OTL logfile created on: 2013-02-04 00:26:34 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Roman\Pulpit\R_KIT Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,50 Gb Total Physical Memory | 2,68 Gb Available Physical Memory | 76,66% Memory free 3,34 Gb Paging File | 2,74 Gb Available in Paging File | 82,15% Paging File free Paging file location(s): [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 439,45 Gb Total Space | 21,03 Gb Free Space | 4,79% Space Free | Partition Type: NTFS Drive E: | 1423,56 Gb Total Space | 1172,75 Gb Free Space | 82,38% Space Free | Partition Type: NTFS Computer Name: ROMAN-A8 | User Name: Roman | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-01-27 11:46:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roman\Pulpit\R_KIT\OTL.exe PRC - [2013-01-24 23:43:03 | 002,319,504 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2013-01-24 23:42:39 | 000,404,688 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe PRC - [2013-01-24 12:52:00 | 002,074,256 | ---- | M] () -- C:\Program Files\Comodo\Dragon\dragon_updater.exe PRC - [2013-01-17 07:48:50 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files\Common Files\Comodo\launcher_service.exe PRC - [2013-01-15 09:59:28 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe PRC - [2013-01-12 03:27:33 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2011-09-19 15:58:26 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe PRC - [2011-08-10 20:35:20 | 000,227,184 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe PRC - [2011-08-08 23:11:06 | 000,681,840 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe PRC - [2009-09-17 05:14:47 | 000,153,608 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe PRC - [2009-09-10 14:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2007-10-08 09:27:04 | 000,072,240 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-tray.exe PRC - [2007-10-08 09:26:38 | 000,055,856 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\hqtray.exe PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007-01-01 06:56:00 | 000,852,176 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\Totalcmd\TOTALCMD.EXE PRC - [2006-11-13 14:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~1\MICROS~1\rapimgr.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-01-24 12:52:00 | 002,074,256 | ---- | M] () -- C:\Program Files\Comodo\Dragon\dragon_updater.exe MOD - [2012-03-08 23:32:04 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011-09-19 15:59:14 | 000,465,632 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\sqlite3.dll MOD - [2011-09-19 15:57:58 | 000,034,128 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\NFileCacheDBAccess.dll MOD - [2011-09-19 15:57:48 | 000,045,368 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\NAdvLog.dll MOD - [2011-09-19 15:57:28 | 000,128,336 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\LiveupdateTactics.dll MOD - [2011-09-19 15:57:04 | 000,023,872 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\DbAccess.dll MOD - [2011-08-10 20:35:20 | 000,227,184 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe MOD - [2011-08-08 23:11:06 | 000,681,840 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe MOD - [2011-01-09 12:52:54 | 011,791,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll MOD - [2011-01-09 12:52:48 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3736ba3ecac186f9c5d85f01bda2be98\System.Runtime.Remoting.ni.dll MOD - [2011-01-09 12:52:17 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c2af7cfbb47c077029a2645930b4eeac\Accessibility.ni.dll MOD - [2011-01-09 12:52:15 | 012,428,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll MOD - [2011-01-09 12:52:06 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll MOD - [2011-01-09 12:51:29 | 005,449,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll MOD - [2011-01-09 12:51:20 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll MOD - [2011-01-09 12:51:12 | 007,867,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll MOD - [2011-01-09 12:45:59 | 011,485,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll MOD - [2010-03-16 11:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll MOD - [2007-10-08 09:27:16 | 000,970,288 | ---- | M] () -- C:\Program Files\VMware\VMware Workstation\libxml2.dll MOD - [2007-10-08 09:26:48 | 000,080,432 | ---- | M] () -- C:\Program Files\VMware\VMware Workstation\zlib1.