedyFox) -- C:\Program Files\speedyfox.exe [2011-02-27 00:19:52 | 000,000,360 | ---- | M] () -- C:\Documents and Settings\Q3A\Pulpit\radio.fpl [2011-02-24 18:21:10 | 006,340,200 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys [2011-02-24 17:04:04 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys [2011-02-23 23:09:58 | 000,079,872 | ---- | M] () -- C:\WINDOWS\System32\xvid.ax [2011-02-23 23:05:44 | 000,243,200 | ---- | M] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-02-23 22:00:16 | 000,631,808 | ---- | M] () -- C:\WINDOWS\System32\xvidcore.dll [2011-02-19 11:35:08 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2011-02-19 11:35:08 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011-02-19 11:35:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011-02-19 11:35:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011-02-19 11:35:08 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2011-02-19 10:58:34 | 000,032,768 | ---- | M] (Frog ASPI / Millenod) -- C:\WINDOWS\System32\Wnaspi32.dll [2011-02-12 23:05:47 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Q3A\Dane aplikacji\coreavc.ini [2011-02-12 17:25:15 | 000,028,563 | ---- | M] () -- C:\Documents and Settings\Q3A\Pulpit\backupsettings.conf [2011-02-09 15:56:00 | 001,284,712 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll [2011-02-09 15:14:23 | 000,042,001 | R--- | M] () -- C:\WINDOWS\System32\certmgr.msc [2011-02-09 15:14:11 | 000,041,469 | R--- | M] () -- C:\WINDOWS\System32\ciadv.msc [2011-02-09 15:13:54 | 000,037,367 | R--- | M] () -- C:\WINDOWS\System32\compmgmt.msc [2011-02-09 15:13:45 | 000,032,724 | R--- | M] () -- C:\WINDOWS\System32\devmgmt.msc [2011-02-09 15:13:35 | 000,041,137 | R--- | M] () -- C:\WINDOWS\System32\dfrg.msc [2011-02-09 15:13:24 | 000,033,320 | R--- | M] () -- C:\WINDOWS\System32\diskmgmt.msc [2011-02-09 15:13:13 | 000,056,279 | R--- | M] () -- C:\WINDOWS\System32\eventvwr.msc [2011-02-09 15:13:02 | 000,032,425 | R--- | M] () -- C:\WINDOWS\System32\fsmgmt.msc [2011-02-09 15:12:51 | 000,034,349 | R--- | M] () -- C:\WINDOWS\System32\gpedit.msc [2011-02-09 15:12:20 | 000,041,854 | R--- | M] () -- C:\WINDOWS\System32\lusrmgr.msc [2011-02-09 15:12:09 | 000,025,909 | R--- | M] () -- C:\WINDOWS\System32\ntmsmgr.msc [2011-02-09 15:11:53 | 000,032,593 | R--- | M] () -- C:\WINDOWS\System32\ntmsoprq.msc [2011-02-09 15:11:39 | 000,057,848 | R--- | M] () -- C:\WINDOWS\System32\perfmon.msc [2011-02-09 15:11:08 | 000,043,967 | R--- | M] () -- C:\WINDOWS\System32\rsop.msc [2011-02-09 15:05:05 | 000,035,721 | R--- | M] () -- C:\WINDOWS\System32\secpol.msc [2011-02-09 15:03:53 | 000,033,083 | R--- | M] () -- C:\WINDOWS\System32\services.msc [2011-02-09 14:53:59 | 000,270,848 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sbe.dll [2011-02-09 14:53:59 | 000,186,880 | ---- | M] () -- C:\WINDOWS\System32\dllcache\encdec.dll [2011-02-09 12:55:13 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-02-08 05:52:59 | 000,022,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-03-02 17:19:10 | 000,000,433 | ---- | C] () -- C:\Documents and Settings\Q3A\Pulpit\192.168.1.101.lnk [2011-03-02 09:28:31 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-03-01 15:43:37 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo [2011-02-27 20:09:19 | 000,000,550 | ---- | C] () -- C:\Documents and Settings\Q3A\Pulpit\Metin2 Client.lnk [2011-02-27 00:19:52 | 000,000,360 | ---- | C] () -- C:\Documents and Settings\Q3A\Pulpit\radio.fpl [2011-02-14 19:36:28 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Audacity 1.3 Beta (Unicode).lnk [2011-02-12 17:25:14 | 000,028,563 | ---- | C] () -- C:\Documents and Settings\Q3A\Pulpit\backupsettings.conf [2011-02-09 14:53:59 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll [2011-02-09 14:53:59 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll [2011-02-08 05:52:59 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2011-02-08 05:52:54 | 000,107,832 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2011-02-08 05:52:47 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2011-02-03 13:50:38 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys [2011-01-28 08:19:06 | 050,838,152 | ---- | C] () -- C:\Documents and Settings\Q3A\Dane aplikacji\.minecraft.7z [2011-01-21 22:29:10 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys [2011-01-21 22:29:10 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys [2011-01-17 19:38:30 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011-01-08 17:04:47 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-01-08 17:04:46 | 002,582,016 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll [2011-01-08 17:04:45 | 000,631,808 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-01-08 17:04:45 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-01-08 17:04:45 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2011-01-08 16:53:58 | 000,000,483 | ---- | C] () -- C:\WINDOWS\CDRipper.ini [2011-01-08 15:04:26 | 000,002,560 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL [2011-01-08 15:03:58 | 000,000,285 | ---- | C] () -- C:\WINDOWS\System32\kill.ini [2011-01-08 14:49:23 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-01-04 14:54:48 | 000,012,900 | ---- | C] () -- C:\Documents and Settings\Q3A\Ustawienia lokalne\Dane aplikacji\HWVendorDetection.log [2010-12-03 10:00:02 | 000,006,874 | ---- | C] () -- C:\Documents and Settings\Q3A\Dane aplikacji\.freeciv-client-rc-2.2 [2010-08-05 20:58:15 | 000,002,292 | ---- | C] () -- C:\Documents and Settings\Q3A\Dane aplikacji\ASSDraw3.cfg [2010-07-06 04:34:11 | 000,003,231 | ---- | C] () -- C:\Documents and Settings\Q3A\Dane aplikacji\prio.ini [2010-07-03 20:39:08 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\Q3A\Dane aplikacji\coreavc.ini [2010-07-03 17:49:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2010-06-27 12:25:47 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Q3A\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-23 19:00:05 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Q3A\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2011-03-09 14:36:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AllMyMovies [2011-03-03 22:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-03-01 13:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2011-03-01 13:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2011-01-17 21:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\fontconfig [2011-02-03 13:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Hitman Pro [2011-02-19 04:39:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SystemExplorer [2011-03-08 17:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-02-25 19:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\.minecraft [2011-02-24 14:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\.wtw [2011-01-08 13:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\Aegisub [2011-02-14 20:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\Audacity [2011-03-03 22:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\DAEMON Tools Lite [2011-01-08 13:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\FLV Extract [2011-03-09 14:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\foobar2000 [2011-02-24 23:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\FreeStone Group [2011-01-26 09:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\LibreOffice [2011-03-03 18:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\Miranda [2011-01-08 13:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\mkvtoolnix [2011-01-08 13:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\Mp3tag [2011-01-08 13:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\MPEG Streamclip [2011-02-09 14:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\Notepad++ [2011-03-01 18:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\Obsidium [2011-01-08 14:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\Opera [2011-03-09 15:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\TeraCopy [2011-01-08 13:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\Thunderbird [2011-03-09 14:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\uTorrent [2011-02-02 23:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Q3A\Dane aplikacji\wargaming.net [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:5C321E34 < End of report >