OTL logfile created on: 2011-09-12 17:30:23 - Run 1
OTL by OldTimer - Version 3.2.27.0     Folder = H:\Documents and Settings\Farmer\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1023,11 Mb Total Physical Memory | 358,64 Mb Available Physical Memory | 35,05% Memory free
2,40 Gb Paging File | 1,48 Gb Available in Paging File | 61,50% Paging File free
Paging file location(s): H:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files
Drive D: | 3,04 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 78,13 Gb Total Space | 56,55 Gb Free Space | 72,38% Space Free | Partition Type: NTFS
Drive I: | 154,75 Gb Total Space | 61,59 Gb Free Space | 39,80% Space Free | Partition Type: NTFS
 
Computer Name: FARMER-0A95BE04 | User Name: Farmer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011-09-12 17:29:47 | 000,581,120 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Farmer\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2011-09-08 10:57:38 | 000,924,632 | ---- | M] (Mozilla Corporation) -- H:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-08-04 13:30:53 | 000,269,480 | ---- | M] (Avira GmbH) -- H:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- H:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2011-06-15 08:19:14 | 000,307,200 | ---- | M] (PowerISO Computing, Inc.) -- H:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2011-05-25 09:25:59 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- H:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-05-18 11:11:08 | 005,459,968 | ---- | M] () -- H:\Program Files\ChomikBox\chomikbox.exe
PRC - [2011-04-21 05:24:05 | 000,076,968 | ---- | M] (Avira GmbH) -- H:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011-04-21 05:23:48 | 000,136,360 | ---- | M] (Avira GmbH) -- H:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011-04-21 05:23:33 | 000,281,768 | ---- | M] (Avira GmbH) -- H:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-10-27 21:21:54 | 001,155,072 | ---- | M] (Last.fm) -- H:\Program Files\Last.fm\LastFM.exe
PRC - [2009-03-28 23:11:38 | 003,325,952 | ---- | M] (Electronic Arts) -- H:\Program Files\Electronic Arts\EADM\Core.exe
PRC - [2008-04-14 20:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\explorer.exe
PRC - [2008-03-20 12:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- H:\Program Files\Gadu-Gadu\gg.exe
PRC - [2007-04-13 06:00:00 | 000,182,272 | ---- | M] (SEIKO EPSON CORPORATION) -- H:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATICJE.EXE
PRC - [2006-09-23 16:18:46 | 000,968,192 | ---- | M] () -- H:\Program Files\foobar2000\foobar2000.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011-09-08 10:57:37 | 001,846,232 | ---- | M] () -- H:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-08-04 15:22:33 | 006,271,648 | ---- | M] () -- H:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011-07-20 14:10:24 | 000,355,688 | ---- | M] () -- H:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010-10-27 21:23:04 | 000,106,496 | ---- | M] () -- H:\Program Files\Last.fm\srv_rtaudioplayback.dll
MOD - [2010-10-27 21:22:52 | 000,057,344 | ---- | M] () -- H:\Program Files\Last.fm\ext_messengernotify.dll
MOD - [2010-10-27 21:22:42 | 000,058,880 | ---- | M] () -- H:\Program Files\Last.fm\ext_skypenotify.dll
MOD - [2010-10-27 21:22:08 | 000,147,456 | ---- | M] () -- H:\Program Files\Last.fm\srv_madtranscode.dll
MOD - [2010-10-27 21:22:00 | 000,028,160 | ---- | M] () -- H:\Program Files\Last.fm\srv_httpinput.dll
MOD - [2010-10-27 21:19:28 | 000,372,736 | ---- | M] () -- H:\Program Files\Last.fm\LastFmFingerprint1.dll
MOD - [2010-10-27 21:19:06 | 000,025,088 | ---- | M] () -- H:\Program Files\Last.fm\breakpad.dll
MOD - [2010-10-27 21:18:50 | 000,180,224 | ---- | M] () -- H:\Program Files\Last.fm\Moose1.dll
MOD - [2010-10-27 21:18:34 | 000,540,672 | ---- | M] () -- H:\Program Files\Last.fm\LastFmTools1.dll
MOD - [2010-10-27 21:13:52 | 001,382,507 | ---- | M] () -- H:\Program Files\Last.fm\libfftw3f-3.dll
MOD - [2010-10-27 21:13:52 | 000,074,240 | ---- | M] () -- H:\Program Files\Last.fm\zlibwapi.dll
MOD - [2010-09-23 02:50:26 | 001,024,000 | ---- | M] () -- H:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.POL
MOD - [2009-10-03 02:50:04 | 000,102,400 | ---- | M] () -- H:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\EScript.POL
MOD - [2009-10-03 02:46:46 | 000,012,288 | ---- | M] () -- H:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\updater.POL
MOD - [2009-02-27 20:05:20 | 000,053,248 | ---- | M] () -- H:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Search.POL
MOD - [2009-02-27 20:04:20 | 000,311,296 | ---- | M] () -- H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2009-02-27 20:02:56 | 000,262,144 | ---- | M] () -- H:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\DigSig.POL
MOD - [2009-02-27 20:02:50 | 001,695,744 | ---- | M] () -- H:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Annots.POL
MOD - [2009-02-27 20:01:44 | 000,983,040 | ---- | M] () -- H:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Acroform.POL
MOD - [2009-02-27 20:01:18 | 000,077,824 | ---- | M] () -- H:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\accessibility.POL
MOD - [2008-04-16 17:42:30 | 000,376,832 | ---- | M] () -- H:\Program Files\Last.fm\QtNetwork4.dll
MOD - [2008-04-16 17:42:16 | 000,524,288 | ---- | M] () -- H:\Program Files\Last.fm\QtSql4.dll
MOD - [2008-04-16 17:42:02 | 006,701,056 | ---- | M] () -- H:\Program Files\Last.fm\QtGui4.dll
MOD - [2008-04-16 17:36:38 | 000,376,832 | ---- | M] () -- H:\Program Files\Last.fm\QtXml4.dll
