[code] OTS logfile created on: 2011-05-03 11:44:59 - Run 1 OTS by OldTimer - Version 3.1.42.0 Folder = C:\Documents and Settings\michal burmer\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 022,00 Mb Total Physical Memory | 413,00 Mb Available Physical Memory | 40,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 110,78 Gb Total Space | 5,86 Gb Free Space | 5,29% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HET Current User Name: michal burmer Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\michal burmer\Moje dokumenty\Pobieranie\OTS.exe -> [2011-05-03 11:44:32 | 000,645,632 | ---- | M] (OldTimer Tools) firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2011-05-02 20:45:06 | 000,912,344 | ---- | M] (Mozilla Corporation) csrs.exe -> C:\Documents and Settings\All Users\csrs.exe -> [2011-05-02 14:35:29 | 000,339,968 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) allupdate.exe -> C:\Program Files\ALLPlayer\ALLUpdate.exe -> [2011-02-08 00:44:16 | 001,362,944 | ---- | M] () evteng.exe -> C:\Program Files\Intel\WiFi\bin\EvtEng.exe -> [2010-03-05 10:01:46 | 000,862,480 | ---- | M] (Intel(R) Corporation) s24evmon.exe -> C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -> [2010-03-05 09:54:20 | 000,954,368 | ---- | M] (Intel(R) Corporation) regsrvc.exe -> C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -> [2010-03-05 09:43:50 | 000,473,360 | ---- | M] (Intel(R) Corporation) ekrn.exe -> C:\Program Files\ESET\ESET Smart Security\ekrn.exe -> [2009-02-06 14:23:36 | 000,727,720 | ---- | M] (ESET) egui.exe -> C:\Program Files\ESET\ESET Smart Security\egui.exe -> [2009-02-06 14:23:12 | 002,021,400 | ---- | M] (ESET) explorer.exe -> C:\WINDOWS\explorer.exe -> [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) [Modules - Safe List] ots.exe -> C:\Documents and Settings\michal burmer\Moje dokumenty\Pobieranie\OTS.exe -> [2011-05-03 11:44:32 | 000,645,632 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll -> [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (testwrapper) Test Wrapper Sample Application [Disabled | Stopped] -> -> File not found (SQLWriter) SQL Server VSS Writer [Disabled | Stopped] -> -> File not found (SQLBrowser) SQL Server Browser [Disabled | Stopped] -> -> File not found (s7asysvx) S7 Global Services [Disabled | Stopped] -> -> File not found (MSSQLServerADHelper) SQL Server Active Directory Helper [Disabled | Stopped] -> -> File not found (MSSQL$WINCCFLEXEXPRESS) SQL Server (WINCCFLEXEXPRESS) [Disabled | Stopped] -> -> File not found (HidServ) Dostęp do urządzeń interfejsu HID [Disabled | Stopped] -> -> File not found (almservice) Automation License Manager Service [Disabled | Stopped] -> -> File not found (APOLLOJBoss) ERDAS APOLLO JBoss Application Server 4.2 [Disabled | Stopped] -> C:\ERDAS\APOLLO2011\jboss\bin\jbosssvc.exe -> [2011-02-24 17:30:47 | 000,045,056 | ---- | M] (Red Hat®, Inc.) (ERDASAPOLLOApacheWebServer) ERDAS APOLLO Apache Web Server [Disabled | Stopped] -> C:\ERDAS\APOLLO2011\apache\bin\httpd.exe -> [2010-12-07 23:19:20 | 000,024,645 | ---- | M] (Apache Software Foundation) (FLEXnet Licensing Service) FLEXnet Licensing Service [Disabled | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2010-11-02 21:09:42 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) (Tomcat7) Apache Tomcat 7 [Disabled | Stopped] -> C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\tomcat7.exe -> [2010-06-13 16:53:26 | 000,061,440 | ---- | M] (Apache Software Foundation) (EvtEng) Intel(R) PROSet/Wireless Event Log [Auto | Running] -> C:\Program Files\Intel\WiFi\bin\EvtEng.exe -> [2010-03-05 10:01:46 | 000,862,480 | ---- | M] (Intel(R) Corporation) (S24EventMonitor) Intel(R) PROSet/Wireless WiFi Service [Auto | Running] -> C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -> [2010-03-05 09:54:20 | 000,954,368 | ---- | M] (Intel(R) Corporation) (RegSrvc) Intel(R) PROSet/Wireless Registry Service [Auto | Running] -> C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -> [2010-03-05 09:43:50 | 000,473,360 | ---- | M] (Intel(R) Corporation) (s7oiehsx) SIMATIC IEPG Help Service [Disabled | Stopped] -> C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe -> [2010-03-02 09:47:30 | 001,576,072 | ---- | M] (SIEMENS AG) (S7TraceServiceX) S7TraceServiceX [Disabled | Stopped] -> C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe -> [2010-03-02 09:47:30 | 000,240,776 | ---- | M] (SIEMENS AG) (postgresql-8.4) PostgreSQL Server 8.4 [On_Demand | Stopped] -> C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe -> [2009-09-08 09:48:55 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) (EhttpSrv) ESET HTTP Server [On_Demand | Stopped] -> C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -> [2009-02-06 14:27:06 | 000,020,680 | ---- | M] (ESET) (ekrn) ESET Service [Auto | Running] -> C:\Program Files\ESET\ESET Smart Security\ekrn.exe -> [2009-02-06 14:23:36 | 000,727,720 | ---- | M] (ESET) (NOD32FiXTemDono) Eset Nod32 Boot [Disabled | Stopped] -> C:\WINDOWS\System32\regedt32.exe -> [2001-10-26 19:30:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (sptd) sptd [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\sptd.sys -> [2010-08-25 10:28:46 | 000,691,696 | ---- | M] () (NETw5x32) Sterownik karty Intel(R) Wireless WiFi Link 5000 Series dla systemu Windows XP 32 Bit [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\NETw5x32.sys -> [2010-05-31 11:58:36 | 006,608,512 | ---- | M] (Intel Corporation) (S7opcsrtx) PROFINET IO RT-Protocol (LLDP) [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\s7opcsrtx.sys -> [2010-03-01 17:51:54 | 000,031,232 | ---- | M] (SIEMENS AG) (s24trans) Transport WLAN [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\s24trans.sys -> [2009-08-10 01:46:38 | 000,013,952 | ---- | M] (Intel Corporation) (SNTIE) SIMATIC Industrial Ethernet (ISO) [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\SNTIE.SYS -> [2009-06-05 13:56:22 | 000,311,424 | ---- | M] (SIEMENS AG) (s7snsrtx) PROFINET IO RT-Protocol V1.0 [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\s7snsrtx.sys -> [2009-02-24 18:39:58 | 000,073,088 | ---- | M] (SIEMENS AG) (epfwtdi) epfwtdi [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\epfwtdi.sys -> [2009-02-06 14:24:22 | 000,056,280 | ---- | M] (ESET) (Epfwndis) Eset Personal Firewall [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\epfwndis.sys -> [2009-02-06 14:24:22 | 000,033,096 | ---- | M] (ESET) (epfw) epfw [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\epfw.sys -> [2009-02-06 14:24:18 | 000,130,952 | ---- | M] (ESET) (ehdrv) ehdrv [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\ehdrv.sys -> [2009-02-06 14:23:18 | 000,106,208 | ---- | M] (ESET) (eamon) eamon [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\eamon.sys -> [2009-02-06 14:19:52 | 000,113,448 | ---- | M] (ESET) (HpqKbFiltr) HpqKbFilter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -> [2007-06-18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) (Sentinel) Sentinel [Kernel | Auto | Running] -> C:\WINDOWS\System32\Drivers\SENTINEL.SYS -> [2006-12-21 08:30:02 | 000,090,688 | ---- | M] (SafeNet, Inc.) (HdAudAddService) Microsoft UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\CHDAud.sys -> [2006-07-27 14:44:42 | 000,581,632 | ---- | M] (Conexant Systems Inc.) (SNP2UVC) USB2.0 PC Camera (SNP2UVC) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\snp2uvc.sys -> [2006-07-06 10:28:58 | 000,047,744 | ---- | M] () (HBtnKey) HBtnKey [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\CPQBttn.sys -> [2006-06-28 09:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) (BTWUSB) WIDCOMM USB Bluetooth Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\btwusb.sys -> [2006-05-12 13:16:44 | 000,057,320 | ---- | M] (Broadcom Corporation.) (w39n51) Intel(R) PRO/Wireless 3945ABG Adapter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\w39n51.sys -> [2006-04-22 02:06:26 | 001,429,632 | ---- | M] (Intel® Corporation) (HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2006-04-21 01:03:20 | 000,995,712 | ---- | M] (Conexant Systems, Inc.) (HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWAZL.sys -> [2006-04-21 01:02:40 | 000,208,000 | ---- | M] (Conexant Systems, Inc.) (winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2006-04-21 01:02:36 | 000,727,296 | ---- | M] (Conexant Systems, Inc.) (PCANDIS5) PCANDIS5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\pcandis5.sys -> [2006-03-01 20:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) (rimmptsk) rimmptsk [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\rimmptsk.sys -> [2005-11-16 20:28:32 | 000,028,928 | ---- | M] (REDC) (rismxdp) Ricoh xD-Picture Card Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\rixdptsk.sys -> [2005-11-01 18:08:00 | 000,308,992 | ---- | M] (REDC) (rimsptsk) rimsptsk [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\rimsptsk.sys -> [2005-11-01 17:54:50 | 000,051,584 | ---- | M] (REDC) (PCAMPR5) PCAMPR5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\pcampr5.sys -> [2003-09-23 12:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.com/ie -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://www.google.com/ie -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Default_Search_URL" -> http://www.google.com/ie -> HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.google.com -> HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Google -> HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.qooqlle.com/ -> HKEY_CURRENT_USER\: Search\\"Default_Search_URL" -> http://www.google.com/ie -> HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://www.google.com/ie -> HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.com/search?q=%s -> HKEY_CURRENT_USER\: URLSearchHooks\\"{08C06D61-F1F3-4799-86F8-BE1A89362C85}" [HKLM] -> [Search Class] -> File not found HKEY_CURRENT_USER\: URLSearchHooks\\"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}" [HKLM] -> C:\Program Files\uTorrentBar\tbuTo1.dll [uTorrentBar Toolbar] -> [2010-12-27 13:25:21 | 003,911,776 | ---- | M] (Conduit Ltd.) HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\michal burmer\Dane aplikacji\Mozilla\FireFox\Profiles\o6tkrog2.default\prefs.js -> browser.search.selectedEngine -> "qooqlle" -> browser.search.useDBForOrder -> true -> browser.startup.homepage -> "http://www.qooqlle.com/" -> extensions.enabledItems -> jqs@sun.com:1.0 -> extensions.enabledItems -> {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 -> extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 -> extensions.enabledItems -> cssreloader@kenneth.io:1.0.2 -> extensions.enabledItems -> {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 -> keyword.URL -> "http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q=" -> network.proxy.backup.ftp -> "127.0.0.1" -> network.proxy.backup.ftp_port -> 9666 -> network.proxy.backup.gopher -> "127.0.0.1" -> network.proxy.backup.gopher_port -> 9666 -> network.proxy.backup.socks -> "127.0.0.1" -> network.proxy.backup.socks_port -> 9666 -> network.proxy.backup.ssl -> "127.0.0.1" -> network.proxy.backup.ssl_port -> 9666 -> network.proxy.ftp -> "127.0.0.1" -> network.proxy.ftp_port -> 9666 -> network.proxy.gopher -> "127.0.0.1" -> network.proxy.gopher_port -> 9666 -> network.proxy.http -> "127.0.0.1" -> network.proxy.http_port -> 9666 -> network.proxy.share_proxy_settings -> true -> network.proxy.socks -> "127.0.0.1" -> network.proxy.socks_port -> 9666 -> network.proxy.ssl -> "127.0.0.1" -> network.proxy.ssl_port -> 9666 -> network.proxy.type -> 0 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\extensions -> -> HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} -> C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT] -> [2010-08-16 22:03:10 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011-05-02 20:45:18 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2011-05-02 20:45:18 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions -> -> HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components -> C:\Program Files\Mozilla Thunderbird\components [C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS] -> [2011-05-02 17:32:40 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins -> C:\Program Files\Mozilla Thunderbird\plugins [C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS] -> [2011-02-04 13:13:27 | 000,000,000 | ---D | M] HKLM\software\mozilla\Thunderbird\Extensions -> -> HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com -> C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD] -> [2011-04-15 16:55:58 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\michal burmer\Dane aplikacji\Mozilla\Extensions -> [2010-10-19 15:29:10 | 000,000,000 | ---D | M] No name found -> C:\Documents and Settings\michal burmer\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} -> [2010-10-19 15:29:10 | 000,000,000 | ---D | M] -> C:\Documents and Settings\michal burmer\Dane aplikacji\Mozilla\Firefox\Profiles\o6tkrog2.default\extensions -> [2011-05-02 20:45:41 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> daemon-search.xml -> C:\Documents and Settings\michal burmer\Dane aplikacji\Mozilla\Firefox\Profiles\o6tkrog2.default\searchplugins\daemon-search.xml -> [2010-08-25 10:29:06 | 000,002,059 | ---- | M] () Search.xml -> C:\Documents and Settings\michal burmer\Dane aplikacji\Mozilla\Firefox\Profiles\o6tkrog2.default\searchplugins\Search.xml -> [2011-05-03 11:34:10 | 000,001,860 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2011-05-02 12:47:17 | 000,000,000 | ---D | M] Skype extension for Firefox -> C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} -> [2010-09-02 19:26:15 | 000,000,000 | ---D | M] Java Console -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} -> [2010-08-13 16:44:53 | 000,000,000 | ---D | M] Java Quick Starter -> C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF -> [2010-10-11 15:58:57 | 000,000,000 | ---D | M] < HOSTS File > ([2001-10-26 17:45:16 | 000,000,742 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2010-08-16 22:03:09 | 000,341,600 | ---- | M] (RealPlayer) {30F9B915-B755-4826-820B-08FBA6BD249D} [HKLM] -> C:\Program Files\ConduitEngine\ConduitEngin0.dll [Conduit Engine] -> [2010-12-27 13:25:21 | 003,911,776 | ---- | M] (Conduit Ltd.) {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} [HKLM] -> C:\Program Files\Core Services\DebugBar\DebugInfoBar.dll [DebugBar BHO] -> [2010-03-15 16:20:02 | 001,134,080 | ---- | M] (Core Services) {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype add-on for Internet Explorer] -> [2010-02-08 13:28:14 | 000,804,136 | ---- | M] (Skype Technologies S.A.) {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [HKLM] -> C:\Program Files\uTorrentBar\tbuTo1.dll [uTorrentBar Toolbar] -> [2010-12-27 13:25:21 | 003,911,776 | ---- | M] (Conduit Ltd.) {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} [HKLM] -> C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll [IplexToALLPlayer] -> [2011-02-09 19:29:08 | 000,400,384 | ---- | M] (ALLCinema Ltd.) < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{30F9B915-B755-4826-820B-08FBA6BD249D}" [HKLM] -> C:\Program Files\ConduitEngine\ConduitEngin0.dll [Conduit Engine] -> [2010-12-27 13:25:21 | 003,911,776 | ---- | M] (Conduit Ltd.) WebBrowser\\"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [DAEMON Tools Toolbar] -> [2010-03-25 11:27:54 | 000,968,000 | ---- | M] () WebBrowser\\"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}" [HKLM] -> C:\Program Files\uTorrentBar\tbuTo1.dll [uTorrentBar Toolbar] -> [2010-12-27 13:25:21 | 003,911,776 | ---- | M] (Conduit Ltd.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "csrs" -> C:\Documents and Settings\All Users\csrs.exe [%ALLUSERSPROFILE%\csrs.exe] -> [2011-05-02 14:35:29 | 000,339,968 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) "egui" -> C:\Program Files\ESET\ESET Smart Security\egui.exe ["C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice] -> [2009-02-06 14:23:12 | 002,021,400 | ---- | M] (ESET) "NvCplDaemon" -> C:\WINDOWS\System32\NvCpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2006-07-20 14:58:00 | 007,581,696 | ---- | M] (NVIDIA Corporation) "svhost" -> C:\Program Files\Common Files\svhost.exe [%COMMONPROGRAMFILES%\svhost.exe] -> [2011-05-02 14:35:29 | 006,855,168 | RHS- | M] () "winloqon" -> C:\Documents and Settings\All Users\winloqon.exe [%ALLUSERSPROFILE%\winloqon.exe] -> [2011-05-02 14:35:29 | 000,331,776 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "ALLUpdate" -> C:\Program Files\ALLPlayer\ALLUpdate.exe ["C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"] -> [2011-02-08 00:44:16 | 001,362,944 | ---- | M] () < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found \\"NoLogoff" -> [0] -> File not found \\"NoClose" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"DisableLockWorkstation" -> [0] -> File not found \\"DisableChangePassword" -> [0] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\WINDOWS\System32\GPhotos.scr [res://C:\WINDOWS\system32\GPhotos.scr/200] -> [2010-12-02 05:35:18 | 004,280,320 | ---- | M] (Google Inc.) E&ksport do programu Microsoft Excel -> [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] -> File not found Wyślij do interfejsu &Bluetooth -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2003-05-29 13:53:12 | 000,001,320 | ---- | M] () < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Program Files\Microsoft ActiveSync\INetRepl.dll [Button: Create Mobile Favorite] -> [2006-11-13 16:57:04 | 000,158,504 | ---- | M] (Microsoft Corporation) {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Program Files\Microsoft ActiveSync\INetRepl.dll [Menu: Utwórz Ulubione dla urządzenia przenośnego...] -> [2006-11-13 16:57:04 | 000,158,504 | ---- | M] (Microsoft Corporation) {898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Button: Skype add-on for Internet Explorer] -> [2010-02-08 13:28:14 | 000,804,136 | ---- | M] (Skype Technologies S.A.) {898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Menu: Skype add-on for Internet Explorer] -> [2010-02-08 13:28:14 | 000,804,136 | ---- | M] (Skype Technologies S.A.) {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Button: @btrez.dll,-4015] -> [2003-05-29 13:53:08 | 000,002,681 | ---- | M] () {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: @btrez.dll,-4017] -> [2003-05-29 13:53:08 | 000,002,681 | ---- | M] () < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found CmdMapping\\"{898EA8C8-E7FF-479B-8935-AEC46303B9E5}" [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype add-on for Internet Explorer (toolbar button)] -> [2010-02-08 13:28:14 | 000,804,136 | ---- | M] (Skype Technologies S.A.) CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] -> [@btrez.dll,-4015] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {33564D57-0000-0010-8000-00AA00389B71} [HKLM] -> http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB [Reg Error: Key error.] -> {6414512B-B978-451D-A0D8-FCFDF33E833C} [HKLM] -> http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1281703514531 [WUWebControl Class] -> {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1284410805484 [MUWebControl Class] -> {6F15128C-E66A-490C-B848-5000B5ABEEAC} [HKLM] -> https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab [HP Download Manager] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab [Java Plug-in 1.6.0_21] -> {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab [Java Plug-in 1.6.0_21] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab [Java Plug-in 1.6.0_21] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.1.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {07D8688F-A515-4402-A130-C17D2D249937}\\DhcpNameServer -> 192.168.1.1 (Intel(R) PRO/Wireless 3945ABG Network Connection) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "C:\Program Files\Common Files\ArchestrA\aaLogger.exe" -> [C:\Program Files\Common Files\ArchestrA\aaLogger.exe:*:Enabled:aaLogger.exe] -> File not found "C:\Program Files\Common Files\ArchestrA\DASAgent.exe" -> [C:\Program Files\Common Files\ArchestrA\DASAgent.exe:*:Enabled:DASAgent.exe] -> File not found "C:\Program Files\Common Files\ArchestrA\slssvc.exe" -> [C:\Program Files\Common Files\ArchestrA\slssvc.exe:*:Enabled:Slssvc.exe] -> File not found "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" -> C:\Program Files\Microsoft ActiveSync\rapimgr.exe [C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager] -> [2006-11-13 16:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe [C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager] -> [2006-11-13 16:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" -> C:\Program Files\Microsoft ActiveSync\WCESMgr.exe [C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application] -> [2006-11-13 16:57:18 | 004,287,272 | ---- | M] (Microsoft Corporation) "C:\Program Files\Wonderware\InTouch\view.exe" -> [C:\Program Files\Wonderware\InTouch\view.exe:*:Enabled:view.exe] -> File not found "C:\Program Files\Wonderware\InTouch\wm.exe" -> [C:\Program Files\Wonderware\InTouch\wm.exe:*:Enabled:wm.exe] -> File not found "C:\WINDOWS\system32\mmc.exe" -> C:\WINDOWS\System32\mmc.exe [C:\WINDOWS\system32\mmc.exe:*:Enabled:mmc.exe] -> [2008-04-14 22:51:26 | 001,414,656 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\OPCEnum.exe" -> [C:\WINDOWS\system32\OPCEnum.exe:*:Enabled:OPCEnum.exe] -> File not found < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Program Files\Common Files\ArchestrA\aaLogger.exe" -> [C:\Program Files\Common Files\ArchestrA\aaLogger.exe:*:Enabled:aaLogger.exe] -> File not found "C:\Program Files\Common Files\ArchestrA\DASAgent.exe" -> [C:\Program Files\Common Files\ArchestrA\DASAgent.exe:*:Enabled:DASAgent.exe] -> File not found "C:\Program Files\Common Files\ArchestrA\slssvc.exe" -> [C:\Program Files\Common Files\ArchestrA\slssvc.exe:*:Enabled:Slssvc.exe] -> File not found "C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe" -> [C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe:*:Enabled:CCAgent] -> File not found "C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe" -> [C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe:*:Enabled:CCEServer] -> File not found "C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe" -> [C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe:*:Enabled:RedundancyControl] -> File not found "C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe" -> [C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe:*:Enabled:Adaptive Server Anywhere Network Server] -> File not found "C:\Program Files\Google\Google Earth\plugin\geplugin.exe" -> C:\Program Files\Google\Google Earth\plugin\geplugin.exe [C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth] -> [2010-09-01 20:32:34 | 000,069,632 | ---- | M] (Google) "C:\Program Files\Java\jdk1.6.0_21\bin\java.exe" -> C:\Program Files\Java\jdk1.6.0_21\bin\java.exe [C:\Program Files\Java\jdk1.6.0_21\bin\java.exe:*:Enabled:Java(TM) Platform SE binary] -> [2010-10-11 16:03:43 | 000,139,264 | ---- | M] (Sun Microsystems, Inc.) "C:\Program Files\Java\jre6\bin\javaw.exe" -> C:\Program Files\Java\jre6\bin\javaw.exe [C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary] -> [2010-10-11 15:58:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" -> C:\Program Files\Microsoft ActiveSync\rapimgr.exe [C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager] -> [2006-11-13 16:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe [C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager] -> [2006-11-13 16:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" -> C:\Program Files\Microsoft ActiveSync\WCESMgr.exe [C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application] -> [2006-11-13 16:57:18 | 004,287,272 | ---- | M] (Microsoft Corporation) "C:\Program Files\mIRC\mirc.exe" -> C:\Program Files\mIRC\mirc.exe [C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC] -> [2010-10-14 07:14:00 | 001,085,530 | ---- | M] (mIRC Co. Ltd.) "C:\Program Files\NetBeans 6.9.1\bin\netbeans.exe" -> C:\Program Files\NetBeans 6.9.1\bin\netbeans.exe [C:\Program Files\NetBeans 6.9.1\bin\netbeans.exe:*:Enabled:netbeans] -> [2010-07-29 02:06:10 | 000,400,384 | ---- | M] () "C:\Program Files\Nowe Gadu-Gadu\gg.exe" -> C:\Program Files\Nowe Gadu-Gadu\gg.exe [C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu] -> [2009-02-27 18:12:42 | 009,339,496 | ---- | M] (GG Network S.A.) "C:\Program Files\Opera\opera.exe" -> C:\Program Files\Opera\opera.exe [C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser] -> [2011-01-30 15:32:18 | 000,943,472 | ---- | M] (Opera Software) "C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe" -> [C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe:*:Enabled:WinCC flexible RT Module HmiLoad] -> File not found "C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\MiniWeb.exe" -> [C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\MiniWeb.exe:*:Disabled:WinCC flexible RT Module MiniWeb] -> File not found "C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe" -> [C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe:*:Disabled:WinCC flexible RT Module SmartServer] -> File not found "C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe" -> [C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe:*:Enabled:SIMATIC WinCC flexible 2008 Application] -> File not found "C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe" -> [C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe:*:Enabled:SIMATIC WinCC flexible 2008 Trace Server] -> File not found "C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe" -> [C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe:*:Enabled:SIEMENS STEP7 SIMATIC Manager] -> File not found "C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe" -> [C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe:*:Enabled:SIEMENS STEP7 S7InfoBox] -> File not found "C:\Program Files\uTorrent\uTorrent.exe" -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> [2011-04-06 21:32:25 | 000,399,736 | ---- | M] (BitTorrent, Inc.) "C:\Program Files\Wonderware\InTouch\view.exe" -> [C:\Program Files\Wonderware\InTouch\view.exe:*:Enabled:view.exe] -> File not found "C:\Program Files\Wonderware\InTouch\wm.exe" -> [C:\Program Files\Wonderware\InTouch\wm.exe:*:Enabled:wm.exe] -> File not found "C:\WINDOWS\system32\mmc.exe" -> C:\WINDOWS\System32\mmc.exe [C:\WINDOWS\system32\mmc.exe:*:Enabled:mmc.exe] -> [2008-04-14 22:51:26 | 001,414,656 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\OPCEnum.exe" -> [C:\WINDOWS\system32\OPCEnum.exe:*:Enabled:OPCEnum.exe] -> File not found "C:\WINDOWS\system32\s7otbxsx.exe" -> C:\WINDOWS\System32\s7otbxsx.exe [C:\WINDOWS\system32\s7otbxsx.exe:*:Enabled:SIEMENS STEP7 Block Administration] -> [2010-03-02 09:44:10 | 000,831,488 | ---- | M] (SIEMENS AG) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Sterownik stacji dysków CD-ROM -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2010-08-13 10:31:06 | 000,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{9d91b5aa-fc4e-11df-9393-001636b954b1} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d91b5aa-fc4e-11df-9393-001636b954b1}\Shell \{9d91b5aa-fc4e-11df-9393-001636b954b1}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d91b5aa-fc4e-11df-9393-001636b954b1}\Shell\AutoRun\command \{9d91b5aa-fc4e-11df-9393-001636b954b1}\Shell\AutoRun\command\\"" -> [G:\LaunchU3.exe -a] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Files/Folders - Created Within 30 Days] HijackThis -> C:\Documents and Settings\All Users\Menu Start\Programy\HijackThis -> [2011-05-02 20:48:39 | 000,000,000 | ---D | C] Trend Micro -> C:\Program