OTL logfile created on: 2012-12-20 15:09:09 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\ARF\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,98 Gb Total Physical Memory | 0,82 Gb Available Physical Memory | 41,22% Memory free 3,83 Gb Paging File | 2,60 Gb Available in Paging File | 67,78% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 68,36 Gb Total Space | 3,57 Gb Free Space | 5,22% Space Free | Partition Type: NTFS Drive D: | 80,68 Gb Total Space | 69,85 Gb Free Space | 86,58% Space Free | Partition Type: exFAT Computer Name: ARF | User Name: ARF | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-12-20 15:07:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ARF\Moje dokumenty\Downloads\OTL.exe PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2012-12-04 15:14:26 | 001,354,736 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam\Steam.exe PRC - [2012-12-02 16:22:46 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe PRC - [2012-11-30 16:42:23 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe PRC - [2012-10-03 13:25:42 | 000,188,760 | ---- | M] () -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe PRC - [2012-10-02 16:20:26 | 001,008,496 | ---- | M] () -- C:\WINDOWS\system32\dmwu.exe PRC - [2012-08-24 08:57:08 | 000,336,992 | ---- | M] (Power Software Ltd) -- C:\Program Files\PowerISO\PWRISOVM.EXE PRC - [2011-08-15 15:18:14 | 001,955,208 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2011-08-15 15:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2010-04-07 21:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2009-11-19 11:43:58 | 001,592,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2009-03-12 12:53:46 | 000,483,422 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe PRC - [2009-03-12 12:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\IntelXPV_v103\WDM\stacsv.exe PRC - [2006-03-06 15:55:32 | 000,086,016 | ---- | M] () -- C:\Program Files\ivo\UniSpiker-2.6\uni_spiker-2.6.exe PRC - [2004-09-19 19:27:44 | 000,065,536 | ---- | M] () -- C:\Program Files\LClock\LClock.exe PRC - [2004-03-23 12:06:12 | 000,888,832 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-12-13 10:03:05 | 000,835,072 | ---- | M] () -- C:\Program Files\Steam\steam\sdl.dll MOD - [2012-12-13 10:02:01 | 020,320,240 | ---- | M] () -- C:\Program Files\Steam\steam\bin\libcef.dll MOD - [2012-12-13 10:01:52 | 000,968,688 | ---- | M] () -- C:\Program Files\Steam\steam\bin\chromehtml.dll MOD - [2012-12-13 10:01:51 | 001,100,800 | ---- | M] () -- C:\Program Files\Steam\steam\bin\avcodec-53.dll MOD - [2012-12-13 10:01:51 | 000,192,000 | ---- | M] () -- C:\Program Files\Steam\steam\bin\avformat-53.dll MOD - [2012-12-13 10:01:51 | 000,124,416 | ---- | M] () -- C:\Program Files\Steam\steam\bin\avutil-51.dll MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.97\pdf.dll MOD - [2012-12-05 02:14:29 | 000,587,880 | ---- | M] () -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.97\libglesv2.dll MOD - [2012-12-05 02:14:28 | 000,124,520 | ---- | M] () -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.97\libegl.dll MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.97\avutil-51.dll MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.97\avformat-54.dll MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll MOD - [2012-12-02 16:22:46 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe MOD - [2012-12-02 09:51:02 | 000,566,728 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll MOD - [2012-11-30 16:42:25 | 000,134,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll MOD - [2012-11-30 16:42:23 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe MOD - [2012-10-03 13:25:42 | 000,188,760 | ---- | M] () -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe MOD - [2012-10-02 16:20:26 | 001,008,496 | ---- | M] () -- C:\WINDOWS\system32\dmwu.exe MOD - [2012-10-02 16:18:42 | 000,028,160 | ---- | M] () -- C:\WINDOWS\system32\ImHttpComm.dll MOD - [2010-12-05 01:20:59 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.SHDocVw\1.1.0.0__f62fe54d9a592d72\Interop.SHDocVw.dll MOD - [2010-12-05 01:20:59 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC\CommandBar\1.1.0.0__f62fe54d9a592d72\CommandBar.dll MOD - [2010-12-05 01:20:59 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC\BandObjects\1.1.0.0__f62fe54d9a592d72\BandObjects.dll MOD - [2010-12-05 01:20:59 | 000,015,872 | ---- | M] () -- C:\WINDOWS\assembly\GAC\ZCommon\1.1.0.0__f62fe54d9a592d72\ZCommon.dll MOD - [2010-12-05 01:20:11 | 011,411,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\74a1873cea3f244a880a143276a71d17\mscorlib.ni.dll MOD - [2010-08-26 00:12:26 | 000,555,624 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll MOD - [2010-03-15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2008-04-15 12:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2006-03-08 11:04:24 | 000,741,376 | ---- | M] () -- C:\Program Files\ivo\Ivona_Demo-1.0\ivona_sapi4_demo.dll MOD - [2006-03-08 09:29:00 | 012,939,264 | ---- | M] () -- C:\Program Files\ivo\Ivona_Demo-1.0\voices\voice_pl_jl16demo.dll MOD - [2006-03-06 15:55:50 | 000,094,208 | ---- | M] () -- C:\Program Files\ivo\UniSpiker-2.6\voice_api.dll MOD - [2006-03-06 15:55:46 | 000,049,152 | ---- | M] () -- C:\Program Files\ivo\UniSpiker-2.6\plugins\clipboard.dll MOD - [2006-03-06 15:55:42 | 000,049,152 | ---- | M] () -- C:\Program Files\ivo\UniSpiker-2.6\plugins\clock.dll MOD - [2006-03-06 15:55:40 | 000,053,248 | ---- | M] () -- C:\Program Files\ivo\UniSpiker-2.6\plugins\keyboard.dll MOD - [2006-03-06 15:55:36 | 000,126,976 | ---- | M] () -- C:\Program Files\ivo\UniSpiker-2.6\plugins\mail.dll MOD - [2006-03-06 15:55:32 | 000,086,016 | ---- | M] () -- C:\Program Files\ivo\UniSpiker-2.6\uni_spiker-2.6.exe MOD - [2006-03-06 15:55:22 | 000,069,632 | ---- | M] () -- C:\Program Files\ivo\UniSpiker-2.6\unispiker_api.dll MOD - [2004-09-19 19:27:44 | 000,065,536 | ---- | M] () -- C:\Program Files\LClock\LClock.exe MOD - [2004-09-19 19:27:34 | 000,069,632 | ---- | M] () -- C:\Program Files\LClock\LC.dll MOD - [2004-09-19 19:27:30 | 000,081,920 | ---- | M] () -- C:\Program Files\LClock\Calendar.