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\system32\Opcenum.exe -- (OpcEnum) SRV - File not found [Disabled | Stopped] -- -- (MSDTC) SRV - File not found [Disabled | Stopped] -- -- (Iomega Activity Disk2) SRV - [2013-01-24 23:43:03 | 002,319,504 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2013-01-24 23:42:41 | 000,127,184 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth) SRV - [2013-01-24 12:52:00 | 002,074,256 | ---- | M] () [Auto | Running] -- C:\Program Files\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater) SRV - [2013-01-17 07:48:50 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files\Common Files\Comodo\launcher_service.exe -- (CLPSLauncher) SRV - [2013-01-15 09:59:28 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe -- (GeekBuddyRSP) SRV - [2013-01-12 03:27:33 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-01-04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011-11-07 18:42:49 | 000,073,728 | ---- | M] (Iomega Corporation) [Disabled | Stopped] -- C:\PROGRA~1\Iomega\System32\AppServices.exe -- (Iomega App Services) SRV - [2011-09-19 15:58:26 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService) SRV - [2011-08-10 20:35:20 | 000,227,184 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper) SRV - [2010-11-19 00:09:20 | 000,072,704 | ---- | M] (Autodata Limited) [Disabled | Stopped] -- C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe -- (Autodata Limited License Service) SRV - [2007-10-08 09:26:52 | 000,150,064 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\WINDOWS\System32\vmnat.exe -- (VMware NAT Service) SRV - [2007-10-08 09:26:50 | 000,121,392 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\WINDOWS\System32\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2007-10-08 09:26:28 | 000,109,104 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService) SRV - [2007-08-07 12:34:56 | 000,186,928 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60) SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2007-03-23 10:02:52 | 000,269,104 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe -- (vmount2) SRV - [2006-11-02 19:40:12 | 000,174,656 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\siusbmod.sys -- (siusbmod) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Roman\USTAWI~1\Temp\GPU-Z.sys -- (GPU-Z) DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\GenericMount.sys -- (GenericMount) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\e4usbaw.sys -- (e4usbaw) DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\AmdLLD.sys -- (AmdLLD) DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\AmdK8.sys -- (AmdK8) DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Roman\USTAWI~1\Temp\agrorpow.sys -- (agrorpow) DRV - File not found [Kernel | Unavailable | Unknown] -- globalroot\C:\WINDOWS\system32\drivers\100599.sys -- (100599) DRV - [2013-02-03 23:33:14 | 000,035,144 | ---- | M] () [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mbamchameleon.sys -- (mbamchameleon) DRV - [2013-01-16 20:51:55 | 000,098,752 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect) DRV - [2013-01-16 20:51:55 | 000,032,824 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\System32\DRIVERS\cmdhlp.sys -- (cmdHlp) DRV - [2013-01-16 20:51:54 | 000,586,728 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\System32\DRIVERS\cmdguard.sys -- (cmdGuard) DRV - [2013-01-16 20:51:53 | 000,018,536 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\System32\DRIVERS\cmderd.sys -- (cmderd) DRV - [2012-12-04 09:41:28 | 000,036,112 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Running] -- C:\WINDOWS\System32\DRIVERS\CFRMD.sys -- (CFRMD) DRV - [2012-09-12 07:49:36 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2012-03-09 07:22:00 | 007,586,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag) DRV - [2012-02-23 19:15:12 | 000,078,648 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\WINDOWS\System32\DRIVERS\WibuKey.sys -- (WIBUKEY) DRV - [2011-12-20 08:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\AtihdXP3.sys -- (AtiHDAudioService) DRV - [2011-11-01 10:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2011-11-01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2011-11-01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev) DRV - [2011-11-01 10:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2011-09-08 19:52:33 | 000,443,448 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2011-04-04 14:55:38 | 000,020,480 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\motccgp.sys -- (motccgp) DRV - [2011-03-31 14:53:22 | 000,024,064 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\motmodem.sys -- (motmodem) DRV - [2011-02-07 17:36:00 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\motusbdevice.sys -- (motusbdevice) DRV - [2010-12-26 00:31:15 | 000,002,208 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\nxsIO32.sys -- (nxsIO32) DRV - [2010-11-09 14:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\cpuz135_x32.sys -- (cpuz135) DRV - [2010-04-01 14:31:50 | 000,023,424 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\Motousbnet.sys -- (Motousbnet) DRV - [2009-10-22 12:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\06103692.sys -- (06103692) DRV - [2009-10-09 22:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\0610369.sys -- (Kaspersky_VRTdrv) DRV - [2009-09-25 16:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\06103691.sys -- (06103691) DRV - [2009-09-11 20:48:04 | 000,066,056 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2009-09-11 20:47:54 | 000,014,984 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2009-09-11 20:47:42 | 000,031,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\WmHidLo.sys -- (WmHidLo) DRV - [2009-09-11 20:47:32 | 000,035,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\WmFilter.sys -- (WmFilter) DRV - [2009-09-11 20:47:22 | 000,022,792 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2009-09-10 14:45:00 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3132r5.sys -- (Si3132r5) DRV - [2009-09-10 14:45:00 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3531.sys -- (Si3531) DRV - [2009-09-10 14:45:00 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\Si3114r5.sys -- (Si3114r5) DRV - [2009-09-10 14:45:00 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus) DRV - [2009-09-10 14:45:00 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3132.sys -- (Si3132) DRV - [2009-09-10 14:45:00 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3124.sys -- (Si3124) DRV - [2009-09-10 14:45:00 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2009-08-22 19:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys -- (RivaTuner32) DRV - [2009-07-10 13:01:06 | 000,025,856 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\motoandroid.sys -- (motandroidusb) DRV - [2009-06-29 12:59:14 | 000,142,592 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp) DRV - [2009-06-25 07:07:44 | 005,095,936 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2009-06-25 07:07:40 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-06-25 07:07:40 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-01-29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\motccgpfl.sys -- (motccgpfl) DRV - [2009-01-29 17:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\motfilt.sys -- (BTCFilterService) DRV - [2008-09-26 17:06:24 | 000,129,824 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\Uim_IM.sys -- (Uim_IM) DRV - [2008-09-26 17:06:24 | 000,032,048 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\System32\DRIVERS\UimBus.sys -- (UimBus) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-08-25 16:48:18 | 000,040,496 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\hotcore3.sys -- (hotcore3) DRV - [2007-11-02 15:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\motswch.sys -- (MotoSwitchService) DRV - [2007-10-08 09:27:34 | 000,924,976 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\vmx86.sys -- (vmx86) DRV - [2007-10-08 09:27:34 | 000,034,864 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\hcmon.sys -- (hcmon) DRV - [2007-10-08 09:27:32 | 000,025,008 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\vmnetuserif.sys -- (VMnetuserif) DRV - [2007-10-08 09:27:30 | 000,020,912 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\VMkbd.sys -- (vmkbd2) DRV - [2007-10-08 09:27:02 | 000,015,920 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\VMparport.sys -- (VMparport) DRV - [2007-10-08 09:26:06 | 000,028,592 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\DRIVERS\vmnetbridge.sys -- (VMnetBridge) DRV - [2007-10-08 09:26:06 | 000,016,816 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter) DRV - [2007-08-07 12:33:54 | 000,019,248 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60) DRV - [2007-05-01 22:51:02 | 000,030,768 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\vmusb.sys -- (vmusb) DRV - [2007-03-23 10:03:00 | 000,018,480 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys -- (vstor2) DRV - [2006-11-23 17:11:40 | 004,025,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM) DRV - [2006-03-27 00:51:14 | 000,030,820 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\hotcore.sys -- (hotcore) DRV - [2005-11-30 17:12:22 | 000,029,440 | ---- | M] (Siemens AG) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\actser.sys -- (actser) DRV - [2005-11-30 17:12:20 | 000,047,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\vserial.sys -- (vserial) DRV - [2005-11-30 17:12:20 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\vsb.sys -- (vsbus) DRV - [2005-09-30 12:52:22 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys -- (nvnetbus) DRV - [2005-09-30 12:52:20 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys -- (NVENETFD) DRV - [2005-08-18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nvata.sys -- (nvata) DRV - [2005-07-28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\hardlock.sys -- (Hardlock) DRV - [2005-04-04 11:36:52 | 000,009,887 | ---- | M] (Ken