MOD - [2008-04-16 17:36:34 | 001,654,784 | ---- | M] () -- H:\Program Files\Last.fm\QtCore4.dll
MOD - [2008-04-02 14:26:50 | 000,233,472 | ---- | M] () -- H:\Program Files\Last.fm\imageformats\qmng4.dll
MOD - [2008-04-02 14:26:34 | 000,021,504 | ---- | M] () -- H:\Program Files\Last.fm\imageformats\qgif4.dll
MOD - [2008-04-02 14:26:28 | 000,135,168 | ---- | M] () -- H:\Program Files\Last.fm\imageformats\qjpeg4.dll
MOD - [2008-03-20 11:17:48 | 000,106,496 | ---- | M] () -- H:\Program Files\Gadu-Gadu\libiax2.dll
MOD - [2008-03-20 11:17:44 | 000,061,440 | ---- | M] () -- H:\Program Files\Gadu-Gadu\libjb.dll
MOD - [2007-10-25 13:51:16 | 000,198,656 | ---- | M] () -- H:\Program Files\Gadu-Gadu\libcurl.dll
MOD - [2006-09-23 16:18:46 | 000,968,192 | ---- | M] () -- H:\Program Files\foobar2000\foobar2000.exe
MOD - [2006-09-23 16:17:30 | 000,245,760 | ---- | M] () -- H:\Program Files\foobar2000\components\foo_dsp_std.dll
MOD - [2006-09-23 16:17:28 | 000,274,432 | ---- | M] () -- H:\Program Files\foobar2000\components\foo_albumlist.dll
MOD - [2006-09-23 16:17:20 | 000,199,168 | ---- | M] () -- H:\Program Files\foobar2000\components\foo_cdda.dll
MOD - [2006-09-23 16:17:02 | 001,108,992 | ---- | M] () -- H:\Program Files\foobar2000\components\foo_input_std.dll
MOD - [2006-09-23 16:17:02 | 000,410,624 | ---- | M] () -- H:\Program Files\foobar2000\components\foo_converter.dll
MOD - [2006-09-23 16:16:14 | 000,276,480 | ---- | M] () -- H:\Program Files\foobar2000\components\foo_rgscan.dll
MOD - [2006-09-23 16:16:08 | 000,334,848 | ---- | M] () -- H:\Program Files\foobar2000\components\foo_ui_std.dll
MOD - [2006-09-23 16:15:36 | 000,141,312 | ---- | M] () -- H:\Program Files\foobar2000\shared.dll
MOD - [2006-09-14 00:20:40 | 000,180,736 | ---- | M] () -- H:\Program Files\foobar2000\components\foo_audioscrobbler.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2011-08-04 13:30:53 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- H:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011-05-25 09:25:59 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- H:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-04-21 05:23:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- H:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011-08-04 13:30:54 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011-08-04 13:30:54 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- H:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011-06-15 10:23:56 | 000,060,156 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- H:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010-06-17 12:57:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010-06-17 12:57:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- H:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008-04-13 23:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2007-04-10 13:04:40 | 004,397,568 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-03-15 08:12:04 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2006-06-14 07:56:00 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- H:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2004-08-13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1614895754-1592454029-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
IE - HKU\S-1-5-21-1614895754-1592454029-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-21-1614895754-1592454029-1801674531-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
IE - HKU\S-1-5-21-1614895754-1592454029-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: H:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: H:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2011-09-08 10:57:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins
 
[2011-08-04 12:44:28 | 000,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\Farmer\Dane aplikacji\Mozilla\Extensions
[2011-09-11 09:09:00 | 000,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\Farmer\Dane aplikacji\Mozilla\Firefox\Profiles\m2akv0aw.default\extensions
[2011-09-12 11:42:03 | 000,001,860 | ---- | M] () -- H:\Documents and Settings\Farmer\Dane aplikacji\Mozilla\Firefox\Profiles\m2akv0aw.default\searchplugins\search.xml
[2011-08-16 23:05:12 | 000,000,000 | ---D | M] (No name found) -- H:\Program Files\Mozilla Firefox\extensions
[2011-08-16 23:05:12 | 000,000,000 | ---D | M] (Java Console) -- H:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- H:\DOCUMENTS AND SETTINGS\FARMER\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\M2AKV0AW.DEFAULT\EXTENSIONS\{DD05FD3D-18DF-4CE4-AE53-E795339C5F01}.XPI
[2011-08-16 23:05:04 | 000,000,000 | ---D | M] (Java Quick Starter) -- H:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-09-08 10:57:38 | 000,134,104 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\browsercomps.dll
[2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - H:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O4 - HKLM..\Run: [Alcmtr] H:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] H:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] H:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] H:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] H:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] H:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [Readar_sl]  File not found
O4 - HKLM..\Run: [TunesHelper] H:\Documents and Settings\All Users\TunesHelper.exe ()
O4 - HKU\S-1-5-21-1614895754-1592454029-1801674531-1003..\Run: [EPSON Stylus Photo RX685 Series] H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICJE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1614895754-1592454029-1801674531-1003..\Run: [Gadu-Gadu] H:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKU\S-1-5-21-1614895754-1592454029-1801674531-1005..\Run: [ChomikBox] H:\Program Files\ChomikBox\chomikbox.exe ()
