OTL logfile created on: 2012-11-18 12:34:54 - Run 2
OTL by OldTimer - Version 3.2.1.1     Folder = D:\Programy
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 1,67 Gb Free Space | 8,53% Space Free | Partition Type: NTFS
Drive D: | 213,34 Gb Total Space | 18,98 Gb Free Space | 8,90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 549,52 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 127,99 Gb Total Space | 3,06 Gb Free Space | 2,39% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MUDZIN
Current User Name: mdn
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-11-05 23:44:56 | 002,320,896 | ---- | M] (WTW.im, Kaworu) -- C:\Program Files\K2T\WTW\wtw.exe
PRC - [2012-10-27 09:46:40 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-10-27 09:46:35 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2011-11-15 14:13:22 | 003,990,528 | ---- | M] (WhatPulse.org) -- C:\Program Files\WhatPulse\WhatPulse.exe
PRC - [2010-04-14 17:09:50 | 000,561,664 | ---- | M] (OldTimer Tools) -- D:\Programy\OTL.exe
PRC - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010-04-14 17:09:50 | 000,561,664 | ---- | M] (OldTimer Tools) -- D:\Programy\OTL.exe
MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2012-11-18 12:04:40 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-18 11:41:41 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-10-27 09:46:40 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011-10-04 07:25:50 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvany.exe -- (KMService)
SRV - [2010-03-18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010-01-09 19:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009-09-14 06:00:00 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE -- (EPSON_EB_RPCV4_04) EPSON V5 Service4(04)
SRV - [2009-09-14 06:00:00 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE -- (EPSON_PM_RPCV4_04) EPSON V3 Service4(04)
SRV - [2008-04-14 21:50:36 | 000,161,612 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ntvixb.dll -- (mtgvvliv)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2012-11-17 11:27:47 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2009-05-26 11:47:46 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2009-01-25 21:54:52 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-01-25 21:54:52 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-01-25 12:24:28 | 000,716,272 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009-01-21 20:50:56 | 000,016,376 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-12-18 03:46:24 | 002,849,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007-09-19 14:44:46 | 000,101,504 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-09-19 10:16:32 | 004,617,728 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-08-07 20:48:33 | 000,025,160 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2007-02-16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006-12-28 04:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006-08-31 10:30:18 | 000,392,058 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM303.sys -- (ZSMC303) X-calibur USB PC Camera (Vimicro301 Neptune)
DRV - [2006-04-25 03:57:42 | 000,428,160 | R--- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmfilter303.sys -- (vmfilter303)
DRV - [2002-09-16 16:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2001-08-17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0
FF - prefs.js..extensions.enabledItems: filtersetg@updater:0.5.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}:5.0.15
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {104cba90-6fb2-11df-be2b-0800200c9a66}:1.2
FF - prefs.js..extensions.enabledItems: tabscope@xuldev.org:1.0.1
FF - prefs.js..extensions.enabledItems: vinceturk@gmail.com:2.7.2.884
FF - prefs.js..extensions.enabledItems: {cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}:0.7
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..keyword.URL: "http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=e45138aa-108a-42c3-a192-cb25173239fc&affid=111585&searchtype=ds&babsrc=lnkry&q="
FF - prefs.js..network.proxy.backup.ftp: "190.144.136.242"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.gopher: "190.144.136.242"
FF - prefs.js..network.proxy.backup.gopher_port: 8080
FF - prefs.js..network.proxy.backup.socks: "190.144.136.242"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "190.144.136.242"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "164.77.91.100"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "164.77.91.100"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "164.77.91.100"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.ssl: "164.77.91.100"
FF - prefs.js..network.proxy.ssl_port: 8080
 
FF - HKLM\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-03-06 14:46:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\fbphotozoom@installdaddy.com: C:\Program Files\fbphotozoom\fbphotozoom15.xpi [2012-03-25 17:07:27 | 000,102,423 | ---- | M] ()
FF - HKLM\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-10-27 09:46:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-11-18 11:42:01 | 000,000,000 | ---D | M]
 
[2009-12-22 15:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mdn\Dane aplikacji\Mozilla\Extensions
[2009-12-22 15:50:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mdn\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012-11-17 18:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mdn\Dane aplikacji\Mozilla\Firefox\Profiles\wojw0irf.default\extensions