Kato) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Roman\Pulpit\temp\thinkpad\pendrive\vfd\vfd.sys -- (VirtualFD) DRV - [2004-08-14 01:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor) DRV - [2004-08-09 12:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004-08-09 12:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004-07-19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1) DRV - [2003-12-01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2002-09-16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv) DRV - [2002-09-04 14:11:08 | 000,030,258 | ---- | M] (Iomega Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\iomdisk.sys -- (iomdisk) DRV - [2002-07-17 08:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 64.79.72.50:3128 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012-02-24 10:10:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-02-24 10:10:38 | 000,000,000 | ---D | M] [2010-12-10 12:04:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Roman\Dane aplikacji\Mozilla\Extensions [2012-05-20 08:51:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions O1 HOSTS File: ([2012-12-29 11:53:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO) O4 - HKLM..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup File not found O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Workstation\hqtray.exe (VMware, Inc.) O4 - HKLM..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.) O4 - HKLM..\RunOnce: [Z1] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\Roman\Menu Start\Programy\Autostart\AutorunsDisabled [2011-02-10 22:05:29 | 000,000,000 | -H-D | M] O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Domains: mks.com.pl ([www] http in Trusted sites) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28354C7D-CFFC-419F-811F-688F72D1C507}: DhcpNameServer = 194.204.159.1 194.204.152.34 O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found O18 - Protocol\Handler\AutorunsDisabled\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O29 - HKLM SecurityProviders - (msdhwadaq.dll) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007-10-21 11:32:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (sprestrt) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2029-09-07 12:31:38 | 000,028,714 | ---- | C] (EMC Software GmbH) -- C:\WINDOWS\System32\codec.dat [2013-02-04 00:20:27 | 011,034,808 | ---- | C] (OPSWAT, Inc.) -- C:\Documents and Settings\Roman\Pulpit\AppRemover.exe [2013-02-03 23:51:52 | 000,000,000 | ---D | C] -- C:\ComboFix [2013-02-03 23:51:35 | 000,000,000 | ---D | C] -- C:\Qoobox [2013-02-03 23:50:39 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW [2013-02-03 23:50:30 | 005,027,618 | R--- | C] (Swearware) -- C:\Documents and Settings\Roman\Pulpit\ComboFix.exe [2013-01-31 21:27:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013-01-31 21:17:25 | 000,000,000 | -H-D | C] -- C:\VTRoot [2013-01-31 21:00:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\COMODO [2013-01-31 21:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Comodo [2013-01-31 20:18:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\COMODO [2013-01-31 20:17:28 | 000,047,368 | ---- | C] (COMODO CA Limited) -- C:\WINDOWS\System32\certsentry.dll [2013-01-31 20:14:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Shared Space [2013-01-31 20:12:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\COMODO [2013-01-31 20:12:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\GeekBuddyRSP [2013-01-31 20:11:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Comodo [2013-01-31 20:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Ustawienia lokalne\Dane aplikacji\COMODO [2013-01-31 20:11:18 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo [2013-01-31 20:11:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Comodo Downloader [2013-01-31 19:16:09 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2013-01-31 19:13:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Dane aplikacji\Apple Computer [2013-01-31 11:24:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CardRecoveryPro [2013-01-31 11:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\CardRecoveryPro [2013-01-30 20:31:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\MiniTool Power Data Recovery 6.6 [2013-01-30 20:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\PowerDataRecovery [2013-01-29 22:23:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2013-01-29 22:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2013-01-29 22:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2013-01-29 22:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple [2013-01-29 19:07:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Ustawienia lokalne\Dane aplikacji\ChomikBox [2013-01-29 19:07:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Chomikuj.pl [2013-01-29 19:07:20 | 000,000,000 | ---D | C] -- C:\Program