OTL logfile created on: 2011-01-23 13:46:07 - Run 1 OTL by OldTimer - Version 3.2.20.4 Folder = D:\INSTALKI Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,30 Gb Total Space | 4,08 Gb Free Space | 13,94% Space Free | Partition Type: NTFS Drive D: | 39,06 Gb Total Space | 15,07 Gb Free Space | 38,57% Space Free | Partition Type: NTFS Drive E: | 43,43 Gb Total Space | 29,99 Gb Free Space | 69,05% Space Free | Partition Type: NTFS Computer Name: MARCINEK-PC | User Name: Marcinek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-01-23 13:40:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\INSTALKI\OTL.exe PRC - [2011-01-13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-12-11 10:24:06 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-10-16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-10-16 16:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2008-10-16 15:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-01-23 13:40:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\INSTALKI\OTL.exe MOD - [2011-01-13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-10-16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010-03-29 07:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-12-16 18:26:00 | 003,453,712 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2009-09-25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008-10-16 16:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008-10-16 15:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008-01-19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008-01-19 08:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008-01-19 08:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-01-13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011-01-13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011-01-13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011-01-13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011-01-13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-04-11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2008-11-17 06:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2007-10-19 01:29:40 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2007-08-24 00:45:00 | 007,617,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2007-04-03 14:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) DRV - [2007-04-03 14:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116obex.sys -- (s116obex) DRV - [2007-04-03 14:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) DRV - [2007-04-03 14:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) DRV - [2007-04-03 14:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdm.sys -- (s116mdm) DRV - [2007-04-03 14:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdfl.sys -- (s116mdfl) DRV - [2007-04-03 14:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM) DRV - [2007-01-09 09:22:28 | 000,006,144 | ---- | M] (Chic) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\moufiltr.sys -- (moufiltr) DRV - [2006-12-01 19:38:00 | 001,655,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-11-28 02:36:12 | 000,847,392 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lv321av.sys -- (lv321av) Logitech USB PC Camera (VC0321) DRV - [2006-11-02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006-11-02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006-11-02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006-11-02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006-11-02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006-11-02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006-11-02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006-11-02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006-11-02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006-11-02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006-11-02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006-11-02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006-11-02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006-11-02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006-11-02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006-11-02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2006-11-02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2006-11-02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006-10-24 23:36:48 | 000,042,240 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESD7SK.sys -- (ESDCR) DRV - [2006-10-24 23:36:44 | 000,076,928 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESM7SK.sys -- (ESMCR) DRV - [2006-10-24 23:36:36 | 000,062,208 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EMS7SK.sys -- (EMSCR) DRV - [2006-10-17 21:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2006-10-17 21:08:14 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2006-10-17 21:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2006-08-04 03:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2005-08-30 03:47:38 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2812990335-1914237063-744113022-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-2812990335-1914237063-744113022-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2812990335-1914237063-744113022-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/ig?ct=1056755551" FF - prefs.js..extensions.enabledItems: pl@dictionaries.addons.mozilla.org:1.0.20100911 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63 FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-01-06 12:12:59 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-01-06 12:12:59 | 000,000,000 | ---D | M] [2008-08-27 05:44:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Extensions [2011-01-23 02:39:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\extensions [2010-09-18 11:06:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-02 18:34:50 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010-09-12 14:50:22 | 000,000,000 | ---D | M] (Polski slownik poprawnej pisowni) -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\extensions\pl@dictionaries.addons.mozilla.org [2011-01-23 