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-12-14 16:36:29 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012-11-30 16:42:23 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0) SRV - [2012-10-24 18:48:30 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-10-03 13:25:42 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe -- (IB Updater Updater) SRV - [2012-10-02 16:20:26 | 001,008,496 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\dmwu.exe -- (IBUpdaterService) SRV - [2012-01-31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011-08-15 15:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010-04-07 21:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2009-09-06 12:38:06 | 000,071,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2009-03-12 12:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\IntelXPV_v103\WDM\stacsv.exe -- (STacSV) SRV - [2009-01-12 16:18:54 | 000,005,120 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Prio\prio_svc.exe -- (prio_svc) SRV - [2008-03-21 00:55:58 | 000,071,680 | ---- | M] (zett42) [Disabled | Stopped] -- C:\Program Files\FlashFolder\FlashFolder.exe -- (FlashFolder) SRV - [2007-11-14 21:46:00 | 000,131,072 | ---- | M] (Brio) [Disabled | Stopped] -- C:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012-12-02 09:51:02 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp) DRV - [2012-08-24 08:57:00 | 000,113,104 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2011-11-12 15:13:32 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2011-11-12 15:13:32 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2011-11-12 15:13:32 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2011-11-12 15:13:32 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV - [2010-04-07 21:08:08 | 000,055,232 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2010-04-07 21:08:06 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2010-04-07 21:08:04 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2010-04-07 21:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-04-07 21:03:44 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2009-11-28 00:26:05 | 000,069,168 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2009-11-28 00:26:03 | 000,217,128 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3132r5.sys -- (Si3132r5) DRV - [2009-11-28 00:26:02 | 000,080,424 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3132.sys -- (Si3132) DRV - [2009-11-28 00:25:59 | 000,076,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3124.sys -- (Si3124) DRV - [2009-11-28 00:25:58 | 000,209,200 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\Si3114r5.sys -- (Si3114r5) DRV - [2009-11-28 00:25:53 | 000,152,616 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mv61xx.sys -- (mv61xx) DRV - [2009-09-28 20:57:28 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-03-12 12:53:46 | 001,550,613 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2008-12-26 12:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) DRV - [2008-04-15 12:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008-04-15 12:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2008-04-15 12:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2004-05-13 22:54:34 | 000,014,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo) DRV - [2004-05-13 22:54:32 | 000,021,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2004-05-13 22:54:28 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2004-05-13 22:54:26 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2004-05-13 22:54:24 | 000,044,384 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2003-12-08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) DRV - [2003-12-08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDzzzyyE0FyCyDyDzyzztAtN0D0Tzu0CtAtDtCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=620464516 IE - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms} IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDzzzyyE0FyCyDyDzyzztAtN0D0Tzu0CtAtDtCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=620464516 IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.windowz.pl IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.pl/search?q=%s IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.windowz.pl IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.pl/search?q=%s IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.windowz.pl IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.pl/search?q=%s IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.windowz.pl IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.pl/search?q=%s IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={1684D37D-A0A5-42F4-9C10-68278C3CF7AA}&mid=6432bd9433d047d0af86d14716f64821-362ca820674282be173135c93ab21f605d11a8ad&lang=pl&ds=st011&pr=sa&d=2012-12-02 09:51:11&v=13.2.0.4&sap=hp IE - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\..\URLSearchHook: {8f3c1d75-d467-43c2-9a36-655366b76f5f} - C:\Program Files\Softonic-Polska_\prxtbSof2.dll (Conduit Ltd.) IE - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_pl IE - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={1684D37D-A0A5-42F4-9C10-68278C3CF7AA}&mid=6432bd9433d047d0af86d14716f64821-362ca820674282be173135c93ab21f605d11a8ad&lang=pl&ds=st011&pr=sa&d=2012-12-02 09:51:11&v=13.2.0.4&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms} IE - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031818 IE - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDzzzyyE0FyCyDyDzyzztAtN0D0Tzu0CtAtDtCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=620464516 IE - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6R8IOp7iPS&i=26 IE - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.defaultthis.engineName: "SFT_Polska_ Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3031818&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "http://isearch.avg.com/?cid={1684D37D-A0A5-42F4-9C10-68278C3CF7AA}&mid=6432bd9433d047d0af86d14716f64821-362ca820674282be173135c93ab21f605d11a8ad&lang=pl&ds=st011&pr=sa&d=2012-12-02 09:51:11&v=13.2.0.4&sap=hp" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: {8f3c1d75-d467-43c2-9a36-655366b76f5f}:3.6.0.10 FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0 FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.4.1.00 FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid={1684D37D-A0A5-42F4-9C10-68278C3CF7AA}&mid=6432bd9433d047d0af86d14716f64821-362ca820674282be173135c93ab21f605d11a8ad&lang=pl&ds=st011&pr=sa&d=2012-12-02 09:51:11&v=13.2.0.4&sap=ku&q=" FF - prefs.js..network.proxy.type: 0 FF - prefs.js..keyword.URL: "http://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDzzzyyE0FyCyDyDzyzztAtN0D0Tzu0CtAtDtCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=620464516&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50303.