Files\ChomikBox [2013-01-27 18:28:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Dane aplikacji\PIE [2013-01-27 15:10:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CyberViewX_MF [2013-01-27 14:40:11 | 000,000,000 | ---D | C] -- C:\VueScan [2013-01-27 13:57:48 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2013-01-27 10:07:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Pulpit\R_KIT [2013-01-26 19:54:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Dane aplikacji\Lasersoft Imaging [2013-01-26 19:54:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Menu Start\Programy\LaserSoft Imaging [2013-01-26 19:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\SilverFast Application [2013-01-24 21:15:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GAMMA [2013-01-24 21:15:37 | 001,674,752 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\KDSOUT.DLL [2013-01-24 21:15:37 | 000,284,672 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\SPROF32.DLL [2013-01-24 21:15:37 | 000,269,312 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\KDSINPUT.DLL [2013-01-24 21:15:37 | 000,165,376 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\KPCP32.DLL [2013-01-24 21:15:37 | 000,104,448 | ---- | C] (Aldus Corporation\0) -- C:\WINDOWS\TWAIN32.DLL [2013-01-24 21:15:37 | 000,039,936 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\KPSYS32.DLL [2013-01-24 21:15:37 | 000,022,528 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\PFPICK.DLL [2013-01-24 21:15:36 | 000,020,992 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\ICCCODES.DLL [2013-01-24 21:15:36 | 000,018,432 | ---- | C] (Eastman Kodak Company) -- C:\WINDOWS\KCM2SP.DLL [2013-01-23 20:42:24 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013-01-23 20:42:24 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013-01-23 20:42:24 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013-01-23 20:40:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Ustawienia lokalne\Dane aplikacji\Sun [2013-01-23 14:10:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Pulpit\Pianos [2013-01-15 22:19:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple [2013-01-11 14:20:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Ustawienia lokalne\Dane aplikacji\Graphisoft [2013-01-11 14:20:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Graphisoft [2013-01-11 14:20:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Dane aplikacji\Graphisoft [2013-01-11 14:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\Graphisoft [2013-01-11 12:22:43 | 000,000,000 | ---D | C] -- C:\Program Files\Everything [2013-01-11 11:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Moje dokumenty\BIMx [2013-01-10 16:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools [2013-01-10 16:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2013-01-07 17:12:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Pulpit\Tom [2013-01-07 00:12:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\SDFormatter [2013-01-07 00:12:20 | 000,000,000 | ---D | C] -- C:\Program Files\SDA [2013-01-06 22:48:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Dane aplikacji\vlc [2013-01-06 22:42:48 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2011-12-11 20:38:15 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Roman\Dane aplikacji\pcouffin.sys [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2029-09-07 12:31:38 | 000,028,714 | ---- | M] (EMC Software GmbH) -- C:\WINDOWS\System32\codec.dat [2013-02-04 00:29:40 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat [2013-02-04 00:20:53 | 000,000,009 | ---- | M] () -- C:\END [2013-02-04 00:20:13 | 011,034,808 | ---- | M] (OPSWAT, Inc.) -- C:\Documents and Settings\Roman\Pulpit\AppRemover.exe [2013-02-04 00:07:34 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job [2013-02-04 00:02:42 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job [2013-02-03 23:51:53 | 000,000,332 | ---- | M] () -- C:\Start_.cmd [2013-02-03 23:50:16 | 000,003,041 | ---- | M] () -- C:\WINDOWS\WINCMD.INI [2013-02-03 23:35:56 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job [2013-02-03 23:33:14 | 000,035,144 | ---- | M] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [2013-02-03 23:30:01 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job [2013-02-03 23:29:54 | 008,405,015 | ---- | M] () -- C:\WINDOWS\TempFile [2013-02-03 23:29:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-02-03 23:29:42 | 3756,511,232 | -HS- | M] () -- C:\hiberfil.sys [2013-02-03 23:08:40 | 000,003,036 | -HS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys [2013-02-03 23:00:31 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-02-03 18:56:44 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{47A5D7D1-9884-4661-B9A5-9871E6CFC42B}.job [2013-02-03 18:43:46 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2013-02-03 