Files\Trend Micro -> [2011-05-02 20:48:37 | 000,000,000 | ---D | C] Combined Community Codec Pack -> C:\Documents and Settings\All Users\Menu Start\Programy\Combined Community Codec Pack -> [2011-05-02 14:35:52 | 000,000,000 | ---D | C] Combined Community Codec Pack -> C:\Program Files\Combined Community Codec Pack -> [2011-05-02 14:35:47 | 000,000,000 | ---D | C] winloqon.exe -> C:\Documents and Settings\All Users\winloqon.exe -> [2011-05-02 14:35:31 | 000,331,776 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) csrs.exe -> C:\Documents and Settings\All Users\csrs.exe -> [2011-05-02 14:35:30 | 000,339,968 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) AXMRQUEE.OCX -> C:\WINDOWS\System32\AXMRQUEE.OCX -> [2011-04-24 19:59:25 | 000,054,272 | ---- | C] (Microsoft Corporation) RICHTX32.OCX -> C:\WINDOWS\System32\RICHTX32.OCX -> [2011-04-24 19:59:19 | 000,195,856 | ---- | C] (Microsoft Corporation) MSWINSCK.OCX -> C:\WINDOWS\System32\MSWINSCK.OCX -> [2011-04-24 19:59:19 | 000,101,648 | ---- | C] (Microsoft Corporation) COMBOFLL.DLL -> C:\WINDOWS\System32\COMBOFLL.DLL -> [2011-04-24 19:59:19 | 000,012,800 | ---- | C] (ROZINN) IRCGOLD -> C:\IRCGOLD -> [2011-04-24 19:59:18 | 000,000,000 | ---D | C] Startup -> C:\Documents and Settings\michal burmer\Menu Start\Programy\Startup -> [2011-04-24 19:58:26 | 000,000,000 | ---D | C] Dzony-Loker -> C:\Dzony-Loker -> [2011-04-24 19:46:14 | 000,000,000 | ---D | C] Veetle -> C:\Program Files\Veetle -> [2011-04-23 19:02:42 | 000,000,000 | ---D | C] mIRC -> C:\Program Files\mIRC -> [2011-04-23 14:06:07 | 000,000,000 | ---D | C] mIRC -> C:\Documents and Settings\All Users\Menu Start\Programy\mIRC -> [2011-04-23 14:06:07 | 000,000,000 | ---D | C] MIRC.v7.14.Cracked-EAT -> C:\Documents and Settings\michal burmer\Pulpit\MIRC.v7.14.Cracked-EAT -> [2011-04-23 14:03:55 | 000,000,000 | ---D | C] ESET -> C:\Documents and Settings\All Users\Menu Start\Programy\ESET -> [2011-04-15 16:55:57 | 000,000,000 | ---D | C] ESET -> C:\Program Files\ESET -> [2011-04-15 16:50:44 | 000,000,000 | ---D | C] Xfire -> C:\Documents and Settings\NetworkService\Dane aplikacji\Xfire -> [2011-04-07 18:45:35 | 000,000,000 | ---D | C] Xfire -> C:\Documents and Settings\LocalService\Dane aplikacji\Xfire -> [2011-04-07 18:26:52 | 000,000,000 | ---D | C] Xfire -> C:\Documents and Settings\michal burmer\Dane aplikacji\Xfire -> [2011-04-07 18:21:48 | 000,000,000 | ---D | C] Xfire -> C:\Documents and Settings\All Users\Menu Start\Programy\Xfire -> [2011-04-07 18:21:47 | 000,000,000 | ---D | C] Xfire -> C:\Program Files\Xfire -> [2011-04-07 18:21:45 | 000,000,000 | ---D | C] RegisteredPackages -> C:\WINDOWS\RegisteredPackages -> [2011-04-07 18:05:22 | 000,000,000 | ---D | C] wstdecod.dll -> C:\WINDOWS\System32\dllcache\wstdecod.dll -> [2011-04-07 18:04:46 | 000,047,104 | ---- | C] (Microsoft Corporation) quartz.dll -> C:\WINDOWS\System32\dllcache\quartz.dll -> [2011-04-07 18:04:45 | 001,962,496 | ---- | C] (Microsoft Corporation) qedit.dll -> C:\WINDOWS\System32\dllcache\qedit.dll -> [2011-04-07 18:04:45 | 001,798,144 | ---- | C] (Microsoft Corporation) msvidctl.dll -> C:\WINDOWS\System32\dllcache\msvidctl.dll -> [2011-04-07 18:04:45 | 001,230,336 | ---- | C] (Microsoft Corporation) d3d8.dll -> C:\WINDOWS\System32\dllcache\d3d8.dll -> [2011-04-07 18:04:45 | 001,201,152 | ---- | C] (Microsoft Corporation) dinput8.dll -> C:\WINDOWS\System32\dllcache\dinput8.dll -> [2011-04-07 18:04:45 | 000,667,648 | ---- | C] (Microsoft Corporation) qdvd.dll -> C:\WINDOWS\System32\dllcache\qdvd.dll -> [2011-04-07 18:04:45 | 000,470,528 | ---- | C] (Microsoft Corporation) mswebdvd.dll -> C:\WINDOWS\System32\dllcache\mswebdvd.dll -> [2011-04-07 18:04:45 | 000,324,096 | ---- | C] (Microsoft Corporation) qdv.dll -> C:\WINDOWS\System32\dllcache\qdv.dll -> [2011-04-07 18:04:45 | 000,316,928 | ---- | C] (Microsoft Corporation) qcap.dll -> C:\WINDOWS\System32\dllcache\qcap.dll -> [2011-04-07 18:04:45 | 000,257,024 | ---- | C] (Microsoft Corporation) dmime.dll -> C:\WINDOWS\System32\dllcache\dmime.dll -> [2011-04-07 18:04:45 | 000,181,248 | ---- | C] (Microsoft Corporation) qasf.dll -> C:\WINDOWS\System32\dllcache\qasf.dll -> [2011-04-07 18:04:45 | 000,173,056 | ---- | C] (Microsoft Corporation) devenum.dll -> C:\WINDOWS\System32\dllcache\devenum.dll -> [2011-04-07 18:04:45 | 000,132,608 | ---- | C] (Microsoft Corporation) dmusic.dll -> C:\WINDOWS\System32\dllcache\dmusic.dll -> [2011-04-07 18:04:45 | 000,122,880 | ---- | C] (Microsoft Corporation) dmsynth.dll -> C:\WINDOWS\System32\dllcache\dmsynth.dll -> [2011-04-07 18:04:45 | 000,100,864 | ---- | C] (Microsoft Corporation) dmstyle.dll -> C:\WINDOWS\System32\dllcache\dmstyle.dll -> [2011-04-07 18:04:45 | 000,098,816 | ---- | C] (Microsoft Corporation) dmscript.dll -> C:\WINDOWS\System32\dllcache\dmscript.dll -> [2011-04-07 18:04:45 | 000,076,800 | ---- | C] (Microsoft Corporation) dmcompos.dll -> C:\WINDOWS\System32\dllcache\dmcompos.dll -> [2011-04-07 18:04:45 | 000,058,368 | ---- | C] (Microsoft Corporation) dmloader.dll -> C:\WINDOWS\System32\dllcache\dmloader.dll -> [2011-04-07 18:04:45 | 000,033,280 | ---- | C] (Microsoft Corporation) dmband.dll -> C:\WINDOWS\System32\dllcache\dmband.dll -> [2011-04-07 18:04:45 | 000,027,136 | ---- | C] (Microsoft Corporation) dswave.dll -> C:\WINDOWS\System32\dllcache\dswave.dll -> [2011-04-07 18:04:45 | 000,018,432 | ---- | C] (Microsoft Corporation) bdaplgin.ax -> C:\WINDOWS\System32\bdaplgin.ax -> [2011-04-07 18:04:45 | 000,016,896 | ---- | C] (Microsoft Corporation) mpe.sys -> C:\WINDOWS\System32\drivers\mpe.sys -> [2011-04-07 18:04:45 | 000,015,104 | ---- | C] (Microsoft Corporation) ksolay.ax -> C:\WINDOWS\System32\ksolay.ax -> [2011-04-07 18:04:45 | 000,012,288 | ---- | C] (Microsoft Corporation) bdasup.sys -> C:\WINDOWS\System32\drivers\bdasup.sys -> [2011-04-07 18:04:45 | 000,011,392 | ---- | C] (Microsoft Corporation) dsound3d.dll -> C:\WINDOWS\System32\dllcache\dsound3d.dll -> [2011-04-07 18:04:44 | 001,294,336 | ---- | C] (Microsoft Corporation) dx8vb.dll -> C:\WINDOWS\System32\dllcache\dx8vb.dll -> [2011-04-07 18:04:44 | 001,189,888 | ---- | C] (Microsoft Corporation) dxdiag.exe -> C:\WINDOWS\System32\dllcache\dxdiag.exe -> [2011-04-07 18:04:44 | 000,974,848 | ---- | C] (Microsoft Corporation) d3dim700.dll -> C:\WINDOWS\System32\dllcache\d3dim700.dll -> [2011-04-07 18:04:44 | 000,797,184 | ---- | C] (Microsoft Corporation) dpnet.dll -> C:\WINDOWS\System32\dllcache\dpnet.dll -> [2011-04-07 18:04:44 | 000,723,968 | ---- | C] (Microsoft Corporation) dinput.dll -> C:\WINDOWS\System32\dllcache\dinput.dll -> [2011-04-07 18:04:44 | 000,648,704 | ---- | C] (Microsoft Corporation) dx7vb.dll -> C:\WINDOWS\System32\dllcache\dx7vb.dll -> [2011-04-07 18:04:44 | 000,602,624 | ---- | C] (Microsoft Corporation) dsdmoprp.dll -> C:\WINDOWS\System32\dllcache\dsdmoprp.dll -> [2011-04-07 18:04:44 | 000,491,520 | ---- | C] (Microsoft Corporation) dsound.dll -> C:\WINDOWS\System32\dllcache\dsound.dll -> [2011-04-07 18:04:44 | 000,381,952 | ---- | C] (Microsoft Corporation) dpvoice.dll -> C:\WINDOWS\System32\dllcache\dpvoice.dll -> [2011-04-07 18:04:44 | 000,381,952 | ---- | C] (Microsoft Corporation) ddraw.dll -> C:\WINDOWS\System32\dllcache\ddraw.dll -> [2011-04-07 18:04:44 | 000,292,864 | ---- | C] (Microsoft Corporation) dplayx.dll -> C:\WINDOWS\System32\dllcache\dplayx.dll -> [2011-04-07 18:04:44 | 000,230,400 | ---- | C] (Microsoft Corporation) joy.cpl -> C:\WINDOWS\System32\dllcache\joy.cpl -> [2011-04-07 18:04:44 | 000,208,896 | ---- | C] (Microsoft Corporation) dsdmo.dll -> C:\WINDOWS\System32\dllcache\dsdmo.dll -> [2011-04-07 18:04:44 | 000,186,880 | ---- | C] (Microsoft Corporation) dpvvox.dll -> C:\WINDOWS\System32\dllcache\dpvvox.dll -> [2011-04-07 18:04:44 | 000,112,128 | ---- | C] (Microsoft Corporation) dpvsetup.exe -> C:\WINDOWS\System32\dllcache\dpvsetup.exe -> [2011-04-07 18:04:44 | 000,080,896 | ---- | C] (Microsoft Corporation) dpwsockx.dll -> C:\WINDOWS\System32\dllcache\dpwsockx.dll -> [2011-04-07 18:04:44 | 000,079,360 | ---- | C] (Microsoft Corporation) dpmodemx.dll -> C:\WINDOWS\System32\dllcache\dpmodemx.dll -> [2011-04-07 18:04:44 | 000,077,824 | ---- | C] (Microsoft Corporation) dpnhupnp.dll -> C:\WINDOWS\System32\dllcache\dpnhupnp.dll -> [2011-04-07 18:04:44 | 000,068,096 | ---- | C] (Microsoft Corporation) dxdllreg.exe -> C:\WINDOWS\System32\dxdllreg.exe -> [2011-04-07 18:04:44 | 000,046,592 | ---- | C] (Microsoft Corporation) dpnhpast.dll -> C:\WINDOWS\System32\dllcache\dpnhpast.dll -> [2011-04-07 18:04:44 | 000,032,768 | ---- | C] (Microsoft Corporation) pid.dll -> C:\WINDOWS\System32\dllcache\pid.dll -> [2011-04-07 18:04:44 | 000,031,744 | ---- | C] (Microsoft Corporation) dplaysvr.exe -> C:\WINDOWS\System32\dllcache\dplaysvr.exe -> [2011-04-07 18:04:44 | 000,028,160 | ---- | C] (Microsoft Corporation) ddrawex.dll -> C:\WINDOWS\System32\dllcache\ddrawex.dll -> [2011-04-07 18:04:44 | 000,024,064 | ---- | C] (Microsoft Corporation) dpvacm.dll -> C:\WINDOWS\System32\dllcache\dpvacm.dll -> [2011-04-07 18:04:44 | 000,019,968 | ---- | C] (Microsoft Corporation) dpnsvr.exe -> C:\WINDOWS\System32\dllcache\dpnsvr.exe -> [2011-04-07 18:04:44 | 000,016,896 | ---- | C] (Microsoft Corporation) d3d8thk.dll -> C:\WINDOWS\System32\dllcache\d3d8thk.dll -> [2011-04-07 18:04:44 | 000,008,192 | ---- | C] (Microsoft Corporation) dpnlobby.dll -> C:\WINDOWS\System32\dllcache\dpnlobby.dll -> [2011-04-07 18:04:44 | 000,003,072 | ---- | C] (Microsoft Corporation) dpnaddr.dll -> C:\WINDOWS\System32\dllcache\dpnaddr.dll -> [2011-04-07 18:04:44 | 000,003,072 | ---- | C] (Microsoft Corporation) Call of Duty -> C:\Documents and Settings\michal burmer\Menu Start\Programy\Call of Duty -> [2011-04-07 17:54:39 | 000,000,000 | ---D | C] Call of Duty -> C:\Program Files\Call of Duty -> [2011-04-07 17:48:37 | 000,000,000 | ---D | C] LogFiles -> C:\WINDOWS\System32\LogFiles -> [2011-04-06 21:00:11 | 000,000,000 | ---D | C] PunkBuster -> C:\Documents and Settings\michal burmer\Ustawienia lokalne\Dane aplikacji\PunkBuster -> [2011-04-06 21:00:10 | 000,000,000 | ---D | C] Activision -> C:\Documents and Settings\All Users\Menu Start\Programy\Activision -> [2011-04-06 20:21:36 | 000,000,000 | ---D | C] Activision -> C:\Program Files\Activision -> [2011-04-06 20:12:30 | 000,000,000 | ---D | C] gBurner -> C:\Documents and Settings\All Users\Menu Start\Programy\gBurner -> [2011-04-06 19:43:21 | 000,000,000 | ---D | C] gBurner -> C:\Program Files\gBurner -> [2011-04-06 19:43:20 | 000,000,000 | ---D | C] Super Kulki -> C:\Documents and Settings\All Users\Menu Start\Programy\Super Kulki -> [2011-04-05 16:57:51 | 000,000,000 | ---D | C] Balls -> C:\Documents and Settings\michal burmer\Ustawienia lokalne\Dane aplikacji\Balls -> [2011-04-05 16:57:50 | 000,000,000 | ---D | C] Super Kulki -> C:\Program Files\Super Kulki -> [2011-04-05 16:57:49 | 000,000,000 | ---D | C] ALLPlayer -> C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer -> [2011-04-05 16:57:46 | 000,000,000 | ---D | C] ALLPlayer -> C:\Program Files\ALLPlayer -> [2011-04-05 16:57:36 | 000,000,000 | ---D | C] csnp2uvc.dll -> C:\WINDOWS\csnp2uvc.dll -> [2010-08-13 12:49:50 | 000,053,248 | ---- | C] ( ) SetACL.exe -> C:\WINDOWS\SetACL.exe -> [2009-03-30 22:08:08 | 000,303,616 | ---- | C] ( ) 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> [Files/Folders - Modified Within 30 Days] nvapps.xml -> C:\WINDOWS\System32\nvapps.xml -> [2011-05-03 11:33:58 | 000,051,048 | ---- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2011-05-03 11:33:27 | 000,002,048 | --S- | M] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2011-05-03 11:33:22 | 000,454,064 | ---- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2011-05-03 11:33:21 | 1071,697,920 | -HS- | M] () perfh015.dat -> C:\WINDOWS\System32\perfh015.dat -> [2011-05-03 11:26:25 | 000,468,058 | ---- | M] () perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2011-05-03 11:26:25 | 000,411,196 | ---- | M] () perfc015.dat -> C:\WINDOWS\System32\perfc015.dat -> [2011-05-03 11:26:25 | 000,083,612 | ---- | M] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2011-05-03 11:26:25 | 000,066,684 | ---- | M] () boot.ini -> C:\boot.ini -> [2011-05-03 11:22:41 | 000,000,211 | -HS- | M] () RealUpgradeScheduledTaskS-1-5-21-57989841-152049171-839522115-1003.job -> C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-57989841-152049171-839522115-1003.job -> [2011-05-02 21:06:54 | 000,000,302 | ---- | M] () RealUpgradeLogonTaskS-1-5-21-57989841-152049171-839522115-1003.job -> C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-57989841-152049171-839522115-1003.job -> [2011-05-02 21:06:54 | 000,000,294 | ---- | M] () HijackThis.lnk -> C:\Documents and Settings\michal burmer\Pulpit\HijackThis.lnk -> [2011-05-02 20:48:39 | 000,001,734 | ---- | M] () svhost.exe -> C:\Program Files\Common Files\svhost.exe -> [2011-05-02 14:35:29 | 006,855,168 | RHS- | M] () csrs.exe -> C:\Documents and Settings\All Users\csrs.exe -> [2011-05-02 14:35:29 | 000,339,968 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) winloqon.exe -> C:\Documents and Settings\All Users\winloqon.exe -> [2011-05-02 14:35:29 | 000,331,776 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) Szybcy i wsciekli 5 ---[www.btscene.eu]--- .torrent -> C:\Documents and Settings\michal burmer\Pulpit\Szybcy i wsciekli 5 ---[www.btscene.eu]--- .torrent -> [2011-05-02 14:00:12 | 000,017,073 | ---- | M] () Default.rdp -> C:\Documents and Settings\michal burmer\Moje dokumenty\Default.rdp -> [2011-05-02 12:35:38 | 000,001,730 | -H-- | M] () rainbow-gathering-12.jpg -> C:\Documents and Settings\michal burmer\Pulpit\rainbow-gathering-12.jpg -> [2011-05-02 11:20:29 | 000,366,431 | ---- | M] () GoogleUpdateTaskMachineCore1cc080f81033c0a.