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\4ff93e4a102f3@4ff93e4a1032e.info: C:\Documents and Settings\ARF\Dane aplikacji\Mozilla\Firefox\Profiles\msav0c44.default\extensions\4ff93e4a102f3@4ff93e4a1032e.info [2012-07-08 09:04:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox [2012-10-21 09:34:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\FireFoxExt\13.2.0.5 [2012-12-02 16:22:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-11-26 10:58:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-11-26 10:58:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-12-07 17:14:08 | 000,000,000 | ---D | M] [2010-12-05 18:11:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ARF\Dane aplikacji\Mozilla\Extensions [2012-10-27 11:06:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ARF\Dane aplikacji\Mozilla\Firefox\Profiles\msav0c44.default\extensions [2011-08-24 07:03:40 | 000,000,000 | ---D | M] (SFT_Polska_ Community Toolbar) -- C:\Documents and Settings\ARF\Dane aplikacji\Mozilla\Firefox\Profiles\msav0c44.default\extensions\{8f3c1d75-d467-43c2-9a36-655366b76f5f} [2011-12-14 20:55:31 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\ARF\Dane aplikacji\Mozilla\Firefox\Profiles\msav0c44.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2011-04-19 18:36:30 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\ARF\Dane aplikacji\Mozilla\Firefox\Profiles\msav0c44.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012-07-08 09:04:42 | 000,000,000 | ---D | M] (wxDfast) -- C:\Documents and Settings\ARF\Dane aplikacji\Mozilla\Firefox\Profiles\msav0c44.default\extensions\4ff93e4a102f3@4ff93e4a1032e.info [2012-10-27 11:06:08 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Documents and Settings\ARF\Dane aplikacji\Mozilla\Firefox\Profiles\msav0c44.default\extensions\ffxtlbr@funmoods.com [2012-10-21 09:34:59 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Documents and Settings\ARF\Dane aplikacji\Mozilla\Firefox\Profiles\msav0c44.default\extensions\ffxtlbr@incredibar.com [2011-08-01 14:59:20 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\ARF\Dane aplikacji\Mozilla\Firefox\Profiles\msav0c44.default\searchplugins\conduit.xml [2012-10-27 11:06:06 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\ARF\Dane aplikacji\Mozilla\Firefox\Profiles\msav0c44.default\searchplugins\Funmoods.xml [2012-10-21 09:33:30 | 000,002,203 | ---- | M] () -- C:\Documents and Settings\ARF\Dane aplikacji\Mozilla\Firefox\Profiles\msav0c44.default\searchplugins\MyStart Search.xml [2011-12-14 20:55:14 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\ARF\Dane aplikacji\Mozilla\Firefox\Profiles\msav0c44.default\searchplugins\Search_Results.xml [2012-03-26 14:24:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-05 18:49:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-12-05 18:49:15 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011-12-14 20:55:43 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\WINDOWS SEARCHQU TOOLBAR\DATAMNGR\FIREFOXEXTENSION [2010-12-05 18:49:15 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-07-03 13:33:46 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-12-02 16:22:47 | 000,003,573 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2011-07-03 13:33:46 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-07-03 13:33:46 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-07-03 13:33:46 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-12-14 20:55:14 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml [2011-07-03 13:33:46 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-07-03 13:33:46 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDzzzyyE0FyCyDyDzyzztAtN0D0Tzu0CtAtDtCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=620464516 CHR - default_search_provider: Onet.pl (Enabled) CHR - default_search_provider: search_url = http://szukaj.onet.pl/query.html?qt={searchTerms} CHR - default_search_provider: suggest_url = CHR - homepage: http://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDzzzyyE0FyCyDyDzyzztAtN0D0Tzu0CtAtDtCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=620464516 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\23.0.1271.97\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Microsoft\\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.50303.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - Extension: Funmoods = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\1.0_0\ CHR - Extension: YouTube = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: IB Updater = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.533_0\ CHR - Extension: AVG Secure Search = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\ CHR - Extension: AVG Secure Search = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak CHR - Extension: wxDfast = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nfjnjeadkciafodfjafefdefpcplgidm\1.0_0\ CHR - Extension: IncrediBar for Chrome\u2122 = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\niogeckbkdcabhnapjbkeiklablhjoca\1.0.5_0\ CHR - Extension: Gmail = C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2008-04-15 12:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (wxDfast Class) - {1065136D-0D12-14D2-0D9C-60F18B388F9F} - Reg Error: Value error. File not found O2 - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll () O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD) O2 - BHO: (SFT_Polska_ Toolbar) - {8f3c1d75-d467-43c2-9a36-655366b76f5f} - C:\Program Files\Softonic-Polska_\prxtbSof2.dll (Conduit Ltd.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - Reg Error: Value error. File not found O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.) O2 - BHO: (Loader Class) - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - C:\WINDOWS\system32\FindeXer.dll (A Part of the LessCliX Suite by Alianyn) O3 - HKLM\..\Toolbar: (SFT_Polska_ Toolbar) - {8f3c1d75-d467-43c2-9a36-655366b76f5f} - C:\Program Files\Softonic-Polska_\prxtbSof2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (no name) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - No CLSID value found. O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\..