[2012-07-10 11:34:31 | 000,000,000 | ---D | M] (8 Ultimo) -- C:\Documents and Settings\mdn\Dane aplikacji\Mozilla\Firefox\Profiles\wojw0irf.default\extensions\{2b6788a0-0ccd-11e1-be50-0800200c9a66}
[2012-05-09 10:44:03 | 000,000,000 | ---D | M] (FT SleekDark) -- C:\Documents and Settings\mdn\Dane aplikacji\Mozilla\Firefox\Profiles\wojw0irf.default\extensions\{a21cd440-41d6-11e0-9207-0800200c9a66}
[2012-07-12 19:34:29 | 000,000,000 | ---D | M] (Google Redesigned) -- C:\Documents and Settings\mdn\Dane aplikacji\Mozilla\Firefox\Profiles\wojw0irf.default\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}
[2012-01-18 01:12:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mdn\Dane aplikacji\Mozilla\Firefox\Profiles\wojw0irf.default\extensions\cacaoweb@cacaoweb.org
[2009-12-23 18:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mdn\Dane aplikacji\Mozilla\Firefox\Profiles\wojw0irf.default\extensions\filtersetg@updater
[2010-03-12 16:28:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mdn\Dane aplikacji\Mozilla\Firefox\Profiles\wojw0irf.default\extensions\illimitux@illimitux.net
[2011-10-12 10:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mdn\Dane aplikacji\Mozilla\Firefox\Profiles\wojw0irf.default\extensions\jid1-IlFl2ckDa7Di7g@jetpack
[2012-02-08 20:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mdn\Dane aplikacji\Mozilla\Firefox\Profiles\wojw0irf.default\extensions\superstart@enjoyfreeware.org
[2012-03-28 09:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mdn\Dane aplikacji\Mozilla\Firefox\Profiles\wojw0irf.default\extensions\vshare@toolbar
[2012-10-27 09:46:21 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2012-10-27 09:46:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012-10-27 09:46:40 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2009-05-16 17:01:47 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2006-08-09 11:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npWebLaunch.dll
[2012-06-07 20:36:52 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2012-06-07 20:36:52 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2012-06-07 20:36:52 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2012-06-07 20:36:52 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2012-06-07 20:36:52 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2012-06-07 20:36:52 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2010-04-14 17:26:59 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EXPLORER.EXE] C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [Mój gadżet] C:\Documents and Settings\mdn\Moje dokumenty\Ashampoo Gadge It\Standalone Gadget\Mój gadżet\Mój gadżet.exe (Ashampoo)
O4 - HKCU..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe (WhatPulse.org)
O4 - HKCU..\Run: [wsctf.exe]  File not found
O4 - Startup: C:\Documents and Settings\mdn\Menu Start\Programy\Autostart\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\mdn\Menu Start\Programy\Autostart\WTW.lnk = C:\Program Files\K2T\WTW\wtw.exe (WTW.im, Kaworu)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (Playtech)
O9 - Extra 'Tools' menuitem : Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (Playtech)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-01-21 20:30:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012-04-01 20:21:35 | 000,000,061 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012-04-01 20:21:35 | 000,000,061 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2001-04-18 16:23:00 | 000,000,041 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2012-04-01 20:21:35 | 000,000,061 | RHS- | M] () - G:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{04c3c160-d63a-11e0-a524-001d7dc68651}\Shell\AutoRun\command - "" = H:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{04c3c160-d63a-11e0-a524-001d7dc68651}\Shell\explore\Command - "" = H:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{04c3c160-d63a-11e0-a524-001d7dc68651}\Shell\open\Command - "" = H:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{3cc56109-60d5-11de-bab1-001d7dc68651}\Shell\AutoRun\command - "" = H:\i8gcgmg.exe -- File not found
O33 - MountPoints2\{3cc56109-60d5-11de-bab1-001d7dc68651}\Shell\open\Command - "" = H:\i8gcgmg.exe -- File not found
O33 - MountPoints2\{3df1ddd6-2f60-11df-bc7f-0050da3c08c8}\Shell - "" = AutoRun
O33 - MountPoints2\{74622a6c-9e38-11e0-a4aa-001d7dc68651}\Shell - "" = AutoRun
O33 - MountPoints2\{824e74da-2331-11e1-a5f1-001d7dc68651}\Shell - "" = AutoRun
O33 - MountPoints2\{834dc682-1ddb-11e1-a5e2-001d7dc68651}\Shell\AutoRun\command - "" = H:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{834dc682-1ddb-11e1-a5e2-001d7dc68651}\Shell\explore\Command - "" = H:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{834dc682-1ddb-11e1-a5e2-001d7dc68651}\Shell\open\Command - "" = H:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{95a5858e-f797-11de-bc01-001d7dc68651}\Shell - "" = AutoRun
O33 - MountPoints2\{95a5858e-f797-11de-bc01-001d7dc68651}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\{a4d2e652-5ff7-11df-a200-0050da3c08c8}\Shell - "" = AutoRun
O33 - MountPoints2\{a967e5e2-2435-11de-b026-001d7dc68651}\Shell\AutoRun\command - "" = I:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{a967e5e2-2435-11de-b026-001d7dc68651}\Shell\explore\Command - "" = I:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{a967e5e2-2435-11de-b026-001d7dc68651}\Shell\open\Command - "" = I:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{b4d67a65-3096-11e2-a87c-001d7dc68651}\Shell - "" = AutoRun