O4 - HKU\S-1-5-21-1614895754-1592454029-1801674531-1005..\Run: [EA Core] H:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-1614895754-1592454029-1801674531-1005..\Run: [EPSON Stylus Photo RX685 Series] H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICJE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1614895754-1592454029-1801674531-1005..\Run: [Gadu-Gadu 10] H:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-21-1614895754-1592454029-1801674531-1004..\RunOnce: [nltide_2]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-1592454029-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-1592454029-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-1592454029-1801674531-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.2.1.1 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D3C140D-C8B1-4BED-AABC-6C3678706D5F}: DhcpNameServer = 10.2.1.1 10.1.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\WINDOWS\system32\userinit.exe) - H:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: H:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: H:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk H:\
O32 - Unable to obtain root file information for disk I:\
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011-09-11 17:29:24 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menu Start\Programy\PhotoScape
[2011-09-11 17:29:12 | 000,000,000 | ---D | C] -- H:\Program Files\PhotoScape
[2011-09-08 17:03:57 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Farmer\Ustawienia lokalne\Dane aplikacji\ChomikBox
[2011-09-08 17:03:56 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Farmer\Ustawienia lokalne\Dane aplikacji\Temp
[2011-09-08 16:56:26 | 000,049,152 | ---- | C] (SEIKO EPSON CORP.) -- H:\WINDOWS\System32\E_DCINST.DLL
[2011-09-08 16:56:26 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menu Start\Programy\EPSON
[2011-09-08 16:56:24 | 000,086,528 | ---- | C] (SEIKO EPSON CORPORATION) -- H:\WINDOWS\System32\E_FLBCJE.DLL
[2011-09-08 16:56:24 | 000,078,848 | ---- | C] (SEIKO EPSON CORPORATION) -- H:\WINDOWS\System32\E_FD4BCJE.DLL
[2011-09-05 10:46:51 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight
[2011-09-05 10:46:44 | 000,000,000 | ---D | C] -- H:\Program Files\Microsoft Silverlight
[2011-09-04 11:22:56 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-08-24 16:53:01 | 000,000,000 | ---D | C] -- H:\WINDOWS\Minidump
[2011-08-21 16:45:03 | 000,000,000 | ---D | C] -- H:\Program Files\Epson Software
[2011-08-21 16:45:03 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menu Start\Programy\Epson Software
[2011-08-21 16:21:34 | 000,025,856 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\usbprint.sys
[2011-08-21 16:21:27 | 000,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- H:\WINDOWS\System32\PICSDK2.dll
[2011-08-21 16:21:27 | 000,120,992 | ---- | C] (SEIKO EPSON CORPORATION) -- H:\WINDOWS\System32\EpPicPrt.dll
[2011-08-21 16:21:27 | 000,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- H:\WINDOWS\System32\PICEntry.dll
[2011-08-21 16:21:27 | 000,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- H:\WINDOWS\System32\PICSDK.dll
[2011-08-21 16:21:26 | 000,071,840 | ---- | C] (SEIKO EPSON CORPORATION) -- H:\WINDOWS\System32\EPPicMgr.dll
[2011-08-21 16:18:23 | 000,032,128 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\usbccgp.sys
[2011-08-20 12:29:09 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menu Start\Programy\Chomikuj.pl
[2011-08-20 12:29:09 | 000,000,000 | ---D | C] -- H:\Program Files\ChomikBox
[2011-08-17 14:16:43 | 000,094,720 | ---- | C] (Jin Hui   E-mail: shjh@usa.net) -- H:\WINDOWS\System32\splitter.ocx
[2011-08-17 14:16:43 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menu Start\Programy\HEXwrite
[2011-08-17 14:16:42 | 000,000,000 | ---D | C] -- H:\Program Files\HEXwrite
[2011-08-16 23:07:29 | 000,000,000 | ---D | C] -- H:\WINDOWS\Sun
[2011-08-16 23:07:23 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Sun
[2011-08-16 23:07:23 | 000,000,000 | ---D | C] -- H:\Program Files\Common Files\Java
[2011-08-16 23:05:10 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- H:\WINDOWS\System32\deployJava1.dll
[2011-08-16 23:05:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- H:\WINDOWS\System32\javaws.exe
[2011-08-16 23:05:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- H:\WINDOWS\System32\javaw.exe
[2011-08-16 23:05:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- H:\WINDOWS\System32\java.exe
[2011-08-16 23:05:10 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- H:\WINDOWS\System32\javacpl.cpl
[2011-08-16 23:05:00 | 000,000,000 | ---D | C] -- H:\Program Files\Java
[2011-08-16 23:03:34 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Farmer\Dane aplikacji\Sun
[2011-08-16 14:46:02 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Farmer\.thumbnails
[2011-08-16 14:45:31 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Farmer\.gimp-2.6
[2011-08-16 14:45:30 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Farmer\Moje dokumenty\gegl-0.0
[2011-08-16 14:45:23 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menu Start\Programy\GIMP
[2011-08-16 14:44:50 | 000,000,000 | ---D | C] -- H:\Program Files\GIMP-2.0
[2011-08-16 12:51:45 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menu Start\Programy\osu!
[2011-08-16 12:51:30 | 000,000,000 | ---D | C] -- H:\Program Files\osu!