\Toolbar\ShellBrowser: (no name) - {63AB4C54-3310-44c9-85D8-AA92C2263D58} - No CLSID value found. O3 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\..\Toolbar\ShellBrowser: (no name) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - No CLSID value found. O3 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\..\Toolbar\WebBrowser: (SFT_Polska_ Toolbar) - {8F3C1D75-D467-43C2-9A36-655366B76F5F} - C:\Program Files\Softonic-Polska_\prxtbSof2.dll (Conduit Ltd.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [Plus Internet] C:\Program Files\Plus Internet\PlusInternetChecker.exe () O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd) O4 - HKLM..\Run: [Resume copy] C:\WINDOWS\copyfstq.exe () O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe () O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium) O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKU\.DEFAULT..\Run: [LClock] C:\Program Files\LClock\LClock.exe () O4 - HKU\S-1-5-18..\Run: [LClock] C:\Program Files\LClock\LClock.exe () O4 - HKU\S-1-5-19..\Run: [LClock] C:\Program Files\LClock\LClock.exe () O4 - HKU\S-1-5-20..\Run: [LClock] C:\Program Files\LClock\LClock.exe () O4 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002..\Run: [LClock] C:\Program Files\LClock\LClock.exe () O4 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002..\Run: [PKTray] C:\Program Files\Przyspiesz Komputer\PKTray.exe (Speedchecker Limited) O4 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002..\Run: [Steam] C:\Program Files\Steam\steam\steam.exe (Valve Corporation) O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\del.exe () O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\run.lnk = C:\Program Files\WindowZ\Kreator post-instalacyjny\run.bat () O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\Transparent fx - lite.lnk = C:\Program Files\Fadebar\Fadebar.exe (Nookian Apps) O4 - Startup: C:\Documents and Settings\ARF\Menu Start\Programy\Autostart\Transparent fx - lite.lnk = C:\Program Files\Fadebar\Fadebar.exe (Nookian Apps) O4 - Startup: C:\Documents and Settings\ARF\Menu Start\Programy\Autostart\UniSpiker-2.6.lnk = C:\Program Files\ivo\UniSpiker-2.6\uni_spiker-2.6.exe () O4 - Startup: C:\Documents and Settings\Default User\Menu Start\Programy\Autostart\Transparent fx - lite.lnk = C:\Program Files\Fadebar\Fadebar.exe (Nookian Apps) O4 - Startup: C:\Documents and Settings\Default User\Menu Start\Programy\Autostart\z.cmd () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-21-789336058-1958367476-1606980848-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3884CD71-E86E-40A1-842D-4185E986316C}: NameServer = 217.172.224.160 80.244.128.3 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll () O20 - AppInit_DLLs: (C:\PROGRA~1\WINDOW~4\Datamngr\datamngr.dll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~1\WINDOW~4\Datamngr\IEBHO.dll) - File not found O20 - AppInit_DLLs: (prio.dll) - C:\Program Files\Prio\prio.dll (O&K Software) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (%windir%\\system32\\LogonuiZ.exe) - C:\WINDOWS\\system32\\LogonuiZ.exe () O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-12-05 01:13:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{4507915a-5adf-11e1-8ae7-001cc029da88}\Shell - "" = AutoRun O33 - MountPoints2\{4507915a-5adf-11e1-8ae7-001cc029da88}\Shell\AutoRun\command - "" = J:\AutoRun.exe O33 - MountPoints2\{4507915d-5adf-11e1-8ae7-001cc029da88}\Shell - "" = AutoRun O33 - MountPoints2\{4507915d-5adf-11e1-8ae7-001cc029da88}\Shell\AutoRun\command - "" = J:\AutoRun.exe O33 - MountPoints2\{ecde855e-70e3-11e1-8b16-000e5012a1d2}\Shell\AutoRun\command - "" = Install.exe O33 - MountPoints2\{fb985b44-588e-11e0-88a6-000e5012a1d2}\Shell\AutoRun\command - "" = M:\PMBP_Win.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-12-20 13:18:08 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ARF\Recent [2012-12-19 18:24:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Dane aplikacji\.minecraft [2012-12-19 18:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Pulpit\New World [2012-12-14 16:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet [2012-12-14 16:43:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2012-12-14 16:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012-12-14 16:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012-12-14 16:36:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2012-12-14 16:35:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012-12-05 07:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TechSmith [2012-12-05 07:36:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared [2012-12-05 07:35:38 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith [2012-12-02 16:22:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache [2012-12-02 10:21:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\MAXON [2012-12-02 09:52:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Dane aplikacji\PowerISO [2012-12-02 09:51:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PowerISO [2012-12-02 09:51:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\AVG Secure Search [2012-12-02 09:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search [2012-12-02 09:51:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Dane aplikacji\AVG Secure Search [2012-12-02 09:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search [2012-12-02 09:50:01 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO [2012-12-01 19:24:19 | 000,000,000 | --SD | C] -- C:\Documents and Settings\ARF\Pulpit\Do Grafiki ;p [2012-11-30 16:29:14 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2012-11-29 16:37:30 | 229,702,272 | ---- | C] (Sony Creative Software Inc.) -- C:\Documents and Settings\ARF\Pulpit\vegaspro12.0.394.exe [2012-11-24 14:17:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Pulpit\texturepacks [2012-11-21 21:37:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Pulpit\bw [2012-11-21 21:34:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Pulpit\models [2012-11-20 18:27:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Fraps [2012-11-09 20:15:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Pulpit\Minecraft_Guy [2012-11-07 13:54:56 | 000,000,000 | ---D | C] -- C:\Program Files\MAXON [2012-11-07 