18:43:40 | 000,161,792 | ---- | M] () -- C:\Documents and Settings\Roman\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-01-31 22:28:53 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\Roman\Pulpit\HiJackThis.lnk [2013-01-31 21:31:57 | 000,070,630 | ---- | M] () -- C:\WINDOWS\System32\drivers\fvstore.dat [2013-01-31 20:56:11 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\COMODO Internet Security.lnk [2013-01-31 20:17:28 | 000,047,368 | ---- | M] (COMODO CA Limited) -- C:\WINDOWS\System32\certsentry.dll [2013-01-31 19:27:34 | 013,562,257 | ---- | M] () -- C:\Documents and Settings\Roman\Pulpit\mbar-1.01.0.1017.zip [2013-01-30 21:56:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013-01-27 15:01:12 | 000,000,000 | ---- | M] () -- C:\WINDOWS\cddcf.dll [2013-01-27 14:40:14 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Roman\Pulpit\VueScan.lnk [2013-01-27 11:13:45 | 005,027,618 | R--- | M] (Swearware) -- C:\Documents and Settings\Roman\Pulpit\ComboFix.exe [2013-01-27 11:03:30 | 002,122,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-01-27 00:48:40 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Roman\Pulpit\MBR.dat [2013-01-26 19:54:59 | 000,020,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\M33KI [2013-01-24 23:43:01 | 000,035,488 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdcsr.dll [2013-01-24 23:43:00 | 000,354,752 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll [2013-01-24 23:42:49 | 000,263,888 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdvrt32.dll [2013-01-24 23:42:48 | 000,040,656 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdkbd32.dll [2013-01-17 22:22:18 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Roman\Pulpit\Skrót do Everything.lnk [2013-01-17 22:14:46 | 000,000,008 | RHS- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\9FF9286AAB.sys [2013-01-16 20:51:55 | 000,098,752 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys [2013-01-16 20:51:55 | 000,032,824 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys [2013-01-16 20:51:54 | 000,586,728 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys [2013-01-16 20:51:53 | 000,018,536 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmderd.sys [2013-01-13 22:58:05 | 117,606,657 | ---- | M] () -- C:\Documents and Settings\Roman\Pulpit\CLIPPER HAIRCUT AND BLENDING for an undecided client.flv [2013-01-12 03:30:20 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013-01-12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013-01-12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013-01-11 14:52:19 | 000,000,000 | ---- | M] () -- C:\WINDOWS\vpd.properties [2013-01-11 13:39:33 | 000,204,800 | ---- | M] () -- C:\WINDOWS\System32\WkWin32.dll [2013-01-11 12:21:40 | 000,341,811 | ---- | M] () -- C:\Documents and Settings\Roman\Pulpit\Everything-1.2.1.371.exe [2013-01-11 11:53:23 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013-01-11 11:53:21 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll [2013-01-11 11:53:21 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013-01-10 17:07:42 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash [2013-01-08 01:04:27 | 000,086,959 | ---- | M] () -- C:\Documents and Settings\Roman\Pulpit\comparison.pdf [2013-01-07 14:24:06 | 752,998,906 | ---- | M] () -- C:\Documents and Settings\Roman\Pulpit\TomTom_1.1.1.rar [2013-01-07 00:12:20 | 000,001,811 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SDFormatter.lnk [2013-01-06 22:45:06 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\VLC media player.lnk [2013-01-06 20:17:33 | 000,227,013 | ---- | M] () -- C:\Documents and Settings\Roman\Pulpit\R014.exe [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-02-04 00:20:33 | 000,000,009 | ---- | C] () -- C:\END [2013-02-03 23:51:53 | 000,000,332 | ---- | C] () -- C:\Start_.cmd [2013-02-03 23:33:14 | 000,035,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [2013-02-01 09:19:14 | 3756,511,232 | -HS- | C] () -- C:\hiberfil.sys [2013-01-31 21:31:57 | 000,070,630 | ---- | C] () -- C:\WINDOWS\System32\drivers\fvstore.dat [2013-01-31 20:16:57 | 000,000,440 | ---- | C] () -- C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job [2013-01-31 20:16:55 | 000,000,440 | ---- | C] () -- C:\WINDOWS\tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job [2013-01-31 20:16:55 | 000,000,440 | ---- | C] () -- C:\WINDOWS\tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job [2013-01-31 20:16:52 | 000,000,440 | ---- | C] () -- C:\WINDOWS\tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job [2013-01-31 20:14:10 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\COMODO Internet Security.lnk [2013-01-31 19:27:18 | 013,562,257 | ---- | C] () -- C:\Documents and Settings\Roman\Pulpit\mbar-1.01.0.1017.zip [2013-01-27 15:10:37 