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc080f81033c0a.job -> [2011-05-01 16:53:16 | 000,001,032 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2011-05-01 16:51:05 | 000,002,206 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\michal burmer\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011-04-25 15:08:15 | 000,131,584 | ---- | M] () MIRC.v7.14.Cracked-EAT.rar -> C:\Documents and Settings\michal burmer\Pulpit\MIRC.v7.14.Cracked-EAT.rar -> [2011-04-23 14:02:34 | 003,518,011 | ---- | M] () 149002046_0006_00_0005_0901_prv.tif -> C:\Documents and Settings\michal burmer\Pulpit\149002046_0006_00_0005_0901_prv.tif -> [2011-04-22 11:32:57 | 117,178,368 | ---- | M] () 149001174_0002_00_0023_0065_prv.tif -> C:\Documents and Settings\michal burmer\Pulpit\149001174_0002_00_0023_0065_prv.tif -> [2011-04-22 08:09:28 | 117,178,368 | ---- | M] () skretka2.gif -> C:\Documents and Settings\michal burmer\Pulpit\skretka2.gif -> [2011-04-14 19:12:13 | 000,018,692 | ---- | M] () winscp.rnd -> C:\Documents and Settings\michal burmer\Dane aplikacji\winscp.rnd -> [2011-04-09 19:50:21 | 000,000,600 | ---- | M] () PUTTY.RND -> C:\Documents and Settings\michal burmer\Ustawienia lokalne\Dane aplikacji\PUTTY.RND -> [2011-04-09 19:41:33 | 000,000,600 | ---- | M] () district.odt -> C:\Documents and Settings\michal burmer\Pulpit\district.odt -> [2011-04-09 19:10:46 | 000,024,297 | ---- | M] () PnkBstrB.xtr -> C:\WINDOWS\System32\PnkBstrB.xtr -> [2011-04-08 17:34:55 | 000,214,520 | ---- | M] () PnkBstrK.sys -> C:\WINDOWS\System32\drivers\PnkBstrK.sys -> [2011-04-08 17:34:38 | 000,137,464 | ---- | M] () Video.lnk -> C:\Documents and Settings\michal burmer\Video.lnk -> [2011-04-07 18:51:19 | 000,000,148 | ---- | M] () Pictures.lnk -> C:\Documents and Settings\michal burmer\Pictures.lnk -> [2011-04-07 18:51:19 | 000,000,148 | ---- | M] () Passwords.lnk -> C:\Documents and Settings\michal burmer\Passwords.lnk -> [2011-04-07 18:51:19 | 000,000,148 | ---- | M] () New Folder.lnk -> C:\Documents and Settings\michal burmer\New Folder.lnk -> [2011-04-07 18:51:19 | 000,000,148 | ---- | M] () Music.lnk -> C:\Documents and Settings\michal burmer\Music.lnk -> [2011-04-07 18:51:19 | 000,000,148 | ---- | M] () Documents.lnk -> C:\Documents and Settings\michal burmer\Documents.lnk -> [2011-04-07 18:51:19 | 000,000,148 | ---- | M] () CoD.INI -> C:\WINDOWS\CoD.INI -> [2011-04-07 17:54:39 | 000,000,745 | ---- | M] () bzdury.rtf -> C:\Documents and Settings\michal burmer\Pulpit\bzdury.rtf -> [2011-04-07 14:09:27 | 000,000,743 | ---- | M] () game.ini -> C:\WINDOWS\game.ini -> [2011-04-06 20:21:36 | 000,000,287 | ---- | M] () cod key.bmp -> C:\Documents and Settings\michal burmer\Moje dokumenty\cod key.bmp -> [2011-04-06 20:12:01 | 003,072,054 | ---- | M] () 67 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 67 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 174 C:\Documents and Settings\michal burmer\Ustawienia lokalne\Temp\*.tmp files -> C:\Documents and Settings\michal burmer\Ustawienia lokalne\Temp\*.tmp -> 174 C:\Documents and Settings\michal burmer\Ustawienia lokalne\Temp\*.tmp files -> C:\Documents and Settings\michal burmer\Ustawienia lokalne\Temp\*.tmp -> 11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 1 C:\Documents and Settings\michal burmer\Ustawienia lokalne\Temp\PG2010_04\*.tmp files -> C:\Documents and Settings\michal burmer\Ustawienia lokalne\Temp\PG2010_04\*.tmp -> 1 C:\Documents and Settings\michal burmer\Ustawienia lokalne\Temp\PG2010_04\*.tmp files -> C:\Documents and Settings\michal burmer\Ustawienia lokalne\Temp\PG2010_04\*.tmp -> [Files - No Company Name] hiberfil.sys -> C:\hiberfil.sys -> [2011-05-03 11:21:14 | 1071,697,920 | -HS- | C] () HijackThis.lnk -> C:\Documents and Settings\michal burmer\Pulpit\HijackThis.lnk -> [2011-05-02 20:48:39 | 000,001,734 | ---- | C] () svhost.exe -> C:\Program Files\Common Files\svhost.exe -> [2011-05-02 14:35:30 | 006,855,168 | RHS- | C] () Szybcy i wsciekli 5 ---[www.btscene.eu]--- .torrent -> C:\Documents and Settings\michal burmer\Pulpit\Szybcy i wsciekli 5 ---[www.btscene.eu]--- .torrent -> [2011-05-02 14:00:10 | 000,017,073 | ---- | C] () rainbow-gathering-12.jpg -> C:\Documents and Settings\michal burmer\Pulpit\rainbow-gathering-12.jpg -> [2011-05-02 11:20:28 | 000,366,431 | ---- | C] () GoogleUpdateTaskMachineCore1cc080f81033c0a.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc080f81033c0a.job -> [2011-05-01 16:53:16 | 000,001,032 | ---- | C] () Irc Gold.LNK -> C:\Documents and Settings\michal burmer\Menu Start\Programy\Irc Gold.LNK -> [2011-04-24 19:59:36 | 000,000,365 | ---- | C] () 149001174_0002_00_0023_0065_prv.tif -> C:\Documents and Settings\michal burmer\Pulpit\149001174_0002_00_0023_0065_prv.tif -> [2011-04-24 11:10:12 | 117,178,368 | ---- | C] () 149002046_0006_00_0005_0901_prv.tif -> C:\Documents and Settings\michal burmer\Pulpit\149002046_0006_00_0005_0901_prv.tif -> [2011-04-24 11:08:21 | 117,178,368 | ---- | C] () MIRC.v7.14.Cracked-EAT.rar -> C:\Documents and Settings\michal burmer\Pulpit\MIRC.v7.14.Cracked-EAT.rar -> [2011-04-23 14:01:51 | 003,518,011 | ---- | C] () skretka2.gif -> C:\Documents and Settings\michal burmer\Pulpit\skretka2.gif -> [2011-04-14 19:12:12 | 000,018,692 | ---- | C] () pg_hba.conf -> C:\Documents and Settings\michal burmer\Moje dokumenty\pg_hba.conf -> [2011-04-09 18:10:08 | 000,003,649 | ---- | C] () district.odt -> C:\Documents and Settings\michal burmer\Pulpit\district.odt -> [2011-04-09 17:46:55 | 000,024,297 | ---- | C] () bzdury.rtf -> C:\Documents and Settings\michal burmer\Pulpit\bzdury.rtf -> [2011-04-07 18:07:03 | 000,000,743 | ---- | C] () psisdecd.dll -> C:\WINDOWS\System32\psisdecd.dll -> [2011-04-07 18:04:46 | 000,354,816 | ---- | C] () psisrndr.ax -> C:\WINDOWS\System32\psisrndr.ax -> [2011-04-07 18:04:46 | 000,030,208 | ---- | C] () qedwipes.dll -> C:\WINDOWS\System32\dllcache\qedwipes.dll -> [2011-04-07 18:04:45 | 000,733,184 | ---- | C] () mpg2splt.ax -> C:\WINDOWS\System32\dllcache\mpg2splt.ax -> [2011-04-07 18:04:45 | 000,136,192 | ---- | C] () amstream.dll -> C:\WINDOWS\System32\dllcache\amstream.dll -> [2011-04-07 18:04:45 | 000,064,512 | ---- | C] () msdvbnp.ax -> C:\WINDOWS\System32\msdvbnp.ax -> [2011-04-07 18:04:45 | 000,052,224 | ---- | C] () mciqtz32.dll -> C:\WINDOWS\System32\dllcache\mciqtz32.dll -> [2011-04-07 18:04:45 | 000,034,304 | ---- | C] () msdmo.dll -> C:\WINDOWS\System32\dllcache\msdmo.dll -> [2011-04-07 18:04:45 | 000,013,312 | ---- | C] () CoD.INI -> C:\WINDOWS\CoD.INI -> [2011-04-07 17:47:47 | 000,000,745 | ---- | C] () PnkBstrK.sys -> C:\WINDOWS\System32\drivers\PnkBstrK.sys -> [2011-04-06 21:01:57 | 000,137,464 | ---- | C] () PnkBstrB.exe -> C:\WINDOWS\System32\PnkBstrB.exe -> [2011-04-06 21:00:19 | 000,214,520 | ---- | C] () PnkBstrB.xtr -> C:\WINDOWS\System32\PnkBstrB.xtr -> [2011-04-06 21:00:16 | 000,214,520 | ---- | C] () PnkBstrA.exe -> C:\WINDOWS\System32\PnkBstrA.exe -> [2011-04-06 21:00:11 | 000,075,064 | ---- | C] () game.ini -> C:\WINDOWS\game.ini -> [2011-04-06 