13:54:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Dane aplikacji\MAXON [2012-11-05 19:30:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Pulpit\_mtasa-1.3.1-rc-04710-2-003-files-net-cksummed.rar_tmp__bak_ [2012-11-05 19:22:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Pulpit\228274 (1) [2012-11-05 19:19:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Rockstar Games [2012-11-02 17:59:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Pulpit\Fraps [2012-10-27 15:18:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Dane aplikacji\.techniclauncher [2012-10-27 11:05:21 | 000,000,000 | ---D | C] -- C:\Program Files\Funmoods [2012-10-27 11:04:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\ARF\Menu Start\Programy\Narzędzia administracyjne [2012-10-27 11:02:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Premium [2012-10-26 19:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\FabPack v1.0 [2012-10-26 18:13:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ARF\Dane aplikacji\Minecraft Skin Viewer [2011-04-11 21:01:57 | 021,442,560 | ---- | C] (Aspyr Media, Inc.) -- C:\Documents and Settings\ARF\Noob Stop Mod DEMO created by W.o,l.f'ey%.exe [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-12-20 15:03:00 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1958367476-1606980848-1002UA.job [2012-12-20 15:00:00 | 000,024,064 | ---- | M] () -- C:\WINDOWS\System32\Notepad2.ini [2012-12-20 15:00:00 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-12-20 13:18:08 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-12-20 13:17:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-12-19 21:03:00 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1958367476-1606980848-1002Core.job [2012-12-19 20:24:34 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{574AEB2E-A3EB-4C1A-913B-5FD4EB75EF2F}.job [2012-12-19 17:27:01 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\Skype.lnk [2012-12-18 20:56:58 | 000,019,149 | ---- | M] () -- C:\Documents and Settings\ARF\.recently-used.xbel [2012-12-18 15:08:39 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-12-15 20:05:24 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\NEI.dat [2012-12-15 12:28:21 | 001,562,456 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-12-10 19:04:47 | 000,007,913 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\pobrane (2).jpg [2012-12-07 14:58:21 | 004,032,966 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\bez tytułu.bmp [2012-12-05 17:17:32 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\TSClame_acm.xml [2012-12-05 16:42:55 | 001,021,426 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\Untitled_First_Frame.png [2012-12-05 15:34:57 | 1518,266,648 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\javaw 2012-12-05 15-31-13-45.avi [2012-12-05 07:36:07 | 000,000,893 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Camtasia Studio 8.lnk [2012-12-04 22:57:29 | 256,275,456 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\camtasia.msi [2012-12-04 20:29:38 | 000,007,989 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\pobrane (3).jpg [2012-12-04 20:28:40 | 000,007,989 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\pobrane (1).jpg [2012-12-04 20:27:29 | 000,001,920 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\pobrane.jpg [2012-12-03 22:19:09 | 000,157,702 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\filip.c4d [2012-12-02 22:36:55 | 001,142,084 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\by FIlipek [2012-12-02 22:06:37 | 000,000,043 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\pixel-vfl3z5WfW.gif [2012-12-02 21:09:53 | 000,154,324 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\Bez nazwy 1.c4d [2012-12-02 21:03:42 | 000,154,574 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\Bez nazwy 4.c4d [2012-12-02 19:09:50 | 000,090,382 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\ filip.rar [2012-12-02 19:04:41 | 000,016,673 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\filip.obj [2012-12-02 18:56:01 | 000,003,254 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\sketch (38).PNG [2012-12-02 17:18:18 | 000,006,280 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\images.jpg [2012-12-02 12:48:18 | 000,507,371 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\2012-11-27_20.15.11.png [2012-12-02 12:38:44 | 859,481,016 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\javaw 2012-12-02 12-36-52-10.avi [2012-12-02 11:03:46 | 000,070,015 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\skierman yt .jpg [2012-12-02 10:22:10 | 000,000,806 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\CINEMA 4D.lnk [2012-12-02 09:51:27 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PowerISO.lnk [2012-12-02 09:51:02 | 000,026,984 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys [2012-12-01 22:24:42 | 000,028,883 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\gui.png [2012-12-01 21:19:28 | 000,806,832 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\mrfilipek.jpg [2012-12-01 19:52:18 | 000,275,599 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\ filip.jpg [2012-12-01 19:50:31 | 012,485,818 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\new youtube template by volts.psd [2012-11-29 17:09:05 | 229,702,272 | ---- | M] (Sony Creative Software Inc.) -- C:\Documents and Settings\ARF\Pulpit\vegaspro12.0.394.exe [2012-11-26 18:05:22 | 003,592,376 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\gta_sa 2012-11-26 18-05-21-75.avi [2012-11-26 17:29:08 | 001,410,792 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\javaw 2012-11-26 17-29-07-65.avi [2012-11-26 17:26:50 | 000,328,579 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\OptiFine_1.4.5_HD_U_D3.zip [2012-11-20 18:27:29 | 000,000,551 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Fraps.lnk [2012-11-17 20:36:56 | 000,136,399 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\new youtube template by Filipek.jpg [2012-11-17 20:32:59 | 008,149,863 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\new youtube template by Filipek.psd [2012-11-17 20:31:30 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\sadsa [2012-11-17 19:49:24 | 000,014,179 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\arctic.gif [2012-11-17 19:47:37 | 000,260,489 