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\PF1800U.dll [2013-01-27 15:01:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\cddcf.dll [2013-01-27 14:40:14 | 000,000,618 | ---- | C] () -- C:\Documents and Settings\Roman\Pulpit\VueScan.lnk [2013-01-27 00:48:40 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Roman\Pulpit\MBR.dat [2013-01-26 19:54:59 | 000,020,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\M33KI [2013-01-24 21:15:41 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\Pdice.Dll [2013-01-24 21:15:41 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\PWiaExt.dll [2013-01-17 22:22:18 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Roman\Pulpit\Skrót do Everything.lnk [2013-01-17 22:14:46 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\9FF9286AAB.sys [2013-01-13 22:45:03 | 117,606,657 | ---- | C] () -- C:\Documents and Settings\Roman\Pulpit\CLIPPER HAIRCUT AND BLENDING for an undecided client.flv [2013-01-11 14:14:23 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013-01-11 14:14:19 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Apple Software Update.lnk [2013-01-11 12:21:32 | 000,341,811 | ---- | C] () -- C:\Documents and Settings\Roman\Pulpit\Everything-1.2.1.371.exe [2013-01-11 11:33:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpd.properties [2013-01-08 01:04:27 | 000,086,959 | ---- | C] () -- C:\Documents and Settings\Roman\Pulpit\comparison.pdf [2013-01-07 14:24:51 | 752,998,906 | ---- | C] () -- C:\Documents and Settings\Roman\Pulpit\TomTom_1.1.1.rar [2013-01-07 00:12:20 | 000,001,811 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\SDFormatter.lnk [2013-01-06 22:45:06 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\VLC media player.lnk [2013-01-06 20:17:33 | 000,227,013 | ---- | C] () -- C:\Documents and Settings\Roman\Pulpit\R014.exe [2012-12-29 13:16:38 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat [2012-12-19 17:49:58 | 000,037,607 | ---- | C] () -- C:\Program Files\Common Files\license.rtf [2012-12-19 17:49:58 | 000,008,046 | ---- | C] () -- C:\Program Files\Common Files\setupBanner.jpg [2012-11-28 19:26:39 | 000,023,148 | ---- | C] () -- C:\WINDOWS\aku.ini [2012-11-28 19:25:49 | 000,003,668 | ---- | C] () -- C:\WINDOWS\polonica.ini [2012-10-23 22:20:05 | 000,000,392 | ---- | C] () -- C:\WINDOWS\kpc3kmc.ini [2012-10-18 17:57:47 | 000,000,392 | ---- | C] () -- C:\WINDOWS\kpc3mc.ini [2012-10-18 17:57:47 | 000,000,108 | ---- | C] () -- C:\WINDOWS\kpc3med.ini [2012-10-18 17:57:43 | 000,000,003 | ---- | C] () -- C:\WINDOWS\kpc3mod.ini [2012-10-09 19:28:10 | 000,000,411 | ---- | C] () -- C:\WINDOWS\WinKalk.ini [2012-10-08 22:57:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\coder.ini [2012-08-07 22:10:19 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Roman\.recently-used.xbel [2012-05-15 22:20:53 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll [2012-04-22 12:43:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2012-04-22 12:43:20 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2012-04-22 12:43:19 | 000,601,728 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2012-04-22 12:43:19 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2012-02-24 23:54:02 | 000,038,479 | ---- | C] () -- C:\Documents and Settings\Roman\Dane aplikacji\Wartości rozdzielane tabulatorem (Windows).ADR [2012-02-24 23:36:39 | 000,038,471 | ---- | C] () -- C:\Documents and Settings\Roman\Dane aplikacji\Wartości rozdzielane przecinkiem (Windows).ADR [2012-02-23 19:24:48 | 000,057,552 | ---- | C] () -- C:\WINDOWS\System32\WkDos.exe [2012-02-23 19:24:41 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\WkWin32.dll [2011-12-11 20:43:49 | 000,000,103 | ---- | C] () -- C:\WINDOWS\pro.INI [2011-12-11 20:38:15 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Roman\Dane aplikacji\pcouffin.cat [2011-12-11 20:38:15 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Roman\Dane aplikacji\pcouffin.inf [2011-12-07 15:35:24 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2011-11-07 17:56:42 | 000,468,084 | ---- | C] () -- C:\WINDOWS\cluninst.exe [2011-11-07 17:55:03 | 000,000,098 | ---- | C] () -- C:\WINDOWS\etkinst.ini [2011-10-25 21:21:48 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll [2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OVDecoder.dll [2011-04-09 19:44:14 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-03-09 22:59:14 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll [2011-02-28 15:56:36 | 000,066,560 | ---- | C] () -- C:\Documents and Settings\Roman\4EFFA000 [2011-01-09 12:49:20 | 000,158,136 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-08-18 21:36:19 | 000,224,563 | ---- | C] () -- C:\Documents and Settings\Roman\Claas Mega Jaguar Lexion felgi obręcze (1182006391) - Aukcje internetowe Allegro.pdf [2010-08-05 21:08:09 | 000,227,767 | ---- | C] () -- C:\Documents and