OTL logfile created on: 2012-07-23 14:05:42 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\damian1\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 76,86% Memory free 3,85 Gb Paging File | 3,58 Gb Available in Paging File | 93,04% Paging File free Paging file location(s): c:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 1,24 Gb Free Space | 2,55% Space Free | Partition Type: NTFS Drive X: | 416,93 Gb Total Space | 33,14 Gb Free Space | 7,95% Space Free | Partition Type: NTFS Computer Name: DOM-HWO54YKU5ZQ | User Name: damian1 | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-23 14:02:37 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\damian1\Pulpit\OTL.exe PRC - [2012-06-27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2012-05-15 23:52:49 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-05-15 23:52:58 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll MOD - [2012-05-15 23:52:58 | 000,276,480 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll MOD - [2012-05-15 23:52:58 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll MOD - [2012-05-15 23:52:58 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll MOD - [2012-05-15 23:52:58 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll MOD - [2012-05-15 23:52:58 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll MOD - [2012-05-15 23:52:58 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll MOD - [2012-05-15 23:52:58 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll MOD - [2012-05-15 23:52:58 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll MOD - [2012-05-15 23:52:58 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll MOD - [2012-05-15 23:52:57 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll MOD - [2012-05-15 23:52:57 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll MOD - [2012-05-15 23:52:57 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe /s NIS /m C:\Program Files\Norton Internet Security\Engine\18.7.2.3\diMaster.dll /prefetch:1 -- (NIS) SRV - [2012-06-27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-03-05 14:36:20 | 000,767,840 | ---- | M] (Innova Systems LLC) [Auto | Stopped] -- X:\4game\4GameService.exe -- (4game) SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2012-01-05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv) SRV - [2010-10-25 00:11:06 | 000,360,960 | ---- | M] (iZ3D Inc.) [Auto | Stopped] -- C:\Program Files\iZ3D Driver\Win32\S3DCService.exe -- (S3DSvc32) S3D Service (Win32) SRV - [2010-07-06 16:08:06 | 000,711,352 | ---- | M] () [Auto | Stopped] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService) SRV - [2010-07-06 16:08:06 | 000,711,352 | ---- | M] () [Auto | Stopped] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList) SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009-08-24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe -- (DfSdkS) SRV - [2007-08-08 09:25:08 | 000,836,904 | ---- | M] (Nero AG) [Auto | Stopped] -- X:\Nero 8\Nero 8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3) SRV - [2006-08-04 12:35:54 | 000,217,088 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- X:\WS\vmware-authd.exe -- (VMAuthdService) SRV - [2006-08-04 12:35:52 | 000,135,168 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service) SRV - [2006-08-04 12:35:52 | 000,106,496 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2006-08-04 12:28:58 | 000,262,144 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe -- (vmount2) SRV - [2006-03-03 21:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\01.tmp -- (nxdgia) DRV - File not found [Kernel | On_Demand | Stopped] -- X:\Program Files\Lineage II\system\npkcrypt.sys -- (npkcrypt) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11010.sys -- (EraserUtilDrv11010) DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012-07-23 19:37:52 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2012-07-14 16:17:59 | 000,033,824 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32) DRV - [2012-03-16 20:17:35 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K) DRV - [2012-03-06 17:04:10 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120307.002\IDSXpx86.sys -- (IDSxpx86) DRV - [2012-03-02 20:58:02 | 000,820,856 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120302.