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\layout4faronekpl.jpg [2012-11-14 16:55:54 | 001,393,941 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\skierman.jpg [2012-11-14 16:55:02 | 001,543,777 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\new youtube partner template by volts.jpg [2012-11-14 16:11:35 | 000,175,078 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\11_obraz.jpg [2012-11-05 19:19:35 | 000,001,591 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk [2012-11-02 19:28:14 | 683,897,592 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\javaw 2012-11-02 19-25-52-65.avi [2012-10-31 16:04:25 | 000,500,254 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-10-31 16:04:25 | 000,441,470 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-10-31 16:04:25 | 000,088,724 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-10-31 16:04:25 | 000,070,068 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-10-27 11:05:57 | 000,031,465 | ---- | M] () -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\funmoods.crx [2012-10-26 19:57:24 | 000,000,697 | ---- | M] () -- C:\Documents and Settings\ARF\Menu Start\Programy\Autostart\UniSpiker-2.6.lnk [2012-10-21 18:49:37 | 005,435,392 | ---- | M] () -- C:\Documents and Settings\ARF\Pulpit\capture-1.camrec [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-12-19 18:23:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\NEI.dat [2012-12-18 20:56:58 | 000,019,149 | ---- | C] () -- C:\Documents and Settings\ARF\.recently-used.xbel [2012-12-14 16:44:58 | 000,000,856 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Photoshop CS3.lnk [2012-12-14 16:41:52 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Stock Photos CS3.lnk [2012-12-14 16:40:23 | 000,001,100 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe ExtendScript Toolkit 2.lnk [2012-12-14 16:40:07 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Device Central CS3.lnk [2012-12-14 16:37:53 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Bridge CS3.lnk [2012-12-11 20:13:16 | 000,006,296 | R--- | C] () -- C:\Documents and Settings\ARF\Pulpit\pldecal.wad [2012-12-11 20:13:10 | 000,006,296 | R--- | C] () -- C:\Documents and Settings\ARF\Pulpit\tempdecal.wad [2012-12-05 17:17:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\TSClame_acm.xml [2012-12-05 15:38:41 | 001,021,426 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\Untitled_First_Frame.png [2012-12-05 15:31:13 | 1518,266,648 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\javaw 2012-12-05 15-31-13-45.avi [2012-12-05 07:36:07 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Camtasia Studio 8.lnk [2012-12-04 22:20:48 | 256,275,456 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\camtasia.msi [2012-12-04 20:29:41 | 000,007,989 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\pobrane (3).jpg [2012-12-04 20:28:43 | 000,007,989 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\pobrane (1).jpg [2012-12-04 20:27:31 | 000,001,920 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\pobrane.jpg [2012-12-04 20:27:06 | 000,007,913 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\pobrane (2).jpg [2012-12-04 15:09:28 | 004,032,966 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\bez tytułu.bmp [2012-12-02 22:15:53 | 001,142,084 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\by FIlipek [2012-12-02 22:06:43 | 000,000,043 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\pixel-vfl3z5WfW.gif [2012-12-02 19:09:50 | 000,090,382 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\ filip.rar [2012-12-02 19:09:13 | 000,157,702 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\filip.c4d [2012-12-02 19:04:39 | 000,016,673 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\filip.obj [2012-12-02 18:56:01 | 000,003,254 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\sketch (38).PNG [2012-12-02 17:18:22 | 000,006,280 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\images.jpg [2012-12-02 12:36:51 | 859,481,016 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\javaw 2012-12-02 12-36-52-10.avi [2012-12-02 11:03:46 | 000,070,015 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\skierman yt .jpg [2012-12-02 10:44:11 | 000,154,574 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\Bez nazwy 4.c4d [2012-12-02 10:42:52 | 000,154,324 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\Bez nazwy 1.c4d [2012-12-02 10:22:10 | 000,000,806 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\CINEMA 4D.lnk [2012-12-02 09:51:27 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PowerISO.lnk [2012-12-01 22:24:42 | 000,028,883 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\gui.png [2012-12-01 21:18:59 | 000,806,832 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\mrfilipek.jpg [2012-12-01 19:52:17 | 000,275,599 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\ filip.jpg [2012-11-27 20:15:11 | 000,507,371 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\2012-11-27_20.15.11.png [2012-11-26 18:05:21 | 003,592,376 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\gta_sa 2012-11-26 18-05-21-75.avi [2012-11-26 17:29:07 | 001,410,792 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\javaw 2012-11-26 17-29-07-65.avi [2012-11-26 17:27:13 | 000,328,579 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\OptiFine_1.4.5_HD_U_D3.zip [2012-11-20 18:27:29 | 000,000,551 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Fraps.lnk [2012-11-17 20:33:41 | 000,136,399 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\new youtube template by Filipek.jpg [2012-11-17 20:32:56 | 008,149,863 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\new youtube template by Filipek.psd [2012-11-17 20:31:30 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\sadsa [2012-11-17 20:11:02 | 012,485,818 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\new youtube template by volts.psd [2012-11-17 19:49:28 | 000,014,179 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\arctic.gif [2012-11-17 19:47:42 | 000,260,489 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\layout4faronekpl.jpg [2012-11-14 16:55:52 | 001,393,941 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\skierman.jpg [2012-11-14 16:32:08 | 001,543,777 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\new youtube partner template by volts.jpg [2012-11-14 