13:35:18 | 000,002,040 | ---- | M] () -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\searchplugins\getionary-en-pl.xml [2011-01-23 13:35:18 | 000,002,018 | ---- | M] () -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\searchplugins\getionary-pl-en.xml [2010-10-03 19:10:21 | 000,001,583 | ---- | M] () -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\searchplugins\web-search.xml [2010-01-23 16:01:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2008-08-27 05:44:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org [2007-04-01 14:59:18 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\Mozilla Firefox\plugins\npdsplay.dll [2008-01-15 11:13:24 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2007-09-03 12:28:54 | 000,599,544 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPPOKER.dll [2007-04-01 14:59:34 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npwmsdrm.dll [2010-09-11 09:01:29 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-09-11 09:01:29 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-09-11 09:01:29 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-09-11 09:01:29 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-09-11 09:01:29 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-09-11 09:01:29 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-01-10 00:34:13 | 000,430,111 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 www.163ns.com O1 - Hosts: 127.0.0.1 163ns.com O1 - Hosts: 14810 more lines... O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 173.192.105.217 173.193.227.124 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O24 - Desktop BackupWallPaper: C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008-11-12 20:58:37 | 000,048,296 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O33 - MountPoints2\{09a0c11e-187e-11df-bd47-0016d4585b87}\Shell\AutoRun\command - "" = G:\Launcher.exe O33 - MountPoints2\{54b24645-e5de-11dc-a0eb-0016d4585b87}\Shell - "" = AutoRun O33 - MountPoints2\{54b24645-e5de-11dc-a0eb-0016d4585b87}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\G\Shell\AutoRun\command - "" = 12gn6id2.exe O33 - MountPoints2\G\Shell\open\Command - "" = 12gn6id2.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-01-23 13:03:21 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011-01-23 13:02:42 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW [2011-01-23 02:44:58 | 000,000,000 | ---D | C] -- C:\Users\Marcinek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tool [2011-01-23 02:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\nGeHj13000 [2011-01-22 10:59:43 | 000,122,880 | ---- | C] (Google Inc.) -- C:\Users\Marcinek\AppData\Roaming\58832.exe [2011-01-14 17:05:50 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011-01-14 17:05:45 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2011-01-06 18:37:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capture-A-ScreenShot [2011-01-06 18:37:01 | 000,000,000 | ---D | C] -- C:\Program Files\Capture-A-ScreenShot [2011-01-06 12:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011-01-06 12:15:13 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011-01-06 12:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011-01-06 12:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011-01-06 12:12:40 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-01-23 13:42:36 | 007,340,032 | ---- | M] () -- C:\Users\Marcinek\NTUSER.DAT [2011-01-23 13:33:12 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-01-23 13:33:12 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-01-23 13:24:13 | 000,697,560 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2011-01-23 13:24:13 | 000,591,320 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-01-23 13:24:13 | 000,103,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-01-23 13:19:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2011-01-23 13:19:52 | 000,264,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-01-23 13:19:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-01-23 13:19:08 | 2145,509,376 | -HS- | M] () -- C:\hiberfil.sys [2011-01-23 13:18:34 | 000,524,288 | -HS- | M] () -- C:\Users\Marcinek\NTUSER.DAT{ac32a7e8-c90f-11dd-91b0-0016d4585b87}.TMContainer00000000000000000002.regtrans-ms [2011-01-23 13:18:34 | 000,065,536 | -HS- | M] () -- C:\Users\Marcinek\NTUSER.DAT{ac32a7e8-c90f-11dd-91b0-0016d4585b87}.TM.blf [2011-01-23 13:13:19 | 000,059,288 | ---- | M] () -- C:\Users\Marcinek\AppData\Local\GDIPFONTCACHEV1.DAT [2011-01-23 02:55:00 | 000,041,336 | ---- | M] () -- C:\Users\Marcinek\AppData\Roaming\nvModes.001 [2011-01-22 10:59:44 | 000,122,880 | ---- | M] (Google Inc.) -- C:\Users\Marcinek\AppData\Roaming\58832.exe [2011-01-21 01:45:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At4.job [2011-01-17 01:15:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At3.job [2011-01-17 01:15:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At2.job [2011-01-17 01:15:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At1.job [2011-01-14 17:30:37 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2011-01-13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011-01-13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2011-01-13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2011-01-13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2011-01-13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2011-01-13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2011-01-13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2011-01-10 00:34:13 | 000,430,111 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011-01-06 18:37:02 | 000,000,896 | ---- | M] () -- C:\Users\Marcinek\Desktop\Capture-A-ScreenShot.lnk [2010-12-28 16:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2010-12-26 12:18:12 | 000,002,432 | ---- | M] () -- C:\Users\Marcinek\AppData\Local\Tempst3908.html [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-01-23 13:19:08 | 2145,509,376 | -HS- | C] () -- C:\hiberfil.sys [2011-01-21 01:07:46 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At4.job [2011-01-17 00:52:22 