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2012-02-07 17:55:27 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120307.035\NAVEX15.SYS -- (NAVEX15) DRV - [2012-02-07 17:55:27 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120307.035\NAVENG.SYS -- (NAVENG) DRV - [2012-02-07 17:50:07 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2011-09-07 18:32:18 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2011-09-07 18:32:18 | 000,025,416 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2011-07-10 18:46:16 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc) DRV - [2011-07-10 18:46:16 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt) DRV - [2011-04-21 03:37:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\symtdi.sys -- (SYMTDI) DRV - [2011-03-31 05:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\srtsp.sys -- (SRTSP) DRV - [2011-03-31 05:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2011-03-15 04:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\symefa.sys -- (SymEFA) DRV - [2011-01-27 08:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\symds.sys -- (SymDS) DRV - [2011-01-27 07:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\ironx86.sys -- (SymIRON) DRV - [2010-11-25 18:54:02 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-11-16 19:59:06 | 000,010,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ampa.sys -- (ampa) DRV - [2010-10-06 18:04:02 | 000,034,968 | ---- | M] () [Kernel | System | Stopped] -- C:\Program Files\iZ3D Driver\Win32\S3DInjectionDriver.sys -- (iZ3DInjectionDriver) DRV - [2010-09-03 10:20:18 | 006,139,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2009-11-18 01:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 01:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-04-14 00:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (usb_rndis) DRV - [2008-03-09 10:29:08 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2007-06-28 13:46:42 | 000,020,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2007-06-28 13:46:40 | 000,045,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2007-03-16 04:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007-03-16 04:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2006-11-02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB) DRV - [2006-08-04 12:35:56 | 000,023,296 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge) DRV - [2006-08-04 12:35:56 | 000,015,616 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif) DRV - [2006-08-04 12:35:56 | 000,009,600 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV - [2006-08-04 12:35:54 | 000,022,016 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon) DRV - [2006-08-04 12:35:52 | 000,094,848 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86) DRV - [2006-08-04 12:35:52 | 000,009,216 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\vmparport.sys -- (VMparport) DRV - [2006-08-04 12:28:58 | 000,011,520 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys -- (vstor2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=a41fa93e000000000000001a4dfe8ffc&tlver=1.4.19.19&affID=17160 IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-854245398-1606980848-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb&sysid=2 IE - HKU\S-1-5-21-854245398-1606980848-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2475029 IE - HKU\S-1-5-21-854245398-1606980848-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb&sysid=2 IE - HKU\S-1-5-21-854245398-1606980848-839522115-1003\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-854245398-1606980848-839522115-1003\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo2.dll (Conduit Ltd.) IE - HKU\S-1-5-21-854245398-1606980848-839522115-1003\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKU\S-1-5-21-854245398-1606980848-839522115-1003\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} IE - HKU\S-1-5-21-854245398-1606980848-839522115-1003\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=a41fa93e000000000000001a4dfe8ffc&tlver=1.4.19.19&affID=17160 IE - HKU\S-1-5-21-854245398-1606980848-839522115-1003\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029 IE - HKU\S-1-5-21-854245398-1606980848-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\4game.com/plugin: X:\4game\npplugin4game.dll (Innova Systems LLC) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2012-02-11 16:38:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_9_4 [2012-07-08 18:26:00 | 000,000,000 | ---D | M] [2011-05-30 17:37:34 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml O1 HOSTS File: ([2011-06-26 18:25:46 | 000,000,968 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 orbitservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll () O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - Reg Error: Value error. File not found O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll File not found O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL File not found O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC) O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo2.dll (Conduit Ltd.) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll () O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll File not found O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O3 - HKU\S-1-5-21-854245398-1606980848-839522115-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-854245398-1606980848-839522115-1003\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll File not found O3 - HKU\S-1-5-21-854245398-1606980848-839522115-1003\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-854245398-1606980848-839522115-1003\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo2.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-854245398-1606980848-839522115-1003\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe (MusicLab, LLC) O4 - HKLM..\Run: [Gainward] C:\WINDOWS\TBPanel.exe (Gainward Co.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [rpskdcnowlehyqw] C:\Documents and Settings\All Users\Dane aplikacji\rpskdcno.exe () O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKU\S-1-5-21-854245398-1606980848-839522115-1003..\Run: [4gameTray] X:\4game\4GameTray.exe (Innova Systems LLC) O4 - HKU\S-1-5-21-854245398-1606980848-839522115-1003..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-854245398-1606980848-839522115-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-854245398-1606980848-839522115-1003..\Run: [rpskdcnowlehyqw] C:\Documents and Settings\All Users\Dane aplikacji\rpskdcno.exe () O4 - HKU\.DEFAULT..\RunOnce: [] File not found O4 - HKU\S-1-5-18..\RunOnce: [] File not found O4 - HKU\S-1-5-19..\RunOnce: [] File not found O4 - HKU\S-1-5-20..\RunOnce: [] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Photosmart Premier - Szybkie uruchomienie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-21-854245398-1606980848-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-854245398-1606980848-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\S-1-5-21-854245398-1606980848-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B57DAB80-34E9-4823-92DD-B212F40BF4AC}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC) O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\damian1\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\damian1\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O31 - SafeBoot: AlternateShell - C:\Documents and Settings\damian1\Ustawienia lokalne\Temp\274.tmp O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2010-11-24 19:25:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{017edb08-1677-11e0-b1fc-001a4dfe8ffc}\Shell - "" = AutoRun O33 - MountPoints2\{017edb08-1677-11e0-b1fc-001a4dfe8ffc}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{2dde7f66-4b59-11e0-b30b-001a4dfe8ffc}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\xop32.exe O33 - MountPoints2\{2dde7f66-4b59-11e0-b30b-001a4dfe8ffc}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\xop32.exe O33 - MountPoints2\{2e9b181c-1fe7-11e0-b21b-001a4dfe8ffc}\Shell - "" = AutoRun O33 - MountPoints2\{2e9b181c-1fe7-11e0-b21b-001a4dfe8ffc}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe O33 - MountPoints2\{577afc03-9e9f-11e0-b6c4-001a4dfe8ffc}\Shell - "" = AutoRun O33 - MountPoints2\{577afc03-9e9f-11e0-b6c4-001a4dfe8ffc}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe O33 - MountPoints2\{6a830646-72a4-11e1-9b56-001a4dfe8ffc}\Shell - "" = AutoRun O33 - MountPoints2\{6a830646-72a4-11e1-9b56-001a4dfe8ffc}\Shell\AutoRun\command - "" = E:\Startme.exe O33 - MountPoints2\{6b7d2143-50c4-11e1-acaf-001a4dfe8ffc}\Shell - "" = AutoRun O33 - MountPoints2\{6b7d2143-50c4-11e1-acaf-001a4dfe8ffc}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe O33 - MountPoints2\{c573796a-1ff0-11e0-b21c-001a4dfe8ffc}\Shell - "" = AutoRun O33 - MountPoints2\{c573796a-1ff0-11e0-b21c-001a4dfe8ffc}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn O33 - MountPoints2\{d01f39d2-b93b-11e0-b737-001a4dfe8ffc}\Shell - "" = AutoRun O33 - MountPoints2\{d01f39d2-b93b-11e0-b737-001a4dfe8ffc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{d01f39d3-b93b-11e0-b737-001a4dfe8ffc}\Shell - "" = AutoRun O33 - MountPoints2\{d01f39d3-b93b-11e0-b737-001a4dfe8ffc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{f346047d-0c70-11e0-b1e9-001a4dfe8ffc}\Shell - "" = AutoRun O33 - MountPoints2\{f346047d-0c70-11e0-b1e9-001a4dfe8ffc}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{f4d8cc40-0dd1-11e1-9cd9-001a4dfe8ffc}\Shell - "" = AutoRun O33 - MountPoints2\{f4d8cc40-0dd1-11e1-9cd9-001a4dfe8ffc}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe O33 - MountPoints2\{fd611cec-a736-11e0-b6f4-001a4dfe8ffc}\Shell - "" = AutoRun O33 - MountPoints2\{fd611cec-a736-11e0-b6f4-001a4dfe8ffc}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-23 22:08:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2012-07-23 22:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nero [2012-07-23 22:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\mcmsltvwwkxgfmr [2012-07-23 22:02:03 | 000,000,000 | ---D | C] -- C:\Program Files\AskTBar [2012-07-23 19:39:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Alcohol 120% [2012-07-23 15:37:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\VideoLAN [2012-07-23 14:02:37 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\damian1\Pulpit\OTL.exe [2012-07-23 10:41:18 | 000,000,000 | ---D | C] -- C:\_OTL [2012-07-20 16:55:31 | 029,363,192 | ---- | C] (TeamSpeak Systems GmbH) -- C:\Documents and Settings\damian1\Pulpit\TeamSpeak3-Client-win32.exe [2012-07-16 21:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Electronic Arts [2012-07-12 17:53:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\damian1\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2012-07-12 17:52:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2012-07-12 17:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi [2012-07-12 17:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2012-07-10 15:27:43 | 000,000,000 | RHSD | C] -- C:\cmdcons [2012-07-10 15:27:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss [2012-07-10 15:27:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\setupupd [2012-07-10 14:52:54 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair [2012-07-10 14:52:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\damian1\Menu Start\Programy\Free Window Registry Repair [2012-07-10 13:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2012-07-10 10:09:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012-07-10 10:06:23 | 000,000,000 | ---D | C] -- C:\Program Files\Odkurzacz [2012-07-10 09:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-07-09 21:40:21 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2012-07-08 20:33:44 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller [2012-07-08 20:33:39 | 000,000,000 | ---D | C] -- C:\WINDOWS.0 [2012-07-08 19:51:34 | 000,000,000 | ---D | C] -- C:\Program Files\ArcaBit [2012-07-08 19:33:04 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2012-07-08 19:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-07-08 19:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2012-07-08 16:31:49 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC [2012-07-08 12:10:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\damian1\Dane aplikacji\Moje pliki zapisu Bitwy o Śródziemie [2012-07-08 12:08:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA GAMES [2012-07-07 19:57:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\damian1\Pulpit\Nowy folder (15) [2012-07-07 18:23:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\damian1\Dane aplikacji\Windows Update [2012-07-04 15:52:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\damian1\Pulpit\Nowy folder (14) [2012-06-30 23:24:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\damian1\Ustawienia lokalne\Dane aplikacji\Chromium [2012-06-30 23:24:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\damian1\Moje dokumenty\Rockstar Games [2012-06-30 23:24:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Rockstar Games [2012-06-30 23:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games [2012-06-30 23:22:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Rockstar Games [2012-06-26 19:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\damian1\Pulpit\allegro garaz [2012-06-25 23:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\FLV Player [2012-06-25 23:04:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Applian FLV Player [2012-06-25 23:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\FLV Player [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-23 22:09:30 | 000,000,557 | ---- | M] () -- C:\WINDOWS\DFC.INI [2012-07-23 22:05:50 | 000,000,051 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\tuijeytboxclenz [2012-07-23 22:05:45 | 000,053,248 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\rpskdcno.exe [2012-07-23 22:02:50 | 000,000,840 | ---- | M] () -- C:\Documents and Settings\damian1\.recently-used.xbel [2012-07-23 20:03:43 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\damian1\Moje dokumenty\ax_files.xml [2012-07-23 19:39:55 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Alcohol 120%.lnk [2012-07-23 15:41:38 | 000,172,544 | ---- | M] () -- C:\Documents and Settings\damian1\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-23 15:37:48 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\VLC media player.lnk [2012-07-23 14:02:37 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\damian1\Pulpit\OTL.exe [2012-07-23 13:59:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-07-23 10:54:32 | 000,000,504 | ---- | M] () -- C:\WINDOWS\tasks\Auslogics BoostSpeed Special Edition Integrator Start On Windows Logon.job [2012-07-23 10:07:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-07-22 20:20:12 | 000,126,121 | ---- | M] () -- C:\Documents and