OTL logfile created on: 2012-09-29 12:22:57 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Konop\My Documents\Pobieranie Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 1014,37 Mb Total Physical Memory | 355,65 Mb Available Physical Memory | 35,06% Memory free 2,38 Gb Paging File | 1,74 Gb Available in Paging File | 73,16% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 87,06 Gb Total Space | 0,23 Gb Free Space | 0,27% Space Free | Partition Type: NTFS Drive F: | 18,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 1,83 Gb Total Space | 0,22 Gb Free Space | 11,75% Space Free | Partition Type: FAT Computer Name: KONOP | User Name: Konop | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-09-29 12:17:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Konop\My Documents\Pobieranie\OTL.exe PRC - [2012-09-10 20:03:29 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe PRC - [2012-07-26 19:52:04 | 001,095,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe PRC - [2012-07-26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe PRC - [2012-06-03 13:44:06 | 000,514,048 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe PRC - [2012-06-03 13:43:28 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\ouc.exe PRC - [2011-03-14 17:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe PRC - [2011-01-27 16:00:14 | 000,180,032 | ---- | M] (Solid Documents, LLC) -- C:\WINDOWS\Installer\MSIF1.tmp PRC - [2010-02-04 04:05:56 | 000,660,136 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnmon.exe PRC - [2010-02-04 04:05:54 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnmsdmon.exe PRC - [2009-09-28 03:02:44 | 001,524,824 | ---- | M] (PeerBlock, LLC) -- C:\Program Files\PeerBlock\peerblock.exe PRC - [2008-04-14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-11-28 10:12:40 | 000,589,824 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdncoms.exe PRC - [2007-10-12 16:29:52 | 000,212,992 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\All Users\Desktop\Kaspersky Lab Tool\setup_7.0.0.180_18.05.2008_22-36.exe PRC - [2007-01-22 05:30:43 | 000,054,784 | ---- | M] (Macrovision) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE PRC - [2006-10-18 18:04:28 | 000,802,816 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2006-10-18 17:58:16 | 000,696,320 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe PRC - [2006-09-21 08:33:01 | 000,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe PRC - [2006-08-10 18:58:38 | 000,200,704 | ---- | M] (A4Tech Co., Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe PRC - [2006-06-26 10:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe PRC - [2006-05-03 03:12:00 | 000,098,304 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe PRC - [2006-04-06 21:58:52 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe PRC - [2006-04-06 21:57:54 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe PRC - [2006-03-24 23:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe PRC - [2005-11-11 16:43:04 | 000,548,864 | ---- | M] (McAfee Corporation) -- C:\Program Files\McAfee.com\Personal Firewall\MpfService.exe PRC - [2005-10-13 19:56:16 | 000,126,976 | ---- | M] (McAfee, Inc) -- c:\Program Files\McAfee.com\Agent\Mcdetect.exe PRC - [2005-09-22 18:29:08 | 000,303,104 | ---- | M] (McAfee, Inc) -- c:\Program Files\McAfee.com\Agent\mcagent.exe PRC - [2005-09-08 12:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE PRC - [2005-08-24 23:01:04 | 000,122,368 | ---- | M] (McAfee, Inc) -- c:\Program Files\McAfee.com\Agent\McTskshd.exe PRC - [2005-08-12 05:02:44 | 000,053,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\VSO\oasclnt.exe PRC - [2005-08-10 19:49:20 | 000,163,840 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\VSO\mcvsshld.exe PRC - [2005-08-10 18:22:02 | 000,221,184 | ---- | M] (McAfee Inc.) -- c:\Program Files\McAfee.com\VSO\McShield.exe PRC - [2005-07-08 18:18:22 | 000,151,552 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\VSO\mcmnhdlr.exe PRC - [2003-09-10 09:24:00 | 000,020,480 | ---- | M] () -- C:\Program Files\NetWaiting\netwaiting.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-09-10 20:03:27 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox 3 Beta 5\mozjs.dll MOD - [2012-06-03 13:44:06 | 000,514,048 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe MOD - [2012-06-03 13:43:34 | 001,148,416 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll MOD - [2012-06-03 13:43:34 | 000,808,960 | ---- | M] () -- C:\Program Files\PLAY ONLINE\SMSUIPlugin.dll MOD - [2012-06-03 13:43:34 | 000,670,720 | ---- | M] () -- C:\Program Files\PLAY ONLINE\SmsAppPlugin.dll MOD - [2012-06-03 13:43:34 | 000,398,336 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\QtXml4.dll MOD - [2012-06-03 13:43:34 | 000,384,512 | ---- | M] () -- C:\Program Files\PLAY ONLINE\USSDUIPlugin.dll MOD - [2012-06-03 13:43:34 | 000,384,512 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\QueryStrategy.dll MOD - [2012-06-03 13:43:34 | 000,310,272 | ---- | M] () -- C:\Program Files\PLAY ONLINE\StatusBarMgrPlugin.dll MOD - [2012-06-03 13:43:34 | 000,261,632 | ---- | M] () -- C:\Program Files\PLAY ONLINE\sdk.dll MOD - [2012-06-03 13:43:34 | 000,240,128 | ---- | M] () -- C:\Program Files\PLAY ONLINE\ToolBarMgrPlugin.dll MOD - [2012-06-03 13:43:34 | 000,217,600 | ---- | M] () -- C:\Program Files\PLAY ONLINE\SmsSrvPlugin.dll MOD - [2012-06-03 13:43:34 | 000,190,464 | ---- | M] () -- C:\Program Files\PLAY ONLINE\XFramePlugin.dll MOD - [2012-06-03 13:43:34 | 000,159,232 | ---- | M] () -- C:\Program Files\PLAY ONLINE\XCodec.dll MOD - [2012-06-03 13:43:34 | 000,156,672 | ---- | M] () -- C:\Program Files\PLAY ONLINE\STKSrvPlugin.dll MOD - [2012-06-03 13:43:34 | 000,142,336 | ---- | M] () -- C:\Program Files\PLAY ONLINE\USSDSrvPlugin.dll MOD - [2012-06-03 13:43:34 | 000,135,168 | ---- | M] () -- C:\Program Files\PLAY ONLINE\Trace.dll MOD - [2012-06-03 13:43:34 | 000,106,496 | ---- | M] () -- C:\Program Files\PLAY ONLINE\Win7Support.dll MOD - [2012-06-03 13:43:33 | 009,515,520 | ---- | M] () -- C:\Program Files\PLAY ONLINE\QtGui4.dll MOD - [2012-06-03 13:43:33 | 001,148,416 | ---- | M] () -- C:\Program Files\PLAY ONLINE\QtNetwork4.dll MOD - [2012-06-03 13:43:33 | 000,370,176 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qtiff4.dll MOD - [2012-06-03 13:43:31 | 002,415,104 | ---- | M] () -- C:\Program Files\PLAY ONLINE\QtCore4.dll MOD - [2012-06-03 13:43:31 | 002,415,104 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\QtCore4.dll MOD - [2012-06-03 13:43:30 | 000,545,280 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PluginContainer.dll MOD - [2012-06-03 13:43:30 | 000,381,952 | ---- | M] () -- C:\Program Files\PLAY ONLINE\Proxy.dll MOD - [2012-06-03 13:43:30 | 000,350,720 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qmng4.dll MOD - [2012-06-03 13:43:30 | 000,192,000 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qjpeg4.dll MOD - [2012-06-03 13:43:30 | 000,082,944 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qgif4.dll MOD - [2012-06-03 13:43:30 | 000,081,920 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qico4.dll MOD - [2012-06-03 13:43:29 | 001,101,824 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NDISAPI.dll MOD - [2012-06-03 13:43:29 | 000,495,104 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DeviceMgrUIPlugin.dll MOD - [2012-06-03 13:43:29 | 000,483,328 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetInfoUIExPlugin.dll MOD - [2012-06-03 13:43:29 | 000,427,008 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DialupUIPlugin.dll MOD - [2012-06-03 13:43:29 | 000,338,432 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DeviceAppPlugin.dll MOD - [2012-06-03 13:43:29 | 000,334,848 | ---- | M] () -- C:\Program Files\PLAY ONLINE\MainpagePlugin.dll MOD - [2012-06-03 13:43:29 | 000,333,312 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetConnectPlugin.dll MOD - [2012-06-03 13:43:29 | 000,301,056 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DeviceSrvPlugin.dll MOD - [2012-06-03 13:43:29 | 000,278,528 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetInfoSrvPlugin.dll MOD - [2012-06-03 13:43:29 | 000,269,824 | ---- | M] () -- C:\Program Files\PLAY ONLINE\LiveUpdateInterface.dll MOD - [2012-06-03 13:43:29 | 000,249,344 | ---- | M] () -- C:\Program Files\PLAY ONLINE\MenuMgrPlugin.dll MOD - [2012-06-03 13:43:29 | 000,235,008 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetSrvPlugin.dll MOD - [2012-06-03 13:43:29 | 000,211,968 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DialUpPlugin.dll MOD - [2012-06-03 13:43:29 | 000,180,224 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NDISPlugin.dll MOD - [2012-06-03 13:43:29 | 000,158,720 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetConnectSrvPlugin.dll MOD - [2012-06-03 13:43:29 | 000,133,120 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSDialup.dll MOD - [2012-06-03 13:43:29 | 000,131,072 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSNDIS.dll MOD - [2012-06-03 13:43:29 | 000,118,272 | ---- | M] () -- C:\Program Files\PLAY ONLINE\LayoutPlugin.dll MOD - [2012-06-03 13:43:29 | 000,101,376 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSAdapt.dll MOD - [2012-06-03 13:43:29 | 000,093,184 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NotifyServicePlugin.dll MOD - [2012-06-03 13:43:29 | 000,065,536 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSPowerMgr.dll MOD - [2012-06-03 13:43:29 | 000,062,976 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSCall.dll MOD - [2012-06-03 13:43:29 | 000,043,008 | ---- | M] () -- C:\Program Files\PLAY ONLINE\libgcc_s_dw2-1.dll MOD - [2012-06-03 13:43:29 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll MOD - [2012-06-03 13:43:29 | 000,011,362 | ---- | M] () -- C:\Program Files\PLAY ONLINE\mingwm10.dll MOD - [2012-06-03 13:43:29 | 000,011,362 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\mingwm10.dll MOD - [2012-06-03 13:43:28 | 001,077,248 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AddrBookPlugin.dll MOD - [2012-06-03 13:43:28 | 000,739,328 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AddrBookUIPlugin.dll MOD - [2012-06-03 13:43:28 | 000,550,400 | ---- | M] () -- C:\Program Files\PLAY ONLINE\CallAppPlugin.dll MOD - [2012-06-03 13:43:28 | 000,547,840 | ---- | M] () -- C:\Program Files\PLAY ONLINE\CallLogSrvPlugin.dll MOD - [2012-06-03 13:43:28 | 000,428,032 | ---- | M] () -- C:\Program Files\PLAY ONLINE\core.dll MOD - [2012-06-03 13:43:28 | 000,264,704 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AddrBookSrvPlugin.dll MOD - [2012-06-03 13:43:28 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE\OnlineUpdate\ouc.exe MOD - [2012-06-03 13:43:28 | 000,238,080 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AtCodec.dll MOD - [2012-06-03 13:43:28 | 000,218,112 | ---- | M] () -- C:\Program Files\PLAY ONLINE\Common.dll MOD - [2012-06-03 13:43:28 | 000,176,128 | ---- | M] () -- C:\Program Files\PLAY ONLINE\CallSrvPlugin.dll MOD - [2012-06-03 13:43:28 | 000,157,184 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DataServicePlugin.dll MOD - [2012-06-03 13:43:28 | 000,123,392 | ---- | M] () -- C:\Program Files\PLAY ONLINE\ATR2SMgr.dll MOD - [2011-06-06 12:55:36 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL MOD - [2011-03-24 04:22:57 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll MOD - [2011-03-24 04:19:53 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll MOD - [2011-03-24 04:19:26 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll MOD - [2011-03-24 04:18:41 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll MOD - [2011-03-24 04:15:09 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll MOD - [2011-03-24 04:14:46 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll MOD - [2011-03-14 17:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe MOD - [2011-02-04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll MOD - [2010-12-17 23:34:24 | 000,027,456 | ---- | M] () -- C:\WINDOWS\system32\solidlocalmon.dll MOD - [2010-02-05 20:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll MOD - [2010-02-04 04:05:56 | 000,660,136 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnmon.exe MOD - [2010-02-04 04:05:54 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnmsdmon.exe MOD - [2010-02-03 05:21:48 | 000,036,864 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\app4r.monitor.core.dll MOD - [2010-02-03 05:21:48 | 000,028,672 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\app4r.monitor.common.dll MOD - [2010-02-03 05:20:52 | 000,065,536 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\app4r.devmons.mcmdevmon.dll MOD - [2009-08-13 07:02:22 | 000,147,968 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdndrpp.dll MOD - [2009-07-23 14:49:06 | 000,782,336 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdndrs.dll MOD - [2009-07-23 14:48:30 | 000,380,928 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnscw.dll MOD - [2009-06-26 08:17:08 | 000,012,288 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll MOD - [2009-05-14 08:46:42 | 000,081,920 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdncaps.dll MOD - [2008-04-14 06:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008-04-14 06:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2007-10-02 09:51:10 | 000,069,632 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdncnv4.dll MOD - [2007-05-29 02:39:08 | 000,589,824 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdndatr.dll MOD - [2007-03-26 02:39:36 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdncats.dll MOD - [2006-10-18 17:50:22 | 000,348,160 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll MOD - [2006-05-03 03:12:00 | 000,098,304 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe MOD - [2006-04-06 21:59:08 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll MOD - [2003-09-10 09:24:00 | 000,020,480 | ---- | M] () -- C:\Program Files\NetWaiting\netwaiting.exe MOD - [2001-10-28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-09-10 20:03:27 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-07-26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2012-06-03 13:43:28 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc) SRV - [2011-03-14 17:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe) SRV - [2011-01-27 16:00:14 | 000,180,032 | ---- | M] (Solid Documents, LLC) [Auto | Running] -- C:\WINDOWS\Installer\MSIF1.tmp -- (SPDFToolsReadSpool) SRV - [2010-03-01 02:30:02 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-04-28 04:58:26 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe -- (lxdnCATSCustConnectService) SRV - [2008-03-10 00:59:54 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2007-11-28 10:12:40 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxdncoms.exe -- (lxdn_device) SRV - [2007-10-12 16:29:52 | 000,212,992 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Documents and Settings\All Users\Desktop\Kaspersky Lab Tool\setup_7.0.0.180_18.05.2008_22-36.exe -- (setup_7.0.0.180_18.05.2008_22-36) SRV - [2007-03-07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService) SRV - [2007-01-22 05:30:43 | 000,054,784 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA) SRV - [2006-10-18 18:01:34 | 000,290,816 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) SRV - [2006-09-21 08:33:01 | 000,069,632 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service) SRV - [2006-06-26 10:33:56 | 000,091,696 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher) SRV - [2006-06-26 10:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2006-05-08 04:24:54 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV) SRV - [2006-04-27 17:35:16 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV) SRV - [2006-04-27 17:27:06 | 000,049,241 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR) SRV - [2006-04-27 17:16:28 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV) SRV - [2006-04-06 21:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC) SRV - [2005-11-11 16:43:04 | 000,548,864 | ---- | M] (McAfee Corporation) [Auto | Running] -- C:\Program Files\McAfee.com\Personal Firewall\MpfService.exe -- (MpfService) SRV - [2005-10-13 19:56:16 | 000,126,976 | ---- | M] (McAfee, Inc) [Auto | Running] -- c:\Program Files\McAfee.com\Agent\Mcdetect.exe -- (McDetect.exe) SRV - [2005-08-24 23:01:04 | 000,122,368 | ---- | M] (McAfee, Inc) [Auto | Running] -- c:\Program Files\McAfee.com\Agent\McTskshd.exe -- (McTskshd.exe) SRV - [2005-08-10 18:22:02 | 000,221,184 | ---- | M] (McAfee Inc.) [Auto | Paused] -- c:\Program Files\McAfee.com\VSO\McShield.exe -- (McShield) SRV - [2005-07-13 01:10:18 | 000,963,072 | ---- | M] (McAfee Inc.) [Auto | Stopped] -- C:\Program Files\McAfee\SpamKiller\MSKSrvr.exe -- (MskService) SRV - [2005-07-02 02:22:50 | 000,245,760 | ---- | M] (McAfee, Inc) [On_Demand | Stopped] -- C:\Program Files\McAfee.com\Agent\mcupdmgr.exe -- (mcupdmgr.exe) SRV - [2005-05-04 01:04:28 | 009,150,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe -- (MSSQL$PINNACLESYS) SRV - [2005-05-03 22:42:56 | 000,323,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE -- (SQLAgent$PINNACLESYS) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LV302AV.SYS -- (PID_08A0) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lv302af.sys -- (pepifilter) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\NETwLx32.sys -- (NETwLx32) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012-06-03 13:43:34 | 000,239,488 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2012-06-03 13:43:34 | 000,195,200 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2012-06-03 13:43:34 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2012-06-03 13:43:34 | 000,089,856 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - [2012-06-03 13:43:34 | 000,073,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2012-06-03 13:43:34 | 000,066,688 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_jucdcecm.sys -- (huawei_cdcecm) DRV - [2012-06-03 13:43:34 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV - [2012-06-03 13:43:34 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV - [2009-09-28 03:02:44 | 000,014,424 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter) DRV - [2008-04-14 01:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2008-01-14 12:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ManyCam.sys -- (ManyCam) DRV - [2007-09-25 16:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo) DRV - [2007-09-14 12:34:52 | 000,011,776 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pdiddcci.sys -- (pdiddcci) DRV - [2007-07-05 14:34:52 | 000,134,160 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (klif) DRV - [2007-02-25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv) DRV - [2007-01-31 15:33:46 | 000,005,632 | ---- | M] (GRISOFT, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgarkt.sys -- (AVG Anti-Rootkit) DRV - [2007-01-22 05:30:45 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA) DRV - [2007-01-18 14:00:28 | 000,003,968 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AvgArCln.sys -- (AvgArCln) DRV - [2006-10-30 15:22:41 | 000,642,560 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2006-10-19 09:29:22 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2006-10-05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct) DRV - [2006-08-09 11:10:12 | 000,291,200 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA) DRV - [2006-08-09 11:10:12 | 000,028,160 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM) DRV - [2006-06-26 10:33:40 | 000,023,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2006-06-26 10:33:36 | 001,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv) DRV - [2006-06-26 10:33:28 | 001,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap) DRV - [2006-06-23 00:29:46 | 000,038,960 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2006-06-23 00:29:30 | 000,293,808 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) DRV - [2006-05-16 10:53:00 | 000,013,824 | R--- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt) DRV - [2006-05-16 10:51:50 | 000,013,824 | R--- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amps2prt.sys -- (Amps2prt) DRV - [2006-03-24 23:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2006-01-11 08:33:32 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter) DRV - [2005-12-04 16:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) DRV - [2005-11-11 16:43:52 | 000,080,640 | ---- | M] (McAfee) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\MpFirewall.sys -- (MPFIREWL) DRV - [2005-09-08 12:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2005-09-08 12:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2005-09-08 12:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2005-09-08 12:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2005-09-08 12:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2005-09-08 12:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2005-09-08 12:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN) DRV - [2005-08-25 19:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2005-08-25 19:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N) DRV - [2005-08-13 00:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV) DRV - [2005-08-10 18:22:10 | 000,114,464 | ---- | M] (McAfee Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\naiavf5x.sys -- (NaiAvFilter1) DRV - [2005-08-05 03:32:16 | 000,045,312 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2005-07-14 10:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2005-07-14 09:28:38 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2005-07-12 11:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2005-05-26 19:48:50 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k) DRV - [2005-02-11 11:24:24 | 000,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex) DRV - [2005-02-11 11:22:48 | 000,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt) DRV - [2005-02-11 11:21:10 | 000,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm) DRV - [2005-02-11 11:21:02 | 000,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl) DRV - [2005-02-11 11:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) DRV - [2004-08-22 16:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\d347prt.sys -- (d347prt) DRV - [2004-08-22 16:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\d347bus.sys -- (d347bus) DRV - [2002-08-08 15:51:32 | 000,038,951 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETMDUSB.sys -- (NETMDUSB) DRV - [2002-04-26 13:04:16 | 000,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\KMM4XNT.SYS -- (Kmm4xNT) DRV - [2001-10-01 15:37:40 | 000,017,432 | R--- | M] (lecs Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\IcRecUsb.sys -- (IcRecUsb) DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=7700348e-3356-11e1-9b14-001422afecfb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{E063D4B2-7ED1-4BA3-ABAD-90A0A73DC1D9}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=7700348e-3356-11e1-9b14-001422afecfb&q={searchTerms} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=7700348e-3356-11e1-9b14-001422afecfb IE - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.pl/ IE - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.) IE - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\..\SearchScopes,DefaultScope = {E063D4B2-7ED1-4BA3-ABAD-90A0A73DC1D9} IE - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\..\SearchScopes\{905CA784-BFC2-4698-AF75-C7D591160E40}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=1I7ADFA_en IE - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\..\SearchScopes\{9318613E-8229-4814-8BDB-E91968DCB44A}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} IE - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\..\SearchScopes\{E063D4B2-7ED1-4BA3-ABAD-90A0A73DC1D9}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=1I7ADFA_en IE - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledAddons: player@vividas.com:4.1.3 FF - prefs.js..extensions.enabledAddons: SkipScreen@SkipScreen:0.6.4 FF - prefs.js..extensions.enabledAddons: wtxpcom@mybrowserbar.com:6.2 FF - prefs.js..extensions.enabledAddons: ytd@mybrowserbar.com:6.2 FF - prefs.js..extensions.enabledAddons: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15.1 FF - prefs.js..extensions.enabledAddons: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0 FF - prefs.js..extensions.enabledAddons: {7f57cf46-4467-4c2d-adfa-0cba7c507e54}:2.0.6 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3 FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15.1 FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.6.4 FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0 FF - prefs.js..extensions.enabledItems: mil@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: {7f57cf46-4467-4c2d-adfa-0cba7c507e54}:2.0.5 FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:5.8 FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:5.8 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=" FF - prefs.js..network.proxy.backup.ftp: "118.98.16.2" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.gopher: "118.98.16.2" FF - prefs.js..network.proxy.backup.gopher_port: 8080 FF - prefs.js..network.proxy.backup.socks: "118.98.16.2" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "118.98.16.2" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.gopher: "" FF - prefs.js..network.proxy.gopher_port: 0 FF - prefs.js..network.proxy.http: "localhost" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.no_proxies_on: "" FF - prefs.js..network.proxy.socks: "localhost" FF - prefs.js..network.proxy.socks_port: 9050 FF - prefs.js..network.proxy.socks_remote_dns: true FF - prefs.js..network.proxy.ssl: "localhost" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox 3 Beta 5\components [2012-09-10 20:03:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3 Beta 5\plugins [2012-09-10 20:02:39 | 000,000,000 | ---D | M] [2008-04-27 10:00:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Konop\Application Data\Mozilla\Extensions [2012-08-08 23:06:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Konop\Application Data\Mozilla\Firefox\Profiles\vz1gxusu.default\extensions [2010-04-27 19:03:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Konop\Application Data\Mozilla\Firefox\Profiles\vz1gxusu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-07-18 08:32:49 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Konop\Application Data\Mozilla\Firefox\Profiles\vz1gxusu.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2010-03-14 06:23:59 | 000,000,000 | ---D | M] ("UltraSurf Firefox Tool") -- C:\Documents and Settings\Konop\Application Data\Mozilla\Firefox\Profiles\vz1gxusu.