[2011-08-15 20:35:15 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Farmer\Dane aplikacji\TS3Client
[2011-08-15 20:34:24 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client
[2011-08-15 20:34:16 | 000,000,000 | ---D | C] -- H:\Program Files\TeamSpeak 3 Client
[2011-08-15 20:28:19 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Farmer\Dane aplikacji\teamspeak2
[2011-08-15 20:28:11 | 000,034,064 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\lhacm.acm
[2011-08-15 20:28:09 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Menu Start\Programy\Teamspeak2 RC2
[2011-08-15 20:28:06 | 000,000,000 | ---D | C] -- H:\Program Files\Teamspeak2_RC2
[2011-08-15 16:08:54 | 000,000,000 | ---D | C] -- H:\Program Files\Corel
[3 H:\WINDOWS\System32\*.tmp files -> H:\WINDOWS\System32\*.tmp -> ]
[3 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011-09-12 17:06:42 | 001,835,008 | -H-- | M] () -- H:\Documents and Settings\Farmer\NTUSER.DAT
[2011-09-12 13:45:25 | 001,502,136 | ---- | M] () -- H:\Documents and Settings\Farmer\Pulpit\kabza.pdf
[2011-09-12 12:11:17 | 000,035,731 | ---- | M] () -- H:\Documents and Settings\Farmer\Pulpit\bass.jpeg
[2011-09-12 10:38:25 | 000,000,006 | -H-- | M] () -- H:\WINDOWS\tasks\SA.DAT
[2011-09-12 10:38:24 | 000,002,206 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl
[2011-09-12 10:38:23 | 000,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat
[2011-09-11 23:06:32 | 000,000,188 | -HS- | M] () -- H:\Documents and Settings\Farmer\ntuser.ini
[2011-09-11 23:06:20 | 004,265,226 | -H-- | M] () -- H:\Documents and Settings\Farmer\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-09-11 20:42:24 | 000,137,176 | ---- | M] () -- H:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011-09-11 20:42:18 | 000,268,952 | ---- | M] () -- H:\WINDOWS\System32\PnkBstrB.xtr
[2011-09-08 20:20:21 | 000,030,208 | ---- | M] () -- H:\Documents and Settings\Farmer\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-09-08 17:47:20 | 000,268,952 | ---- | M] () -- H:\WINDOWS\System32\PnkBstrB.ex0
[2011-09-08 12:07:29 | 000,000,000 | -H-- | M] () -- H:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011-09-06 14:26:59 | 000,001,526 | ---- | M] () -- H:\Documents and Settings\Farmer\.recently-used.xbel
[2011-09-06 14:23:04 | 000,990,645 | ---- | M] () -- H:\Documents and Settings\Farmer\Pulpit\0ffcd00945615278ca6b5d45aabf4072.gif
[2011-09-05 19:30:55 | 000,338,312 | ---- | M] () -- H:\Documents and Settings\Farmer\Pulpit\popo.jpg
[2011-09-05 19:28:59 | 000,251,884 | ---- | M] () -- H:\Documents and Settings\Farmer\Pulpit\hklgf.jpg
[2011-09-03 15:55:10 | 000,029,966 | ---- | M] () -- H:\Documents and Settings\Farmer\Pulpit\d3e0a9b918fcbb7115bff79eba634783.jpg
[2011-09-03 14:38:45 | 002,202,895 | ---- | M] () -- H:\Documents and Settings\Farmer\Pulpit\cycki.fpl
[2011-08-24 17:35:19 | 000,000,664 | ---- | M] () -- H:\WINDOWS\System32\d3d9caps.dat
[2011-08-23 15:29:21 | 025,829,978 | ---- | M] () -- H:\Documents and Settings\Farmer\Pulpit\Bartłomiej Sikora- Hybrydowe metody pomiarów geodezyjnych.rar
[2011-08-23 15:27:46 | 000,983,094 | ---- | M] () -- H:\Documents and Settings\Farmer\Pulpit\szkic.bmp
[2011-08-20 12:29:17 | 000,000,461 | ---- | M] () -- H:\Documents and Settings\All Users\Pulpit\ChomikBox.lnk
[2011-08-19 12:08:55 | 000,002,828 | -HS- | M] () -- H:\WINDOWS\System32\KGyGaAvL.sys
[2011-08-17 19:32:58 | 000,187,301 | ---- | M] () -- H:\Documents and Settings\Farmer\Pulpit\flipme.jpg
[2011-08-17 13:10:35 | 000,063,592 | ---- | M] () -- H:\Documents and Settings\Farmer\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2011-08-16 23:05:02 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- H:\WINDOWS\System32\deployJava1.dll
[2011-08-16 23:05:02 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- H:\WINDOWS\System32\javaws.exe
[2011-08-16 23:05:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- H:\WINDOWS\System32\javaw.exe
[2011-08-16 23:05:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- H:\WINDOWS\System32\java.exe
[2011-08-16 23:05:02 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- H:\WINDOWS\System32\javacpl.cpl
[2011-08-16 14:45:23 | 000,000,796 | ---- | M] () -- H:\Documents and Settings\All Users\Pulpit\GIMP 2.lnk
[2011-08-16 14:42:48 | 000,199,700 | ---- | M] () -- H:\Documents and Settings\Farmer\Pulpit\00110001.gif
[2011-08-16 12:51:45 | 000,000,644 | ---- | M] () -- H:\Documents and Settings\All Users\Pulpit\osu!.lnk