20:21:36 | 000,000,287 | ---- | C] () cod key.bmp -> C:\Documents and Settings\michal burmer\Moje dokumenty\cod key.bmp -> [2011-04-06 20:12:00 | 003,072,054 | ---- | C] () ac3filter.ax -> C:\WINDOWS\System32\ac3filter.ax -> [2011-04-05 16:57:39 | 000,797,184 | ---- | C] () libFLAC.dll -> C:\WINDOWS\System32\libFLAC.dll -> [2011-04-05 16:57:39 | 000,258,048 | ---- | C] () $_hpcst$.hpc -> C:\Documents and Settings\michal burmer\Dane aplikacji\$_hpcst$.hpc -> [2011-03-16 21:43:00 | 000,002,528 | ---- | C] () xfcodec.dll -> C:\WINDOWS\System32\xfcodec.dll -> [2011-03-15 21:03:46 | 000,036,352 | ---- | C] () NPSWF32.dll -> C:\WINDOWS\System32\NPSWF32.dll -> [2010-11-02 21:19:18 | 002,463,976 | ---- | C] () pdfppt2.dll -> C:\Documents and Settings\All Users\Dane aplikacji\pdfppt2.dll -> [2010-11-02 00:03:36 | 000,001,024 | ---- | C] () pdfmonnt.dll -> C:\WINDOWS\System32\pdfmonnt.dll -> [2010-11-02 00:01:40 | 000,116,224 | ---- | C] () psconv.ini -> C:\WINDOWS\System32\psconv.ini -> [2010-11-02 00:01:38 | 000,000,164 | ---- | C] () PUTTY.RND -> C:\Documents and Settings\michal burmer\Ustawienia lokalne\Dane aplikacji\PUTTY.RND -> [2010-10-29 15:09:39 | 000,000,600 | ---- | C] () winscp.rnd -> C:\Documents and Settings\michal burmer\Dane aplikacji\winscp.rnd -> [2010-10-29 14:29:36 | 000,000,600 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2010-10-17 12:34:36 | 000,000,421 | ---- | C] () ezsidmv.dat -> C:\WINDOWS\System32\ezsidmv.dat -> [2010-09-02 19:27:28 | 000,000,056 | -H-- | C] () mlfcache.dat -> C:\WINDOWS\System32\mlfcache.dat -> [2010-08-18 11:07:43 | 000,103,964 | -H-- | C] () cdplayer.ini -> C:\WINDOWS\cdplayer.ini -> [2010-08-16 22:04:14 | 000,000,024 | ---- | C] () unrar.dll -> C:\WINDOWS\System32\unrar.dll -> [2010-08-16 21:52:30 | 000,165,376 | ---- | C] () avisplitter.ini -> C:\WINDOWS\avisplitter.ini -> [2010-08-16 21:52:28 | 000,000,038 | ---- | C] () xvidcore.dll -> C:\WINDOWS\System32\xvidcore.dll -> [2010-08-16 21:52:25 | 000,810,496 | ---- | C] () xvidvfw.dll -> C:\WINDOWS\System32\xvidvfw.dll -> [2010-08-16 21:52:25 | 000,134,144 | ---- | C] () ff_vfw.dll -> C:\WINDOWS\System32\ff_vfw.dll -> [2010-08-16 21:52:24 | 000,108,032 | ---- | C] () PowerReg.dat -> C:\WINDOWS\PowerReg.dat -> [2010-08-16 12:48:34 | 000,000,430 | ---- | C] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\michal burmer\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010-08-13 15:34:33 | 000,131,584 | ---- | C] () nsreg.dat -> C:\WINDOWS\nsreg.dat -> [2010-08-13 14:59:11 | 000,000,000 | ---- | C] () WININIT.INI -> C:\WINDOWS\WININIT.INI -> [2010-08-13 13:23:39 | 000,000,059 | ---- | C] () oeminfo.ini -> C:\WINDOWS\System32\oeminfo.ini -> [2010-08-13 13:12:08 | 000,029,006 | ---- | C] () HPWebcam.exe -> C:\WINDOWS\HPWebcam.exe -> [2010-08-13 12:49:50 | 000,102,400 | ---- | C] () snp2uvc.sys -> C:\WINDOWS\System32\drivers\snp2uvc.sys -> [2010-08-13 12:49:50 | 000,047,744 | ---- | C] () VMInstNT.exe -> C:\WINDOWS\VMInstNT.exe -> [2010-08-13 12:49:26 | 000,073,728 | ---- | C] () VM303UninstNT.exe -> C:\WINDOWS\VM303UninstNT.exe -> [2010-08-13 12:49:26 | 000,040,960 | ---- | C] () Setup2k.ini -> C:\WINDOWS\System32\Setup2k.ini -> [2010-08-13 12:44:19 | 000,008,181 | ---- | C] () presetup.ini -> C:\WINDOWS\System32\presetup.ini -> [2010-08-13 12:44:19 | 000,000,184 | ---- | C] () rixdicon.dll -> C:\WINDOWS\System32\rixdicon.dll -> [2010-08-13 12:38:46 | 000,016,480 | ---- | C] () ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2010-08-13 12:19:29 | 000,004,293 | ---- | C] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010-08-13 12:18:00 | 000,454,064 | ---- | C] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010-08-13 10:34:10 | 000,002,048 | --S- | C] () emptyregdb.dat -> C:\WINDOWS\System32\emptyregdb.dat -> [2010-08-13 10:27:20 | 000,021,856 | ---- | C] () sn_regbase.dll -> C:\WINDOWS\System32\sn_regbase.dll -> [2010-01-28 20:14:32 | 000,417,792 | ---- | C] () nvwdmcpl.dll -> C:\WINDOWS\System32\nvwdmcpl.dll -> [2006-07-20 20:58:00 | 001,662,976 | ---- | C] () nwiz.exe -> C:\WINDOWS\System32\nwiz.exe -> [2006-07-20 20:58:00 | 001,519,616 | ---- | C] () nview.dll -> C:\WINDOWS\System32\nview.dll -> [2006-07-20 20:58:00 | 001,470,464 | ---- | C] () nvdspsch.exe -> C:\WINDOWS\System32\nvdspsch.exe -> [2006-07-20 20:58:00 | 001,339,392 | ---- | C] () nvwimg.dll -> C:\WINDOWS\System32\nvwimg.dll -> [2006-07-20 20:58:00 | 001,019,904 | ---- | C] () nvshell.dll -> C:\WINDOWS\System32\nvshell.dll -> [2006-07-20 20:58:00 | 000,466,944 | ---- | C] () nvappbar.exe -> C:\WINDOWS\System32\nvappbar.exe -> [2006-07-20 20:58:00 | 000,442,368 | ---- | C] () keystone.exe -> C:\WINDOWS\System32\keystone.exe -> [2006-07-20 20:58:00 | 000,425,984 | ---- | C] () nvapi.dll -> C:\WINDOWS\System32\nvapi.dll -> [2006-07-20 20:58:00 | 000,098,304 | ---- | C] () btprn2k.dll -> C:\WINDOWS\System32\btprn2k.dll -> [2006-05-12 13:23:22 | 000,090,112 | ---- | C] () px.ini -> C:\WINDOWS\System32\px.ini -> [2005-12-03 03:09:10 | 000,000,000 | ---- | C] () dcache.bin -> C:\WINDOWS\System32\dcache.bin -> [2004-08-04 00:56:48 | 000,001,804 | ---- | C] () secupd.dat -> C:\WINDOWS\System32\secupd.dat -> [2004-08-02 14:20:40 | 000,004,569 | ---- | C] () lcppn21.dll -> C:\WINDOWS\System32\lcppn21.dll -> [2001-11-14 13:56:00 | 001,802,240 | ---- | C] () perfh015.dat -> C:\WINDOWS\System32\perfh015.dat -> [2001-10-26 18:15:16 | 000,468,058 | ---- | C] () perfi015.dat -> C:\WINDOWS\System32\perfi015.dat -> [2001-10-26 18:15:16 | 000,313,828 | ---- | C] () perfc015.dat -> C:\WINDOWS\System32\perfc015.dat -> [2001-10-26 18:15:16 | 000,083,612 | ---- | C] () perfd015.dat -> C:\WINDOWS\System32\perfd015.dat -> [2001-10-26 18:15:16 | 000,034,990 | ---- | C] () oembios.bin -> C:\WINDOWS\System32\oembios.bin -> [2001-08-23 15:00:00 | 013,107,200 | ---- | C] () oembios.dat -> C:\WINDOWS\System32\oembios.dat -> [2001-08-23 15:00:00 | 000,004,463 | ---- | C] () perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2001-08-17 23:30:24 | 000,411,196 | ---- | C] () perfi009.dat -> C:\WINDOWS\System32\perfi009.dat -> [2001-08-17 23:30:24 | 000,272,128 | ---- | C] () perfd009.dat -> C:\WINDOWS\System32\perfd009.dat -> [2001-08-17 23:30:24 | 000,028,626 | ---- | C] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2001-08-17 23:30:22 | 000,066,684 | ---- | C] () mib.bin -> C:\WINDOWS\System32\mib.bin -> [2001-08-17 23:15:38 | 000,046,258 | ---- | C] () dssec.dat -> C:\WINDOWS\System32\dssec.dat -> [2001-07-22 00:36:48 | 000,218,003 | ---- | C] () mlang.dat -> C:\WINDOWS\System32\mlang.dat -> [2001-07-22 00:36:04 | 000,673,088 | ---- | C] () noise.dat -> C:\WINDOWS\System32\noise.dat -> [2001-07-22 00:24:16 | 000,000,741 | ---- | C] () S7OSC16X.DLL -> C:\WINDOWS\System32\S7OSC16X.DLL -> [1996-12-19 15:37:38 | 000,103,360 | ---- | C] () S7OSC32X.DLL -> C:\WINDOWS\System32\S7OSC32X.DLL -> [1996-12-19 15:36:48 | 000,014,848 | ---- | C] () < End of report > [/code]