Settings\damian1\Pulpit\łóżeczko .jpg [2012-07-21 22:05:24 | 000,078,193 | ---- | M] () -- C:\Documents and Settings\damian1\Pulpit\nowoczesnepolkiscienne2.jpg [2012-07-21 22:05:18 | 000,089,625 | ---- | M] () -- C:\Documents and Settings\damian1\Pulpit\nowoczesnepolkiscienne1.jpg [2012-07-21 20:43:51 | 000,065,176 | ---- | M] () -- C:\Documents and Settings\damian1\Pulpit\20120720700.JPG [2012-07-20 16:59:10 | 029,363,192 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Documents and Settings\damian1\Pulpit\TeamSpeak3-Client-win32.exe [2012-07-16 21:13:45 | 000,001,459 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Harry Potter i Insygnia Śmierci(TM) – część 2.lnk [2012-07-14 16:17:59 | 000,033,824 | ---- | M] () -- C:\WINDOWS\System32\drivers\oreans32.sys [2012-07-11 22:21:43 | 000,105,442 | ---- | M] () -- C:\Documents and Settings\damian1\Pulpit\CA90x30-0297.jpg [2012-07-10 22:43:32 | 006,916,618 | ---- | M] () -- C:\Documents and Settings\damian1\Pulpit\wladca_pierscieni__bitwa_o_srodziemie_poradnik.pdf [2012-07-10 15:28:05 | 000,000,435 | RHS- | M] () -- C:\boot.ini [2012-07-10 14:52:54 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\damian1\Pulpit\Free Window Registry Repair.lnk [2012-07-08 19:33:00 | 000,000,349 | RHS- | M] () -- C:\BOOT.BAK [2012-07-08 12:10:11 | 000,000,035 | ---- | M] () -- C:\WINDOWS\Worldbuilder.INI [2012-07-08 12:08:50 | 000,000,608 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Bitwa o Śródziemie™.lnk [2012-07-07 09:59:08 | 000,039,419 | ---- | M] () -- C:\Documents and Settings\damian1\Pulpit\xray 1.2.5.zip [2012-07-07 09:58:50 | 000,103,347 | ---- | M] () -- C:\Documents and Settings\damian1\Pulpit\ModLoader.zip [2012-07-05 22:28:33 | 000,077,462 | ---- | M] () -- C:\Documents and Settings\damian1\Pulpit\wieszak na przedpokój.jpg [2012-07-04 19:38:10 | 000,065,981 | ---- | M] () -- C:\Documents and Settings\damian1\Pulpit\karny_kutas.jpg [2012-07-01 18:54:01 | 000,000,504 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 12.lnk [2012-06-30 23:24:27 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\damian1\Pulpit\Max Payne 3.lnk [2012-06-25 23:04:59 | 000,001,575 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Applian FLV Player.lnk [2012-06-24 09:09:55 | 000,000,487 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Minecraft AA.lnk [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-23 22:05:50 | 000,053,248 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\rpskdcno.exe [2012-07-23 22:05:46 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\tuijeytboxclenz [2012-07-23 22:02:50 | 000,000,840 | ---- | C] () -- C:\Documents and Settings\damian1\.recently-used.xbel [2012-07-23 19:39:55 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Alcohol 120%.lnk [2012-07-23 15:37:48 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\VLC media player.lnk [2012-07-22 20:20:12 | 000,126,121 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\łóżeczko .jpg [2012-07-21 22:05:24 | 000,078,193 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\nowoczesnepolkiscienne2.jpg [2012-07-21 22:05:18 | 000,089,625 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\nowoczesnepolkiscienne1.jpg [2012-07-21 20:43:45 | 000,065,176 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\20120720700.JPG [2012-07-16 21:13:45 | 000,001,459 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Harry Potter i Insygnia Śmierci(TM) – część 2.lnk [2012-07-14 16:17:59 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys [2012-07-11 22:21:21 | 000,105,442 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\CA90x30-0297.jpg [2012-07-10 22:43:13 | 006,916,618 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\wladca_pierscieni__bitwa_o_srodziemie_poradnik.pdf [2012-07-10 15:28:05 | 000,000,349 | RHS- | C] () -- C:\BOOT.BAK [2012-07-10 15:28:02 | 000,262,416 | RHS- | C] () -- C:\cmldr [2012-07-10 14:52:54 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\Free Window Registry Repair.lnk [2012-07-08 12:10:11 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Worldbuilder.INI [2012-07-08 12:08:50 | 000,000,608 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Bitwa o Śródziemie™.lnk [2012-07-07 10:04:13 | 000,028,648 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\pb.class [2012-07-07 10:04:13 | 000,026,298 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\nn.class [2012-07-07 10:04:13 | 000,004,214 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\mod_xray.class [2012-07-07 10:04:13 | 000,003,398 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\ha.class [2012-07-07 10:02:49 | 000,009,683 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\agv.class [2012-07-07 10:02:49 | 000,003,692 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\GuiBlockSelect.class [2012-07-07 09:59:08 | 000,039,419 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\xray 1.2.5.zip [2012-07-07 09:58:49 | 000,103,347 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\ModLoader.zip [2012-07-05 22:28:33 | 000,077,462 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\wieszak na przedpokój.jpg [2012-07-04 19:38:10 | 000,065,981 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\karny_kutas.jpg [2012-06-30 23:24:27 | 000,000,672 | ---- | C] () -- C:\Documents and Settings\damian1\Pulpit\Max Payne 3.lnk [2012-06-25 23:04:59 | 000,001,581 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Applian FLV Player.lnk [2012-06-25 23:04:59 | 000,001,575 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Applian FLV Player.lnk [2012-05-17 15:22:52 | 000,189,248 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2012-05-17 15:22:51 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2012-04-17 07:13:13 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\damian1\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2012-04-16 19:08:00 | 000,113,026 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp [2012-04-16 19:08:00 | 000,006,947 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp [2012-04-16 19:07:29 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat [2012-02-07 20:44:45 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2012-01-09 18:33:13 | 000,119,709 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2012-01-09 18:33:09 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2011-09-20 23:00:19 | 000,115,632 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2011-09-07 18:32:18 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2011-09-07 18:32:18 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2011-06-18 16:19:18 | 000,190,464 | ---- | C] () -- C:\WINDOWS\System32\PCGW32.DLL [2011-05-30 17:38:18 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [2011-03-31 19:51:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2011-03-10 23:09:35 | 000,000,068 | ---- | C] () -- C:\WINDOWS\iltwain.ini [2011-03-10 23:09:14 | 000,000,426 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Sls.ini [2011-03-10 23:09:14 | 000,000,086 | ---- | C] () -- C:\WINDOWS\System32\ToleSec.ini [2011-01-11 19:59:25 | 000,001,026 | ---- | C] () -- C:\WINDOWS\unins000.dat [2010-12-25 15:51:02 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-12-18 00:58:43 | 000,172,544 | ---- | C] () -- C:\Documents and Settings\damian1\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-25 19:24:13 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2010-11-25 19:24:08 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2010-11-25 19:24:08 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2010-11-25 19:23:40 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2010-11-25 18:59:08 | 002,319,536 | ---- | C] () -- C:\WINDOWS\System32\Incinerator.dll [2010-11-25 18:59:06 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\iolobtdfg.exe [2010-11-25 18:59:06 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\smrgdf.exe [2010-11-25 18:58:21 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll [2010-11-25 18:51:15 | 000,968,120 | ---- | C] () -- C:\WINDOWS\ampa.exe [2010-11-25 18:51:15 | 000,010,936 | ---- | C] () -- C:\WINDOWS\System32\ampa.sys [2010-11-25 00:46:47 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2010-11-25 00:45:01 | 000,000,557 | ---- | C] () -- C:\WINDOWS\DFC.INI [2010-11-25 00:39:39 | 000,032,768 | ---- | C] () -- C:\WINDOWS\TBPanelExt.dll [2010-11-25 00:39:39 | 000,026,624 | ---- | C] () -- C:\WINDOWS\TBZoom.exe [2010-11-25 00:39:39 | 000,012,285 | ---- | C] () -- C:\WINDOWS\Cadx3.ini [2010-11-25 00:39:39 | 000,006,942 | ---- | C] () -- C:\WINDOWS\cadx2.ini [2010-11-25 00:39:39 | 000,005,120 | ---- | C] () -- C:\WINDOWS\TBManage.dll [2010-11-24 19:27:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010-11-24 19:23:27 | 000,023,016 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010-11-24 19:04:06 | 000,004,473 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-11-24 19:02:48 | 000,205,712 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [color=#E56717]========== LOP Check ==========[/color] [2012-07-23 10:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.DOM-HWO54YKU5ZQ.002\Dane aplikacji\Opera [2011-03-15 20:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2DBoy [2011-01-14 17:30:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\332EE [2011-03-03 15:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2010-11-30 20:04:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BearShare [2011-10-04 20:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2010-11-30 00:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-08-11 23:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Easybits