[2011-08-15 20:34:24 | 000,000,837 | ---- | M] () -- H:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2011-08-15 20:28:11 | 000,034,064 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\lhacm.acm
[2011-08-15 20:28:10 | 000,000,665 | ---- | M] () -- H:\Documents and Settings\Farmer\Pulpit\Teamspeak 2 RC2.lnk
[2011-08-15 16:10:02 | 000,000,008 | RHS- | M] () -- H:\WINDOWS\System32\94E078E3DB.sys
[3 H:\WINDOWS\System32\*.tmp files -> H:\WINDOWS\System32\*.tmp -> ]
[3 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011-09-12 13:45:25 | 001,502,136 | ---- | C] () -- H:\Documents and Settings\Farmer\Pulpit\kabza.pdf
[2011-09-12 12:11:15 | 000,035,731 | ---- | C] () -- H:\Documents and Settings\Farmer\Pulpit\bass.jpeg
[2011-09-06 14:26:59 | 000,001,526 | ---- | C] () -- H:\Documents and Settings\Farmer\.recently-used.xbel
[2011-09-06 14:23:02 | 000,990,645 | ---- | C] () -- H:\Documents and Settings\Farmer\Pulpit\0ffcd00945615278ca6b5d45aabf4072.gif
[2011-09-05 19:30:55 | 000,338,312 | ---- | C] () -- H:\Documents and Settings\Farmer\Pulpit\popo.jpg
[2011-09-05 19:28:58 | 000,251,884 | ---- | C] () -- H:\Documents and Settings\Farmer\Pulpit\hklgf.jpg
[2011-09-03 15:55:09 | 000,029,966 | ---- | C] () -- H:\Documents and Settings\Farmer\Pulpit\d3e0a9b918fcbb7115bff79eba634783.jpg
[2011-08-23 15:27:46 | 000,983,094 | ---- | C] () -- H:\Documents and Settings\Farmer\Pulpit\szkic.bmp
[2011-08-22 21:23:45 | 000,000,664 | ---- | C] () -- H:\WINDOWS\System32\d3d9caps.dat
[2011-08-21 16:21:27 | 000,000,097 | ---- | C] () -- H:\WINDOWS\System32\PICSDK.ini
[2011-08-21 16:21:26 | 000,111,932 | ---- | C] () -- H:\WINDOWS\System32\EPPICPrinterDB.dat
[2011-08-21 16:21:26 | 000,031,053 | ---- | C] () -- H:\WINDOWS\System32\EPPICPattern131.dat
[2011-08-21 16:21:26 | 000,027,417 | ---- | C] () -- H:\WINDOWS\System32\EPPICPattern121.dat
[2011-08-21 16:21:26 | 000,026,154 | ---- | C] () -- H:\WINDOWS\System32\EPPICPattern1.dat
[2011-08-21 16:21:26 | 000,024,903 | ---- | C] () -- H:\WINDOWS\System32\EPPICPattern3.dat
[2011-08-21 16:21:26 | 000,021,390 | ---- | C] () -- H:\WINDOWS\System32\EPPICPattern5.dat
[2011-08-21 16:21:26 | 000,020,148 | ---- | C] () -- H:\WINDOWS\System32\EPPICPattern2.dat
[2011-08-21 16:21:26 | 000,013,732 | ---- | C] () -- H:\WINDOWS\System32\EPPICLocal_EN.cfg
[2011-08-21 16:21:26 | 000,011,811 | ---- | C] () -- H:\WINDOWS\System32\EPPICPattern4.dat
[2011-08-21 16:21:26 | 000,006,442 | ---- | C] () -- H:\WINDOWS\System32\EPPICLocal_IT.cfg
[2011-08-21 16:21:26 | 000,006,347 | ---- | C] () -- H:\WINDOWS\System32\EPPICLocal_PT.cfg
[2011-08-21 16:21:26 | 000,006,347 | ---- | C] () -- H:\WINDOWS\System32\EPPICLocal_BP.cfg
[2011-08-21 16:21:26 | 000,006,335 | ---- | C] () -- H:\WINDOWS\System32\EPPICLocal_GE.cfg
[2011-08-21 16:21:26 | 000,006,195 | ---- | C] () -- H:\WINDOWS\System32\EPPICLocal_FR.cfg
[2011-08-21 16:21:26 | 000,006,195 | ---- | C] () -- H:\WINDOWS\System32\EPPICLocal_CF.cfg
[2011-08-21 16:21:26 | 000,006,122 | ---- | C] () -- H:\WINDOWS\System32\EPPICLocal_DU.cfg
[2011-08-21 16:21:26 | 000,006,103 | ---- | C] () -- H:\WINDOWS\System32\EPPICLocal_ES.cfg
[2011-08-21 16:21:26 | 000,005,817 | ---- | C] () -- H:\WINDOWS\System32\EPPICLocal_KO.cfg
[2011-08-21 16:21:26 | 000,005,436 | ---- | C] () -- H:\WINDOWS\System32\EPPICLocal_SC.cfg
[2011-08-21 16:21:26 | 000,004,943 | ---- | C] () -- H:\WINDOWS\System32\EPPICPattern6.dat
[2011-08-21 16:21:26 | 000,002,889 | ---- | C] () -- H:\WINDOWS\System32\EPPICLocal_RU.cfg
[2011-08-21 16:21:26 | 000,002,426 | ---- | C] () -- H:\WINDOWS\System32\EPPICLocal_TC.cfg
[2011-08-21 16:21:26 | 000,001,146 | ---- | C] () -- H:\WINDOWS\System32\EPPICPresetData_DU.dat
[2011-08-21 16:21:26 | 000,001,139 | ---- | C] () -- H:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011-08-21 16:21:26 | 000,001,139 | ---- | C] () -- H:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011-08-21 16:21:26 | 000,001,136 | ---- | C] () -- H:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011-08-21 16:21:26 | 000,001,129 | ---- | C] () -- H:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011-08-21 16:21:26 | 000,001,129 | ---- | C] () -- H:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011-08-21 16:21:26 | 000,001,120 | ---- | C] () -- H:\WINDOWS\System32\EPPICPresetData_IT.dat
[2011-08-21 16:21:26 | 000,001,107 | ---- | C] () -- H:\WINDOWS\System32\EPPICPresetData_GE.dat
[2011-08-21 16:21:26 | 000,001,104 | ---- | C] () -- H:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011-08-20 12:29:17 | 000,000,461 | ---- | C] () -- H:\Documents and Settings\All Users\Pulpit\ChomikBox.lnk