Settings\Roman\Opona Rolnicza 680_85R32 680_85_32 680_85-32 R32 (1133650344) - Aukcje internetowe Allegro.pdf [2010-06-21 07:57:02 | 000,368,273 | ---- | C] () -- C:\Documents and Settings\Roman\Mowa_ chwastów.pdf [2009-09-14 21:27:57 | 000,521,073 | ---- | C] () -- C:\Documents and Settings\Roman\CIĄGNIK URSUS C-330 - OGŁOSZENIA - OGŁOSZENIA CZĘSTOCHOWA - Autogielda.pdf [2009-09-08 20:29:10 | 000,567,161 | ---- | C] () -- C:\Documents and Settings\Roman\SILOS ZBOŻOWY POJEMNOŚĆ 150 TON ZG-200 OKAZJA! (736195934) - Aukcje internetowe Allegro.pdf [2009-06-08 21:00:07 | 000,003,036 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys [2008-04-30 17:39:36 | 000,161,792 | ---- | C] () -- C:\Documents and Settings\Roman\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-04-27 09:32:58 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Roman\Dane aplikacji\$_hpcst$.hpc [color=#E56717]========== ZeroAccess Check ==========[/color] [2008-10-05 20:17:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009-09-10 14:45:00 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-09-10 14:45:00 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-09-10 14:45:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2010-10-25 14:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodata Limited [2011-01-09 13:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2013-01-05 15:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2008-12-28 22:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Droppix [2010-12-18 19:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2010-12-18 19:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2012-08-12 21:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2012-02-23 21:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\JetWeb [2010-12-07 18:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2012-02-24 22:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Motorola [2012-02-24 22:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Motorola Media Link [2010-08-31 19:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2010-07-08 20:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache [2010-07-08 20:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2012-11-30 19:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PhotoME [2012-08-12 21:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RDRM [2013-01-31 20:14:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Shared Space [2011-12-01 19:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Solidshield [2013-01-11 00:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-04-08 21:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\vsosdk [2010-10-26 20:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3} [2012-09-23 14:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\.minecraft [2009-01-04 16:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Active Disk [2009-10-20 16:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Alawar [2012-12-25 20:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Anvil Studio [2011-12-09 19:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\AusLogics [2008-12-28 22:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Droppix [2013-02-03 23:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\foobar2000 [2013-01-11 14:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Graphisoft [2011-05-26 21:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\gtk-2.0 [2012-08-15 11:53:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\ipla [2013-01-27 18:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Lasersoft Imaging [2012-02-24 22:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\motorola [2012-12-01 21:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Netgear Live Parental Controls [2010-08-31 20:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Nokia [2010-08-31 20:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Nokia Ovi Suite [2012-04-08 09:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Nokia Suite [2013-01-28 17:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Opera [2010-07-08 20:25:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\PC Suite [2013-01-27 18:28:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\PIE [2012-06-12 14:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Raiffeisen.07A9D3CF8052C247FB390F65E7F19B8DDF8D21B9.1 [2012-01-24 09:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Unigraphics Solutions [2012-01-30 12:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Unity [2013-01-06 23:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\uTorrent [2011-12-11 20:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\Vso [2013-01-31 21:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Dane aplikacji\XCPCSync.OEM [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D1B5B4F1 < End of report >