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} [2010-08-29 21:08:35 | 000,000,000 | ---D | M] (MakeItLive) -- C:\Documents and Settings\Konop\Application Data\Mozilla\Firefox\Profiles\vz1gxusu.default\extensions\mil@toolbar [2012-07-16 19:09:02 | 000,000,000 | ---D | M] (Vividas player plugin) -- C:\Documents and Settings\Konop\Application Data\Mozilla\Firefox\Profiles\vz1gxusu.default\extensions\player@vividas.com [2012-02-23 10:48:24 | 000,000,000 | ---D | M] (SkipScreen) -- C:\Documents and Settings\Konop\Application Data\Mozilla\Firefox\Profiles\vz1gxusu.default\extensions\SkipScreen@SkipScreen [2012-06-18 23:13:36 | 000,527,037 | ---- | M] () (No name found) -- C:\Documents and Settings\Konop\Application Data\Mozilla\Firefox\Profiles\vz1gxusu.default\extensions\{7f57cf46-4467-4c2d-adfa-0cba7c507e54}.xpi [2012-08-03 21:51:07 | 000,741,958 | ---- | M] () (No name found) -- C:\Documents and Settings\Konop\Application Data\Mozilla\Firefox\Profiles\vz1gxusu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-12-31 04:24:04 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Konop\Application Data\Mozilla\Firefox\Profiles\vz1gxusu.default\searchplugins\startsear.xml [2009-10-03 23:08:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-08-31 18:04:45 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM [2012-08-05 15:59:24 | 000,000,000 | ---D | M] (YTD Toolbar) -- C:\PROGRAM FILES\YTD TOOLBAR\FF [2007-06-08 14:30:00 | 000,630,784 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPBILLARD8.dll [2007-06-08 14:30:00 | 000,630,784 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPSNOOKER.dll [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://startsear.ch/?aff=1&cf=7700348e-3356-11e1-9b14-001422afecfb O1 HOSTS File: ([2011-10-01 18:58:05 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (McAfee AntiPhishing Filter) - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\Program Files\McAfee\SpamKiller\McApfBHO.dll (McAfee, Inc.) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.) O2 - BHO: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKLM\..\Toolbar: (McAfee VirusScan) - {BA52B914-B692-46c4-B683-905236F6F655} - c:\Program Files\McAfee.com\VSO\mcvsshl.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.) O3 - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN File not found O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc) O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe () O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [lxdnamon] C:\Program Files\Lexmark 2600 Series\lxdnamon.exe () O4 - HKLM..\Run: [lxdnmon.exe] C:\Program Files\Lexmark 2600 Series\lxdnmon.exe () O4 - HKLM..\Run: [MCAgentExe] c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc) O4 - HKLM..\Run: [MCUpdateExe] c:\Program Files\McAfee.com\Agent\mcupdate.exe (McAfee, Inc) O4 - HKLM..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe (McAfee, Inc.) O4 - HKLM..\Run: [Pinnacle WebUpdater] C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe (Pinnacle Systems) O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [VSOCheckTask] C:\Program Files\McAfee.com\VSO\mcmnhdlr.exe (McAfee, Inc.) O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co., Ltd.) O4 - HKU\S-1-5-21-638346424-2539838966-2738516937-1005..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe () O4 - HKU\S-1-5-21-638346424-2539838966-2738516937-1005..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC) O4 - Startup: C:\Documents and Settings\Konop\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 43 01 00 00 [binary data] O7 - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O9 - Extra 'Tools' menuitem : McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\Program Files\McAfee\SpamKiller\McApfBHO.dll (McAfee, Inc.) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe () O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe () O9 - Extra Button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-638346424-2539838966-2738516937-1005\..Trusted Domains: mcafee.com ([]https in Trusted sites) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.108.195.21 89.108.202.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C95C943-ABFF-4780-A9E8-407EB9181185}: DhcpNameServer = 89.108.195.21 89.108.202.21 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005-08-16 11:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-05-10 13:48:36 | 000,126,976 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2008-03-07 02:34:52 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-09-12 17:40:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Konop\Desktop\Contacts KARMAR KONTAKTY Z TELEFONU [2012-09-12 16:56:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Konop\Desktop\Pezet - Radio Pezet (2012) [2012-09-10 20:02:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 3 Beta 5 [2 C:\Documents and Settings\Konop\My Documents\*.tmp files -> C:\Documents and Settings\Konop\My Documents\*.tmp -> ] [1 C:\Documents and Settings\Konop\Desktop\*.tmp files -> C:\Documents and Settings\Konop\Desktop\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-09-29 12:17:06 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-09-29 11:37:16 | 000,081,062 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-09-29 11:37:16 | 000,067,102 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-09-29 11:37:15 | 000,155,726 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2012-09-29 11:35:57 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI [2012-09-29 11:35:13 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-09-29 11:32:24 | 000,232,544 | ---- | M] () -- C:\WINDOWS\System32\Status.MPF [2012-09-29 11:32:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2012-09-29 