[2011-08-17 19:32:53 | 000,187,301 | ---- | C] () -- H:\Documents and Settings\Farmer\Pulpit\flipme.jpg
[2011-08-17 13:40:08 | 025,829,978 | ---- | C] () -- H:\Documents and Settings\Farmer\Pulpit\Bartłomiej Sikora- Hybrydowe metody pomiarów geodezyjnych.rar
[2011-08-16 14:45:23 | 000,000,796 | ---- | C] () -- H:\Documents and Settings\All Users\Pulpit\GIMP 2.lnk
[2011-08-16 14:42:47 | 000,199,700 | ---- | C] () -- H:\Documents and Settings\Farmer\Pulpit\00110001.gif
[2011-08-16 12:51:45 | 000,000,644 | ---- | C] () -- H:\Documents and Settings\All Users\Pulpit\osu!.lnk
[2011-08-15 20:34:24 | 000,000,837 | ---- | C] () -- H:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2011-08-15 20:28:10 | 000,000,665 | ---- | C] () -- H:\Documents and Settings\Farmer\Pulpit\Teamspeak 2 RC2.lnk
[2011-08-15 16:10:02 | 000,002,828 | -HS- | C] () -- H:\WINDOWS\System32\KGyGaAvL.sys
[2011-08-15 16:10:02 | 000,000,008 | RHS- | C] () -- H:\WINDOWS\System32\94E078E3DB.sys
[2011-08-09 13:21:30 | 000,137,176 | ---- | C] () -- H:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011-08-09 13:21:25 | 000,268,952 | ---- | C] () -- H:\WINDOWS\System32\PnkBstrB.exe
[2011-08-09 13:21:15 | 000,075,136 | ---- | C] () -- H:\WINDOWS\System32\PnkBstrA.exe
[2011-08-09 12:31:53 | 000,063,592 | ---- | C] () -- H:\Documents and Settings\Farmer\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2011-08-09 12:29:50 | 000,000,385 | ---- | C] () -- H:\WINDOWS\ODBC.INI
[2011-08-04 13:59:26 | 000,866,660 | ---- | C] () -- H:\WINDOWS\System32\PerfStringBackup.INI
[2011-08-04 13:59:25 | 000,004,293 | ---- | C] () -- H:\WINDOWS\ODBCINST.INI
[2011-08-04 13:58:27 | 000,243,128 | ---- | C] () -- H:\WINDOWS\System32\FNTCACHE.DAT
[2011-08-04 13:33:18 | 000,030,208 | ---- | C] () -- H:\Documents and Settings\Farmer\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-08-04 13:18:06 | 000,273,344 | ---- | C] () -- H:\WINDOWS\System32\nvdrsdb1.bin
[2011-08-04 13:18:06 | 000,273,344 | ---- | C] () -- H:\WINDOWS\System32\nvdrsdb0.bin
[2011-08-04 13:18:05 | 000,000,001 | ---- | C] () -- H:\WINDOWS\System32\nvdrssel.bin
[2011-08-04 13:17:56 | 002,123,582 | ---- | C] () -- H:\WINDOWS\System32\nvdata.data
[2011-08-04 12:44:24 | 000,000,000 | ---- | C] () -- H:\WINDOWS\nsreg.dat
[2011-08-04 12:25:49 | 000,049,152 | R--- | C] () -- H:\WINDOWS\System32\ChCfg.exe
[2011-08-04 12:21:16 | 000,009,389 | ---- | C] () -- H:\WINDOWS\Ascd_log.ini
[2011-08-04 12:21:07 | 000,005,810 | R--- | C] () -- H:\WINDOWS\System32\drivers\ASACPI.sys
[2011-08-04 12:21:04 | 000,009,145 | ---- | C] () -- H:\WINDOWS\Ascd_tmp.ini
[2011-08-04 12:20:55 | 000,010,288 | ---- | C] () -- H:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011-08-04 12:19:31 | 004,265,226 | -H-- | C] () -- H:\Documents and Settings\Farmer\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-08-04 12:12:29 | 000,002,048 | --S- | C] () -- H:\WINDOWS\bootstat.dat
[2011-08-04 12:07:47 | 000,000,000 | ---- | C] () -- H:\WINDOWS\control.ini
[2011-08-04 12:06:49 | 000,000,488 | RH-- | C] () -- H:\WINDOWS\System32\logonui.exe.manifest
[2011-08-04 12:06:47 | 000,000,749 | RH-- | C] () -- H:\WINDOWS\System32\cdplayer.exe.manifest
[2011-08-04 12:05:10 | 000,021,856 | ---- | C] () -- H:\WINDOWS\System32\emptyregdb.dat
[2011-08-04 12:05:01 | 000,000,037 | ---- | C] () -- H:\WINDOWS\vbaddin.ini
[2011-08-04 12:05:01 | 000,000,036 | ---- | C] () -- H:\WINDOWS\vb.ini
[2011-08-04 12:04:24 | 000,026,717 | ---- | C] () -- H:\WINDOWS\System32\tslabels.ini
[2011-08-04 12:04:23 | 000,003,813 | ---- | C] () -- H:\WINDOWS\System32\msdtcprf.ini
[2008-04-14 21:16:20 | 000,001,804 | ---- | C] () -- H:\WINDOWS\System32\Dcache.bin
[2008-04-14 20:50:46 | 000,270,848 | ---- | C] () -- H:\WINDOWS\System32\sbe.dll
[2008-04-14 20:50:38 | 000,014,336 | ---- | C] () -- H:\WINDOWS\System32\msdmo.dll
[2008-04-14 20:50:32 | 000,186,880 | ---- | C] () -- H:\WINDOWS\System32\encdec.dll
[2008-04-14 20:50:14 | 000,253,440 | ---- | C] () -- H:\WINDOWS\System32\compatUI.dll
[2008-04-14 20:50:00 | 000,070,656 | ---- | C] () -- H:\WINDOWS\System32\amstream.dll
[2008-04-13 20:51:34 | 000,733,696 | ---- | C] () -- H:\WINDOWS\System32\qedwipes.dll
[2008-04-13 20:25:02 | 000,053,920 | ---- | C] () -- H:\WINDOWS\System32\dosx.exe
[2008-04-13 20:22:36 | 000,003,346 | ---- | C] () -- H:\WINDOWS\System32\redir.exe
[2008-04-13 20:20:56 | 000,042,537 | ---- | C] () -- H:\WINDOWS\System32\keyboard.sys
[2008-04-13 20:19:58 | 000,033,936 | ---- | C] () -- H:\WINDOWS\System32\ntio.sys
[2008-04-13 20:19:44 | 000,035,424 | ---- | C] () -- H:\WINDOWS\System32\ntio412.sys