O33 - MountPoints2\{b4d67a65-3096-11e2-a87c-001d7dc68651}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- [2001-04-30 18:33:00 | 000,032,768 | R--- | M] ()
O33 - MountPoints2\{c61bb380-c7ea-11e0-a507-001d7dc68651}\Shell\AutoRun\command - "" = H:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{c61bb380-c7ea-11e0-a507-001d7dc68651}\Shell\explore\Command - "" = H:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{c61bb380-c7ea-11e0-a507-001d7dc68651}\Shell\open\Command - "" = H:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{d333ff37-b60e-11e0-a4e4-001d7dc68651}\Shell\ArcaVirMenu\command - "" = H:\ArcaVirMenu.exe -- File not found
O33 - MountPoints2\{d333ff37-b60e-11e0-a4e4-001d7dc68651}\Shell\AutoRun\command - "" = H:\ArcaVirMenu.exe -- File not found
O33 - MountPoints2\{d333ff38-b60e-11e0-a4e4-001d7dc68651}\Shell\AutoRun\command - "" = I:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{d333ff38-b60e-11e0-a4e4-001d7dc68651}\Shell\explore\Command - "" = I:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{d333ff38-b60e-11e0-a4e4-001d7dc68651}\Shell\open\Command - "" = I:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{d333ff3a-b60e-11e0-a4e4-001d7dc68651}\Shell\AutoRun\command - "" = H:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{d333ff3a-b60e-11e0-a4e4-001d7dc68651}\Shell\explore\Command - "" = H:\EXPLORER.EXE -- File not found
O33 - MountPoints2\{d333ff3a-b60e-11e0-a4e4-001d7dc68651}\Shell\open\Command - "" = H:\EXPLORER.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-11-18 12:25:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mdn\Moje dokumenty\Ashampoo Gadge It
[2012-11-18 12:09:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mdn\Dane aplikacji\IObit
[2012-11-18 11:46:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\mdn\Recent
[2012-11-18 11:42:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2012-11-18 11:42:01 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012-11-18 11:42:01 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012-11-18 11:42:01 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-11-18 11:41:54 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-11-18 11:41:54 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-11-18 11:41:54 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012-11-18 11:40:23 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-11-17 23:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\TuneUp Software
[2012-11-17 11:28:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mdn\Dane aplikacji\TuneUp Software
[2012-11-17 11:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2012-11-17 11:28:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012-11-17 11:27:37 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-11-17 11:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mdn\Dane aplikacji\OpenCandy
[2012-10-27 09:46:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011-08-24 12:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Fighters
[2011-04-27 21:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2011-04-27 08:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2011-04-27 08:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2011-01-01 10:46:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-09-24 15:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Temp
[2010-05-01 11:54:09 | 000,030,208 | ---- | C] (Melloware Inc (www.melloware.com)) -- C:\Documents and Settings\mdn\JIntellitype.dll
[2009-09-17 11:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Panda Software
[2009-01-21 20:30:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-01-21 20:30:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-11-18 12:36:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1844237615-1801674531-1004UA.job
[2012-11-18 12:36:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1844237615-1801674531-1004Core.job
[2012-11-18 12:27:29 | 001,262,420 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2012-11-18 12:27:29 | 000,558,366 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-11-18 12:27:29 | 000,496,402 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-11-18 12:27:29 | 000,105,338 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-11-18 12:27:29 | 000,084,694 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-11-18 12:15:31 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-18 12:15:30 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012-11-18 12:14:12 | 013,631,488 | -H-- | M] () -- C:\Documents and Settings\mdn\NTUSER.DAT
[2012-11-18 12:14:12 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\mdn\ntuser.ini
[2012-11-18 12:04:41 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-11-18 12:04:38 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-11-18 12:04:38 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-11-18 11:45:00 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1844237615-1801674531-1003UA.job
[2012-11-18 11:41:42 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012-11-18 11:41:40 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012-11-18 11:41:40 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012-11-18 11:41:40 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012-11-18 11:41:40 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012-11-18 11:41:39 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012-11-18 11:41:39 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012-11-18 11:39:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-18 00:45:00 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1844237615-1801674531-1003Core.job