11:31:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-09-29 11:31:55 | 1063,714,816 | -HS- | M] () -- C:\hiberfil.sys [2012-09-29 10:15:59 | 151,642,656 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2012-09-29 10:15:59 | 002,037,836 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2012-09-29 10:15:33 | 015,204,352 | -H-- | M] () -- C:\Documents and Settings\Konop\NTUSER.DAT [2012-09-29 10:15:33 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Konop\ntuser.ini [2012-09-29 09:00:48 | 000,108,032 | ---- | M] () -- C:\Documents and Settings\Konop\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-09-29 09:00:48 | 000,000,041 | ---- | M] () -- C:\WINDOWS\Filzip.ini [2012-09-27 21:09:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-09-25 23:22:56 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\Konop\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2012-09-25 23:22:56 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk [2012-09-24 02:41:53 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (FILIP-Konop).job [2012-09-07 10:49:22 | 000,033,490 | ---- | M] () -- C:\Documents and Settings\Konop\peerblock.dmp [2 C:\Documents and Settings\Konop\My Documents\*.tmp files -> C:\Documents and Settings\Konop\My Documents\*.tmp -> ] [1 C:\Documents and Settings\Konop\Desktop\*.tmp files -> C:\Documents and Settings\Konop\Desktop\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-09-25 23:22:56 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\Konop\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2012-09-25 23:22:56 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk [2012-02-26 05:36:25 | 000,033,490 | ---- | C] () -- C:\Documents and Settings\Konop\peerblock.dmp [2011-06-22 21:57:24 | 000,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib [2011-02-17 12:54:10 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI [2011-01-27 16:00:19 | 000,027,456 | ---- | C] () -- C:\WINDOWS\System32\solidlocalmon.dll [2011-01-27 16:00:19 | 000,018,752 | ---- | C] () -- C:\WINDOWS\System32\solidlocalui.dll [2010-11-17 16:16:09 | 000,000,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini [2010-11-03 16:45:23 | 000,159,836 | ---- | C] () -- C:\WINDOWS\_isusr32.dll [2010-11-03 16:45:19 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\_isusr2k.dll [2010-11-03 11:35:56 | 000,000,094 | ---- | C] () -- C:\WINDOWS\brpcfx.ini [2010-11-03 11:35:55 | 000,000,245 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini [2010-11-03 11:34:54 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08a.dat [2010-11-03 11:34:49 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll [2010-11-03 11:02:14 | 000,031,767 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2010-11-03 10:53:57 | 000,000,153 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini [2010-11-03 10:53:10 | 000,000,685 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini [2010-11-03 10:52:05 | 000,153,870 | ---- | C] () -- C:\WINDOWS\hppins08.dat [2010-11-03 10:52:05 | 000,001,116 | ---- | C] () -- C:\WINDOWS\hppmdl08.dat [2010-11-03 10:49:49 | 000,000,685 | ---- | C] () -- C:\WINDOWS\System32\hppapr08.dat [2010-11-03 10:41:35 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2010-11-03 10:41:35 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2010-11-03 10:41:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini [2010-11-03 10:40:20 | 000,000,074 | ---- | C] () -- C:\WINDOWS\Brownie.ini [2008-11-23 12:40:58 | 000,000,081 | ---- | C] () -- C:\Documents and Settings\Konop\default.pls [2008-06-03 19:55:00 | 000,000,694 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol [2007-02-12 12:07:44 | 000,078,864 | ---- | C] () -- C:\Documents and Settings\Konop\Application Data\GDIPFONTCACHEV1.DAT [2007-02-05 06:35:01 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Konop\klextlock.dat [2006-11-26 21:20:37 | 000,049,152 | ---- | C] ( ) -- C:\Documents and Settings\Konop\CompiledAdapter [2006-10-01 23:32:39 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Konop\Application Data\PFP120JPR.{PB [2006-10-01 23:32:39 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Konop\Application Data\PFP120JCM.{PB [2006-09-04 05:36:50 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Konop\Application Data\dvd.bmk [2006-09-04 05:24:59 | 000,108,032 | ---- | C] () -- C:\Documents and Settings\Konop\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-09-04 03:57:05 | 000,078,800 | ---- | C] () -- C:\Documents and Settings\Konop\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2006-08-30 05:52:32 | 002,110,664 | -H-- | C] () -- C:\Documents and Settings\Konop\Local Settings\Application Data\IconCache.db [2006-08-30 05:52:32 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Konop\Local Settings\Application Data\fusioncache.dat [2006-08-30 05:52:31 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\Konop\ntuser.ini [2006-08-30 05:52:30 | 015,204,352 | -H-- | C] () -- C:\Documents and Settings\Konop\NTUSER.DAT [2006-08-30 05:52:14 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2006-07-24 23:19:40 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare [color=#E56717]========== ZeroAccess Check ==========[/color] [2005-08-16 11:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 06:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 14:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 06:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2010-04-19 23:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton [2010-03-16 13:20:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo [2008-04-07 21:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk [2012-06-03 13:46:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DatacardService [2005-08-17 03:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream [2012-07-15 21:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ipla [2007-02-05 06:35:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kazaa Lite [2010-06-07 15:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lexmark 2600 Series [2010-02-07 03:45:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Locktime [2010-03-12 21:44:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Native Instruments [2006-11-26 18:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle [2009-08-23 21:37:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PIXELA [2012-06-03 13:45:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PLAY ONLINE [2012-01-10 09:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RDRM [2011-11-21 00:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone [2011-01-27 11:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft [2011-01-27 15:58:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SolidDocuments [2010-03-06 16:56:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony [2007-08-06 02:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2011-04-29 03:49:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ThumbnailCache4R [2008-02-03 13:28:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom [2006-07-24 23:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2012-07-10 22:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YouTube Downloader [2012-08-13 21:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader [2011-08-24 07:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zeon [2010-04-19 23:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Ableton [2010-03-16 14:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Ashampoo [2008-04-07 21:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Autodesk [2010-10-07 20:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\BESTplayer [2009-02-24 17:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Broad Intelligence [2010-08-18 21:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\BSW [2009-02-10 14:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Design Science [2009-01-14 15:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\DisplayTune [2012-04-29 18:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2011-12-29 09:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\EAC [2012-09-29 12:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\foobar2000 [2009-01-30 17:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Gadu-Gadu [2007-06-19 17:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\GanymedeNet [2012-08-16 15:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\ipla [2006-09-07 04:47:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Leadertech [2010-06-07 15:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Lexmark Productivity Studio [2010-02-07 17:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Locktime [2010-03-05 00:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\ManyCam [2007-06-12 08:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Microgaming [2010-03-17 23:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\ooVoo Details [2009-10-06 20:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Opera [2006-11-26 21:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Pinnacle Systems [2008-04-08 20:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\PPMate [2008-08-18 05:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\ppStream [2010-03-06 17:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Publish Providers [2011-01-13 23:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\RDRM [2011-08-24 07:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\ScanSoft [2012-08-03 22:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Search Settings [2010-11-03 16:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Sharp [2012-03-23 16:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\SolidDocuments [2010-03-06 17:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Sony [2010-03-06 22:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Sony Creative Software [2010-03-19 19:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Sports Interactive [2010-04-10 01:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\StreamTorrent [2009-12-16 15:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Thinstall [2008-02-03 13:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\TomTom [2012-09-26 16:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\uTorrent [2011-07-11 21:46:23 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Konop\Application Data\Virtual CD v10 [2012-06-19 13:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\wtxpcom [2009-03-12 08:23:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\XnView [2011-11-27 21:04:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\YouTube Downloader [2012-08-08 23:06:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\YTD [2011-08-24 07:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konop\Application Data\Zeon [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844 < End of report >