[2008-04-13 20:19:44 | 000,034,560 | ---- | C] () -- H:\WINDOWS\System32\ntio404.sys
[2008-04-13 20:19:42 | 000,034,560 | ---- | C] () -- H:\WINDOWS\System32\ntio804.sys
[2008-04-13 20:19:40 | 000,035,648 | ---- | C] () -- H:\WINDOWS\System32\ntio411.sys
[2007-04-02 21:04:28 | 000,053,478 | ---- | C] () -- H:\WINDOWS\System32\tcpmon.ini
[2006-12-31 05:57:08 | 000,004,569 | ---- | C] () -- H:\WINDOWS\System32\secupd.dat
[2003-01-07 15:05:08 | 000,002,695 | ---- | C] () -- H:\WINDOWS\System32\OUTLPERF.INI
[2001-10-26 18:29:54 | 000,057,856 | ---- | C] () -- H:\WINDOWS\System32\dvdplay.exe
[2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- H:\WINDOWS\System32\paqsp.dll
[2001-10-26 17:29:40 | 000,010,240 | ---- | C] () -- H:\WINDOWS\System32\scriptpw.dll
[2001-10-26 17:29:32 | 000,199,168 | ---- | C] () -- H:\WINDOWS\System32\ir32_32.dll
[2001-10-26 17:28:34 | 000,094,282 | ---- | C] () -- H:\WINDOWS\System32\msencode.dll
[2001-10-26 17:27:02 | 000,015,360 | ---- | C] () -- H:\WINDOWS\System32\tsd32.dll
[2001-10-26 16:15:16 | 000,448,348 | ---- | C] () -- H:\WINDOWS\System32\perfh015.dat
[2001-10-26 16:15:16 | 000,313,828 | ---- | C] () -- H:\WINDOWS\System32\perfi015.dat
[2001-10-26 16:15:16 | 000,074,450 | ---- | C] () -- H:\WINDOWS\System32\perfc015.dat
[2001-10-26 16:15:16 | 000,034,990 | ---- | C] () -- H:\WINDOWS\System32\perfd015.dat
[2001-10-26 16:15:10 | 000,001,148 | ---- | C] () -- H:\WINDOWS\System32\vwipxspx.exe
[2001-10-26 16:15:08 | 000,011,859 | ---- | C] () -- H:\WINDOWS\System32\setver.exe
[2001-10-26 16:15:08 | 000,003,260 | ---- | C] () -- H:\WINDOWS\System32\nw16.exe
[2001-10-26 16:15:04 | 000,027,898 | ---- | C] () -- H:\WINDOWS\System32\ntdos.sys
[2001-10-26 16:14:58 | 000,007,116 | ---- | C] () -- H:\WINDOWS\System32\nlsfunc.exe
[2001-10-26 16:14:56 | 000,039,434 | ---- | C] () -- H:\WINDOWS\System32\mem.exe
[2001-10-26 16:14:54 | 000,014,913 | ---- | C] () -- H:\WINDOWS\System32\kb16.com
[2001-10-26 16:14:54 | 000,001,168 | ---- | C] () -- H:\WINDOWS\System32\loadfix.com
[2001-10-26 16:14:52 | 000,004,976 | ---- | C] () -- H:\WINDOWS\System32\himem.sys
[2001-10-26 16:14:50 | 000,019,806 | ---- | C] () -- H:\WINDOWS\System32\graphics.com
[2001-10-26 16:14:48 | 000,008,520 | ---- | C] () -- H:\WINDOWS\System32\exe2bin.exe
[2001-10-26 16:14:46 | 000,012,866 | ---- | C] () -- H:\WINDOWS\System32\edlin.exe
[2001-10-26 16:14:42 | 000,020,986 | ---- | C] () -- H:\WINDOWS\System32\debug.exe
[2001-10-26 16:14:38 | 000,051,823 | ---- | C] () -- H:\WINDOWS\System32\command.com
[2001-10-26 16:14:34 | 000,012,594 | ---- | C] () -- H:\WINDOWS\System32\append.exe
[2001-10-26 16:14:32 | 000,009,043 | ---- | C] () -- H:\WINDOWS\System32\ansi.sys
[2001-10-26 16:12:52 | 000,000,359 | ---- | C] () -- H:\WINDOWS\System32\prodspec.ini
[2001-10-26 15:45:26 | 000,016,024 | ---- | C] () -- H:\WINDOWS\System32\rsvp.ini
[2001-10-26 15:45:26 | 000,006,074 | ---- | C] () -- H:\WINDOWS\System32\rasctrs.ini
[2001-10-26 15:45:24 | 000,013,819 | ---- | C] () -- H:\WINDOWS\System32\pschdprf.ini
[2001-10-26 15:45:10 | 000,070,622 | ---- | C] () -- H:\WINDOWS\System32\edit.com
[2001-10-26 15:42:08 | 000,020,629 | ---- | C] () -- H:\WINDOWS\System32\mqperf.ini
[2001-10-26 15:42:08 | 000,002,992 | ---- | C] () -- H:\WINDOWS\System32\perfci.ini
[2001-10-26 15:42:08 | 000,002,890 | ---- | C] () -- H:\WINDOWS\System32\perfwci.ini
[2001-10-26 15:42:08 | 000,001,295 | ---- | C] () -- H:\WINDOWS\System32\perffilt.ini
[2001-08-23 13:00:00 | 013,107,200 | ---- | C] () -- H:\WINDOWS\System32\oembios.bin
[2001-08-23 13:00:00 | 000,004,463 | ---- | C] () -- H:\WINDOWS\System32\oembios.dat
[2001-08-17 21:35:10 | 000,000,817 | ---- | C] () -- H:\WINDOWS\System32\mscdexnt.exe
[2001-08-17 21:32:34 | 000,000,882 | ---- | C] () -- H:\WINDOWS\System32\share.exe
[2001-08-17 21:32:34 | 000,000,882 | ---- | C] () -- H:\WINDOWS\System32\fastopen.exe
[2001-08-17 21:31:56 | 000,042,809 | ---- | C] () -- H:\WINDOWS\System32\key01.sys
[2001-08-17 21:31:56 | 000,027,097 | ---- | C] () -- H:\WINDOWS\System32\country.sys
[2001-08-17 21:31:50 | 000,029,274 | ---- | C] () -- H:\WINDOWS\System32\ntdos412.sys
[2001-08-17 21:31:46 | 000,029,370 | ---- | C] () -- H:\WINDOWS\System32\ntdos411.sys
[2001-08-17 21:31:46 | 000,029,146 | ---- | C] () -- H:\WINDOWS\System32\ntdos404.sys
[2001-08-17 21:31:44 | 000,029,146 | ---- | C] () -- H:\WINDOWS\System32\ntdos804.sys
[2001-08-17 21:30:24 | 000,392,432 | ---- | C] () -- H:\WINDOWS\System32\perfh009.dat
[2001-08-17 21:30:24 | 000,272,128 | ---- | C] () -- H:\WINDOWS\System32\perfi009.dat