[2012-11-17 11:27:47 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-11-04 13:54:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-11-18 12:23:17 | 000,001,200 | ---- | C] () -- C:\Documents and Settings\mdn\Dane aplikacji\Ashampoo Gadge It event.log
[2012-11-18 11:40:24 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-10-08 19:47:13 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\mdn\.recently-used.xbel
[2012-09-24 10:39:25 | 000,402,254 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1708537768-1844237615-1801674531-1003-0.dat
[2012-09-24 10:39:24 | 000,354,878 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2012-09-11 15:31:08 | 000,000,179 | ---- | C] () -- C:\WINDOWS\MKP.ini
[2012-04-03 16:03:58 | 000,002,234 | ---- | C] () -- C:\WINDOWS\MxGrid.INI
[2012-04-03 15:46:33 | 000,000,066 | ---- | C] () -- C:\WINDOWS\mxreader.INI
[2012-04-03 15:42:19 | 000,002,427 | ---- | C] () -- C:\WINDOWS\AmFK.ini
[2012-04-03 15:41:54 | 000,101,888 | ---- | C] () -- C:\WINDOWS\System32\BUTIL.DLL
[2012-04-03 15:41:54 | 000,002,055 | R--- | C] () -- C:\WINDOWS\BTI.INI
[2011-12-05 11:56:20 | 000,005,504 | ---- | C] () -- C:\Documents and Settings\mdn\ksw32.lc
[2011-12-01 15:03:48 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2011-12-01 15:03:48 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2011-12-01 15:03:48 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2011-11-13 16:53:04 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2011-10-25 19:19:32 | 000,000,095 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2011-10-04 15:16:02 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011-06-14 13:04:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2011-05-23 16:36:50 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\mdn\Dane aplikacji\$_hpcst$.hpc
[2011-02-18 19:24:27 | 000,000,311 | ---- | C] () -- C:\WINDOWS\pdf2word.INI
[2010-07-26 21:31:20 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010-06-29 23:39:06 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\mdn\default.pls
[2010-01-05 22:09:29 | 000,000,064 | ---- | C] () -- C:\WINDOWS\.ini
[2009-10-05 19:08:27 | 000,002,527 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2009-06-15 14:37:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HMHud.INI
[2009-05-09 16:39:55 | 001,038,400 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2009-03-09 20:09:53 | 000,003,237 | ---- | C] () -- C:\Documents and Settings\mdn\pokerstove.txt
[2009-02-21 20:15:17 | 000,024,576 | ---- | C] () -- C:\WINDOWS\VMPipe.dll
[2009-02-11 21:48:27 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009-02-11 17:05:07 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-02-04 21:13:44 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009-01-29 20:59:09 | 000,000,084 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2009-01-29 12:21:17 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
[2009-01-26 14:39:28 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\mdn\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2009-01-26 11:12:30 | 000,000,156 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009-01-26 11:11:58 | 000,001,922 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009-01-25 21:54:52 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-01-25 21:54:52 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-01-21 21:52:26 | 000,186,880 | ---- | C] () -- C:\Documents and Settings\mdn\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-01-21 20:58:04 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-01-21 20:58:04 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-01-21 20:58:04 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-01-21 20:58:04 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-01-21 20:58:04 | 000,000,714 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-01-21 20:47:20 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009-01-21 20:33:47 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\mdn\ntuser.dat.LOG
[2009-01-21 20:33:47 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\mdn\ntuser.ini
[2009-01-21 20:33:46 | 013,631,488 | -H-- | C] () -- C:\Documents and Settings\mdn\NTUSER.DAT
[2008-11-22 09:11:04 | 000,001,607 | ---- | C] () -- C:\WINDOWS\System32\Load.ini
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-06-29 14:24:32 | 000,311,128 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2008-06-29 14:24:32 | 000,168,960 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008-06-29 14:24:31 | 001,526,468 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2008-04-28 13:55:27 | 000,162,816 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2008-04-14 21:50:36 | 000,161,612 | RHS- | C] () -- C:\WINDOWS\System32\ntvixb.dll
[2007-06-19 07:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007-02-22 16:17:50 | 000,000,071 | ---- | C] () -- C:\WINDOWS\pn.ini
[2007-02-22 16:17:50 | 000,000,051 | ---- | C] () -- C:\WINDOWS\pr.ini
[2002-05-04 12:04:45 | 000,094,636 | ---- | C] () -- C:\WINDOWS\dropcpyr.dll
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:2A81F9CE
< End of report >