16:10:55 | 000,175,078 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\11_obraz.jpg [2012-11-05 19:19:34 | 000,001,591 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk [2012-11-02 19:25:52 | 683,897,592 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\javaw 2012-11-02 19-25-52-65.avi [2012-10-27 11:06:14 | 000,031,465 | ---- | C] () -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\funmoods.crx [2012-10-26 19:57:24 | 000,000,697 | ---- | C] () -- C:\Documents and Settings\ARF\Menu Start\Programy\Autostart\UniSpiker-2.6.lnk [2012-10-21 18:49:37 | 005,435,392 | ---- | C] () -- C:\Documents and Settings\ARF\Pulpit\capture-1.camrec [2012-10-21 09:34:30 | 001,008,496 | ---- | C] () -- C:\WINDOWS\System32\dmwu.exe [2012-10-21 09:34:30 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ImHttpComm.dll [2012-10-15 07:03:17 | 000,941,975 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-789336058-1958367476-1606980848-1002-0.dat [2012-10-15 07:03:17 | 000,338,070 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2012-07-16 10:48:09 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-03-18 11:45:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\javaw 2012-03-18 11-40-44-210.avi [2012-03-01 22:16:36 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Counter-Strike 1.6 PL DAKO 2.012 [2012-02-26 10:30:49 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2012-02-24 18:26:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Filipek.rar [2012-02-24 18:12:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Bez nazwy.xcf [2012-02-23 16:23:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\2012-02-23_16.20.39.png [2012-02-23 16:16:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\2012-02-23_16.13.27.png [2012-02-23 15:58:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\2012-02-23_15.55.51.png [2012-02-23 15:24:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\2012-02-23_15.20.39.png [2012-02-23 15:24:01 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\2012-02-23_15.20.43.png [2012-02-23 15:23:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\2012-02-23_15.20.48.png [2012-02-23 15:03:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Sonic the Hedgehog.lnk [2012-02-23 14:53:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\2012-02-23_14.48.30.png [2012-02-23 14:25:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\minecraft.jar [2012-02-23 14:17:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\2012-02-23_14.13.59.png [2012-02-23 14:17:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\2012-02-23_14.14.54.png [2012-02-23 14:13:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\2012-02-23_14.10.34.png [2012-02-23 14:11:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\2012-02-23_14.08.15.png [2012-02-23 14:06:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\2012-02-23_14.00.25.png [2012-02-20 19:28:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\bodek [2012-02-20 19:25:30 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\ScanSoft PaperPort 11 [2012-02-20 19:24:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\ZDIECIA [2012-02-20 19:24:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\cmtutool.exe [2012-02-20 19:24:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Super Simple Wall v4.8 [2012-02-20 19:24:21 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\TOKYO DRiFT V1.0 [2012-02-20 19:24:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\sXe Wallhack v2.0.dll [2012-02-20 19:24:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\sXe Wallhack v2.0.exe [2012-02-20 19:20:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Skype.lnk [2012-02-20 19:20:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Call of Duty Modern Warfare 3 - Multiplayer.url [2012-02-17 09:18:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\MultiplayerMinecraft.pl.lnk [2012-02-16 12:18:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\hard.png [2011-12-25 22:29:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Counter_Strike_Source_v61__17_maja_2011_ _Wiele_jezykow_[stabilna]_[ENG][Torrenty.org].torrent [2011-12-24 14:06:20 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\cake.zip [2011-12-24 14:05:44 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Counter-Strike [2011-12-24 14:03:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\file.png [2011-12-24 14:03:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\fileDownload.png [2011-12-22 20:37:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\couter-strike 1.6 [2011-12-11 19:10:10 | 000,000,078 | ---- | C] () -- C:\Documents and Settings\ARF\Fighter FX 7.rar [2011-12-11 09:36:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Fighter FX 7.2 [2011-12-07 16:48:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\opengl32.dll [2011-12-07 16:48:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\dm.exe [2011-12-07 15:52:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\aimbot.dll [2011-12-07 15:52:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\aimbot.exe [2011-12-07 15:52:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\aimbot.ini [2011-12-07 15:12:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\silent aim.rar [2011-11-27 15:34:07 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\ARF\plugins.ini [2011-11-27 15:33:16 | 000,007,237 | ---- | C] () -- C:\Documents and Settings\ARF\GHW_Weapon_Replacement.sma [2011-11-27 15:31:57 | 000,011,669 | ---- | C] () -- C:\Documents and Settings\ARF\GHW_Weapon_Replacement.amxx [2011-11-02 19:05:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\tempdecal.wad [2011-11-02 17:55:32 | 000,001,708 | ---- | C] () -- C:\WINDOWS\System32\SpeedCrunch.ini [2011-09-22 13:59:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Zdjęcie0064.jpg [2011-09-19 08:07:46 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll [2011-09-19 08:07:32 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll [2011-09-11 07:27:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Half-Life.lnk [2011-09-11 07:25:44 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Counter-Strike.lnk [2011-09-05 13:33:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Minecraft_1.7.3_www.games-bot.pl.rar [2011-09-05 13:32:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\bin [2011-09-05 