[2001-08-17 21:30:24 | 000,028,626 | ---- | C] () -- H:\WINDOWS\System32\perfd009.dat
[2001-08-17 21:30:22 | 000,058,732 | ---- | C] () -- H:\WINDOWS\System32\perfc009.dat
[2001-08-17 21:15:38 | 000,046,258 | ---- | C] () -- H:\WINDOWS\System32\mib.bin
[2001-08-17 21:13:24 | 000,002,656 | ---- | C] () -- H:\WINDOWS\System32\netware.drv
[2001-08-17 19:55:06 | 001,015,477 | ---- | C] () -- H:\WINDOWS\System32\esentprf.ini
[2001-07-22 02:25:18 | 000,001,405 | ---- | C] () -- H:\WINDOWS\msdfmap.ini
[2001-07-21 22:36:48 | 000,218,003 | ---- | C] () -- H:\WINDOWS\System32\dssec.dat
[2001-07-21 22:36:06 | 000,355,112 | ---- | C] () -- H:\WINDOWS\System32\msjetoledb40.dll
[2001-07-21 22:36:04 | 000,673,088 | ---- | C] () -- H:\WINDOWS\System32\mlang.dat
[2001-07-21 22:24:16 | 000,000,741 | ---- | C] () -- H:\WINDOWS\System32\noise.dat
[2001-07-21 22:16:20 | 000,000,603 | ---- | C] () -- H:\WINDOWS\win.ini
[2001-07-21 22:15:52 | 000,000,231 | ---- | C] () -- H:\WINDOWS\system.ini
[2001-07-21 22:15:50 | 000,013,312 | ---- | C] () -- H:\WINDOWS\System32\win87em.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-08-12 11:00:06 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2011-09-08 16:56:32 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\EPSON
[2011-08-04 22:50:45 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-09-04 16:14:02 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-08-16 12:51:16 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Biana\Dane aplikacji\Downloaded Installations
[2011-08-08 12:28:35 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Biana\Dane aplikacji\Gadu-Gadu 10
[2011-09-04 11:22:54 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Biana\Dane aplikacji\OpenFM
[2011-09-11 20:38:45 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Biana\Dane aplikacji\PhotoScape
[2011-09-08 22:02:04 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Farmer\Dane aplikacji\foobar2000
[2011-08-04 13:39:15 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Farmer\Dane aplikacji\Gadu-Gadu
[2011-08-04 15:37:29 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Farmer\Dane aplikacji\GetRightToGo
[2011-08-15 20:36:51 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Farmer\Dane aplikacji\TS3Client
[2011-09-11 13:51:24 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Farmer\Dane aplikacji\uTorrent
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2008-04-14 20:50:36 | 000,095,034 | RHS- | M] () -- H:\autorun.inf
[2011-08-04 13:57:54 | 000,000,210 | -HS- | M] () -- H:\boot.ini
[2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- H:\Bootfont.bin
[2008-04-13 20:13:04 | 000,047,564 | RHS- | M] () -- H:\NTDETECT.COM
[2008-04-13 22:02:00 | 000,251,152 | RHS- | M] () -- H:\ntldr
[2011-09-12 10:38:21 | 1610,612,736 | -HS- | M] () -- H:\pagefile.sys
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2009-01-30 18:37:33 | 017,820,240 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009-01-30 18:37:33 | 017,820,240 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-13 20:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-13 20:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\drivers\atapi.sys
[2008-04-13 22:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2008-04-13 20:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
 
[color=#A23BEC]< MD5 for: BEEP.SYS  >[/color]
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- H:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- H:\WINDOWS\system32\drivers\beep.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2009-01-30 18:37:33 | 017,820,240 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-13 22:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- H:\WINDOWS\system32\drivers\cdrom.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2008-04-13 22:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- H:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-13 22:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- H:\WINDOWS\system32\drivers\ndis.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2008-04-14 20:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- H:\WINDOWS\system32\dllcache\userinit.exe
[2008-04-14 20:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- H:\WINDOWS\system32\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2008-04-14 20:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- H:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 20:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- H:\WINDOWS\system32\winlogon.exe

< End of report >