GO [2012-04-11 17:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-11-25 22:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-11-25 19:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\iolo [2011-06-18 16:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\iZ3D Driver [2012-07-23 22:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\mcmsltvwwkxgfmr [2011-07-20 02:14:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2012-04-16 18:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2012-06-30 23:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Rockstar Games [2012-03-20 20:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2012-06-23 21:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SweetIM [2012-07-23 10:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2012-05-20 21:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2010-11-30 20:05:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{2B1568C5-2EDF-4213-9BC1-552E927F9F2C} [2012-07-08 20:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS.0\Dane aplikacji\ArcaBit [2012-07-10 10:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS.0\Dane aplikacji\AVAST Software [2012-07-09 21:25:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS.0\Dane aplikacji\Common Files [2012-07-09 21:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS.0\Dane aplikacji\MFAData [2012-07-08 19:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Gadu-Gadu 10 [2012-07-10 16:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\My Battle for Middle-earth Files [2012-07-08 19:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Opera [2012-07-08 20:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\Tific [2012-07-14 09:52:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Damian\Dane aplikacji\uTorrent [2012-07-13 19:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\.minecraft [2010-11-30 00:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\Atari [2011-03-15 20:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\Auslogics [2012-02-07 19:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\Azureus [2011-01-11 00:18:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\bearsharemediabartb [2011-09-20 22:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\Bulletstorm [2010-11-30 00:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\DAEMON Tools Lite [2011-09-20 13:19:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\Day 1 Studios [2012-04-15 14:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\e-pity [2012-06-03 18:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\Gadu-Gadu 10 [2011-06-22 14:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\GHISLER [2011-08-11 23:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\go [2011-06-20 13:33:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\gtk-2.0 [2010-11-25 19:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\iolo [2011-06-18 16:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\iZ3D Driver [2012-07-12 17:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\Moje pliki zapisu Bitwy o Śródziemie [2011-07-19 18:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\OpenFM [2011-05-25 23:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\Opera [2012-07-05 22:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\PriceGong [2012-05-17 15:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\PunkBuster [2012-06-23 21:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\QuickStoresToolbar [2011-08-28 21:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\Stereoscopic Player Komputer Świat Edition [2011-03-15 19:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\Tific [2011-11-01 13:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\TS3Client [2011-06-26 09:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\Ubisoft [2012-07-23 21:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\uTorrent [2011-11-17 21:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\wargaming.net [2012-07-23 19:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\Windows Update [2011-06-26 18:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\damian1\Dane aplikacji\XRay Engine [2010-11-25 23:20:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\iolo [2011-06-18 16:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\iZ3D Driver [2010-11-25 18:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\iolo [2012-07-23 10:54:32 | 000,000,504 | ---- | M] () -- C:\WINDOWS\Tasks\Auslogics BoostSpeed Special Edition Integrator Start On Windows Logon.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 88 bytes -> C:\Documents and Settings\damian1\Pulpit\BlackOps.exe:SummaryInformation @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CAEDBDA6 < End of report >