13:32:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\.minecraft [2011-08-08 18:37:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\IMG_0083.JPG [2011-05-28 20:14:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\cs16full_v23b_v2_5.exe [2011-05-12 20:58:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\board.zip [2011-04-17 07:06:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\The_Corre_(End_Of_Days).mp3 [2011-04-16 20:04:31 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\unins000.exe [2011-04-16 09:02:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\icytower1.4 [2011-04-16 09:00:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Hooligans.lnk [2011-04-14 21:01:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\XPK [2011-04-14 21:01:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\WWE Impact X 2010 [2011-04-11 21:14:24 | 000,002,580 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin [2011-04-11 21:12:04 | 000,286,208 | ---- | C] () -- C:\WINDOWS\System32\binkw32.dll [2011-04-03 19:07:59 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ARF\Character Map.lnk [2011-03-27 17:27:04 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-05 18:48:22 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\ARF\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-12-05 01:25:54 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\ARF\Dane aplikacji\prio.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2010-12-05 01:14:24 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009-11-28 00:22:53 | 001,509,888 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-11-28 00:22:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2009-11-28 13:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent [2010-12-05 01:21:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Xentient [2012-12-02 17:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search [2011-12-15 14:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess [2010-12-05 21:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited [2012-09-13 19:38:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2011-10-17 18:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-12-07 17:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-12-05 01:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Finder Bar [2010-12-08 19:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2012-10-27 14:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallMate [2010-12-08 19:29:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2012-12-05 07:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MTA San Andreas All [2012-07-12 15:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2012-10-27 11:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Premium [2012-12-05 07:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith [2011-02-27 11:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited [2012-07-09 08:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\wxDfast [2012-09-14 16:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WxDFastUpdater [2012-12-19 21:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\.minecraft [2012-12-01 21:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\.techniclauncher [2012-12-15 18:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\AIMP [2012-12-02 09:51:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\AVG Secure Search [2012-01-08 20:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\Avnex [2012-12-02 16:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\Azureus [2012-02-06 10:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\BANDISOFT [2010-12-05 21:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\Canneverbe_Limited [2010-12-07 17:14:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\ESET [2010-12-05 01:22:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\Finder Bar [2009-11-10 16:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\FindeXer [2012-07-30 21:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\FreeScreenToVideo [2012-03-02 15:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\Gadu-Gadu 10 [2011-11-27 13:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\GHISLER [2012-12-02 12:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\gtk-2.0 [2012-10-21 14:00:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\Incredibar.com [2012-07-30 07:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\ipla [2011-06-08 19:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\Leadertech [2011-05-30 11:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\LEGO Company [2012-12-02 10:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\MAXON [2012-10-26 18:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\Minecraft Skin Viewer [2011-05-29 17:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\Mount&Blade [2010-12-21 16:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\OpenFM [2012-02-19 10:52:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\Plus Internet [2012-12-02 09:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\PowerISO [2011-11-26 16:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\Przyspiesz Komputer [2010-12-08 19:29:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\RDRM [2011-11-26 16:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\RegistryKeys [2011-12-14 21:39:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\searchquband [2011-12-16 18:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\searchqutoolbar [2012-02-26 10:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\TeamViewer [2012-10-15 06:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\TechSmith [2011-12-12 16:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\TS3Client [2012-11-02 18:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\uTorrent [2010-12-05 01:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ARF\Dane aplikacji\Xentient [2009-09-17 21:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\AIMP [2010-12-05 01:22:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\Finder Bar [2009-11-10 16:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\FindeXer [2009-11-28 13:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\uTorrent [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 40 bytes -> C:\Documents and Settings\ARF\Dane aplikacji:NT < End of report >