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At3.job [2011-01-17 00:52:01 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At2.job [2011-01-17 00:52:00 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At1.job [2011-01-06 18:37:02 | 000,000,896 | ---- | C] () -- C:\Users\Marcinek\Desktop\Capture-A-ScreenShot.lnk [2010-12-26 11:50:07 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\Tempst3908.html [2010-12-19 22:41:40 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\Tempfu5640.html [2010-12-12 14:25:30 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\TempAp1792.html [2010-11-21 19:53:02 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\TempHO1304.html [2010-11-11 20:16:08 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\TempVs3956.html [2010-11-11 20:16:08 | 000,002,089 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\TempBN3956.html [2010-11-11 16:44:44 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\TempVa3112.html [2010-11-05 22:22:32 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\Tempmh3560.html [2010-05-16 21:24:34 | 000,000,012 | ---- | C] () -- C:\Users\Marcinek\AppData\Roaming\qvjsge.dat [2010-01-03 14:11:22 | 000,027,456 | ---- | C] () -- C:\Windows\System32\solidlocalmon.dll [2010-01-03 14:11:22 | 000,018,752 | ---- | C] () -- C:\Windows\System32\solidlocalui.dll [2010-01-03 13:42:21 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfmonnt.dll [2009-12-25 19:11:52 | 000,112,688 | ---- | C] () -- C:\Windows\System32\shw32.dll [2009-10-23 18:21:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009-10-23 18:20:51 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll [2009-08-12 21:41:10 | 000,001,356 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\d3d9caps.dat [2008-12-31 00:04:08 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll [2008-12-31 00:04:08 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll [2008-12-31 00:04:08 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll [2008-12-31 00:04:07 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2008-12-31 00:04:07 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll [2008-07-01 18:08:21 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini [2008-02-11 09:39:26 | 000,253,952 | ---- | C] () -- C:\Windows\System32\OnlineScannerDLLA.dll [2008-02-11 09:39:18 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OnlineScannerDLLW.dll [2008-02-08 13:53:46 | 000,110,592 | ---- | C] () -- C:\Windows\System32\OnlineScannerLang.dll [2008-01-13 12:34:35 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat [2008-01-12 19:44:31 | 000,041,336 | ---- | C] () -- C:\Users\Marcinek\AppData\Roaming\nvModes.001 [2008-01-12 19:17:53 | 000,041,336 | ---- | C] () -- C:\Users\Marcinek\AppData\Roaming\nvModes.dat [2008-01-12 18:27:26 | 000,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2008-01-12 17:27:53 | 000,113,152 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-01-12 17:03:23 | 000,356,352 | ---- | C] () -- C:\Windows\EMCRI.dll [2008-01-12 16:39:54 | 000,059,288 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\GDIPFONTCACHEV1.DAT [2007-07-27 14:49:02 | 000,225,355 | ---- | C] () -- C:\Windows\System32\lnod32apiW.dll [2007-07-27 14:49:02 | 000,196,683 | ---- | C] () -- C:\Windows\System32\lnod32apiA.dll [2007-03-25 17:44:20 | 000,042,594 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2006-11-02 13:50:50 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 11:33:01 | 000,697,560 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [2006-11-02 11:24:31 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2006-11-02 11:23:31 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2006-11-02 11:23:31 | 000,000,179 | ---- | C] () -- C:\Windows\win.ini [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 08:09:45 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys [2006-11-02 08:09:44 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS [2006-11-02 08:09:44 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS [2006-11-02 08:09:42 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS [2006-11-02 08:09:41 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS [2006-11-02 08:09:40 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS [2006-11-02 08:09:38 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS [2006-11-02 08:09:35 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS [2006-11-02 08:09:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS [2006-11-02 08:09:29 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS [2006-11-02 08:09:26 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS [2006-11-02 08:09:24 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS [2006-11-02 08:09:23 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS [2006-11-02 08:09:22 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS [2006-11-02 08:09:20 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS [2006-11-02 07:25:08 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll [2005-12-05 19:25:22 | 000,139,264 | ---- | C] () -- C:\Windows\System32\lnod32umc.dll [2005-12-05 12:37:10 | 000,106,496 | ---- | C] () -- C:\Windows\System32\lnod32upd.dll [color=#E56717]========== LOP Check ==========[/color] [2008-11-16 13:51:27 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\Activision [2010-03-21 12:15:35 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2010-11-05 22:21:26 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\Gadu-Gadu 10 [2008-07-12 16:52:06 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\GanymedeNet [2010-01-10 00:48:34 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\IObit [2009-04-06 22:50:57 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\Nowe Gadu-Gadu [2010-01-02 23:42:14 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\OpenFM [2009-03-21 13:32:07 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\OpenOffice.org [2010-01-10 00:52:38 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\RayV [2010-01-03 14:34:54 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\SolidDocuments [2009-12-26 11:11:08 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\Thinstall [2009-08-12 17:19:14 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\UpdateStar [2011-01-17 01:15:00 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\At1.job [2011-01-17 01:15:00 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\At2.job [2011-01-17 01:15:00 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\At3.job [2011-01-21 01:45:00 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\At4.job [2011-01-23 12:57:58 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report > PRC - [2011-01-23 13:40:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\INSTALKI\OTL.exe PRC - [2011-01-13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-12-11 10:24:06 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-01-23 13:40:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\INSTALKI\OTL.exe MOD - [2011-01-13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-10-16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010-03-29 07:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-12-16 18:26:00 | 003,453,712 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2009-09-25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008-10-16 16:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008-10-16 15:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008-01-19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008-01-19 08:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008-01-19 08:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-01-13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011-01-13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011-01-13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011-01-13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011-01-13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-04-11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2008-11-17 06:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2007-10-19 01:29:40 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2007-08-24 00:45:00 | 007,617,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2007-04-03 14:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) DRV - [2007-04-03 14:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116obex.sys -- (s116obex) DRV - [2007-04-03 14:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) DRV - [2007-04-03 14:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) DRV - [2007-04-03 14:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdm.sys -- (s116mdm) DRV - [2007-04-03 14:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdfl.sys -- (s116mdfl) DRV - [2007-04-03 14:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM) DRV - [2007-01-09 09:22:28 | 000,006,144 | ---- | M] (Chic) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\moufiltr.sys -- (moufiltr) DRV - [2006-12-01 19:38:00 | 001,655,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-11-28 02:36:12 | 000,847,392 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lv321av.sys -- (lv321av) Logitech USB PC Camera (VC0321) DRV - [2006-11-02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006-11-02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006-11-02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006-11-02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006-11-02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006-11-02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006-11-02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006-11-02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006-11-02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006-11-02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006-11-02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006-11-02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006-11-02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006-11-02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006-11-02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006-11-02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2006-11-02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2006-11-02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006-10-24 23:36:48 | 000,042,240 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESD7SK.sys -- (ESDCR) DRV - [2006-10-24 23:36:44 | 000,076,928 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESM7SK.sys -- (ESMCR) DRV - [2006-10-24 23:36:36 | 000,062,208 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EMS7SK.sys -- (EMSCR) DRV - [2006-10-17 21:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2006-10-17 21:08:14 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2006-10-17 21:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2006-08-04 03:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2005-08-30 03:47:38 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2812990335-1914237063-744113022-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-2812990335-1914237063-744113022-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2812990335-1914237063-744113022-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/ig?ct=1056755551" FF - prefs.js..extensions.enabledItems: pl@dictionaries.addons.mozilla.org:1.0.20100911 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63 FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-01-06 12:12:59 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-01-06 12:12:59 | 000,000,000 | ---D | M] [2008-08-27 05:44:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Extensions [2011-01-23 02:39:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\extensions [2010-09-18 11:06:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-02 18:34:50 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010-09-12 14:50:22 | 000,000,000 | ---D | M] (Polski slownik poprawnej pisowni) -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\extensions\pl@dictionaries.addons.mozilla.org [2011-01-23 13:35:18 | 000,002,040 | ---- | M] () -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\searchplugins\getionary-en-pl.xml [2011-01-23 13:35:18 | 000,002,018 | ---- | M] () -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\searchplugins\getionary-pl-en.xml [2010-10-03 19:10:21 | 000,001,583 | ---- | M] () -- C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Profiles\9zu08d9d.default\searchplugins\web-search.xml [2010-01-23 16:01:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2008-08-27 05:44:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org [2007-04-01 14:59:18 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\Mozilla Firefox\plugins\npdsplay.dll [2008-01-15 11:13:24 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2007-09-03 12:28:54 | 000,599,544 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPPOKER.dll [2007-04-01 14:59:34 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npwmsdrm.dll [2010-09-11 09:01:29 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-09-11 09:01:29 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-09-11 09:01:29 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-09-11 09:01:29 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-09-11 09:01:29 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-09-11 09:01:29 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-01-10 00:34:13 | 000,430,111 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 www.163ns.com O1 - Hosts: 127.0.0.1 163ns.com O1 - Hosts: 14810 more lines... O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 173.192.105.217 173.193.227.124 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O24 - Desktop BackupWallPaper: C:\Users\Marcinek\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008-11-12 20:58:37 | 000,048,296 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O33 - MountPoints2\{09a0c11e-187e-11df-bd47-0016d4585b87}\Shell\AutoRun\command - "" = G:\Launcher.exe O33 - MountPoints2\{54b24645-e5de-11dc-a0eb-0016d4585b87}\Shell - "" = AutoRun O33 - MountPoints2\{54b24645-e5de-11dc-a0eb-0016d4585b87}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\G\Shell\AutoRun\command - "" = 12gn6id2.exe O33 - MountPoints2\G\Shell\open\Command - "" = 12gn6id2.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-01-23 13:03:21 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011-01-23 13:02:42 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW [2011-01-23 02:44:58 | 000,000,000 | ---D | C] -- C:\Users\Marcinek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tool [2011-01-23 02:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\nGeHj13000 [2011-01-22 10:59:43 | 000,122,880 | ---- | C] (Google Inc.) -- C:\Users\Marcinek\AppData\Roaming\58832.exe [2011-01-14 17:05:50 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011-01-14 17:05:45 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2011-01-06 18:37:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capture-A-ScreenShot [2011-01-06 18:37:01 | 000,000,000 | ---D | C] -- C:\Program Files\Capture-A-ScreenShot [2011-01-06 12:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011-01-06 12:15:13 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011-01-06 12:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011-01-06 12:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011-01-06 12:12:40 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-01-23 13:51:30 | 007,340,032 | ---- | M] () -- C:\Users\Marcinek\NTUSER.DAT [2011-01-23 13:33:12 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-01-23 13:33:12 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-01-23 13:24:13 | 000,697,560 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2011-01-23 13:24:13 | 000,591,320 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-01-23 13:24:13 | 000,103,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-01-23 13:19:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2011-01-23 13:19:52 | 000,264,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-01-23 13:19:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-01-23 13:19:08 | 2145,509,376 | -HS- | M] () -- C:\hiberfil.sys [2011-01-23 13:18:34 | 000,524,288 | -HS- | M] () -- C:\Users\Marcinek\NTUSER.DAT{ac32a7e8-c90f-11dd-91b0-0016d4585b87}.TMContainer00000000000000000002.regtrans-ms [2011-01-23 13:18:34 | 000,065,536 | -HS- | M] () -- C:\Users\Marcinek\NTUSER.DAT{ac32a7e8-c90f-11dd-91b0-0016d4585b87}.TM.blf [2011-01-23 13:13:19 | 000,059,288 | ---- | M] () -- C:\Users\Marcinek\AppData\Local\GDIPFONTCACHEV1.DAT [2011-01-23 02:55:00 | 000,041,336 | ---- | M] () -- C:\Users\Marcinek\AppData\Roaming\nvModes.001 [2011-01-22 10:59:44 | 000,122,880 | ---- | M] (Google Inc.) -- C:\Users\Marcinek\AppData\Roaming\58832.exe [2011-01-21 01:45:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At4.job [2011-01-17 01:15:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At3.job [2011-01-17 01:15:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At2.job [2011-01-17 01:15:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At1.job [2011-01-14 17:30:37 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2011-01-13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011-01-13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2011-01-13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2011-01-13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2011-01-13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2011-01-13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2011-01-13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2011-01-10 00:34:13 | 000,430,111 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011-01-06 18:37:02 | 000,000,896 | ---- | M] () -- C:\Users\Marcinek\Desktop\Capture-A-ScreenShot.lnk [2010-12-28 16:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2010-12-26 12:18:12 | 000,002,432 | ---- | M] () -- C:\Users\Marcinek\AppData\Local\Tempst3908.html [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-01-23 13:19:08 | 2145,509,376 | -HS- | C] () -- C:\hiberfil.sys [2011-01-21 01:07:46 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At4.job [2011-01-17 00:52:22 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At3.job [2011-01-17 00:52:01 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At2.job [2011-01-17 00:52:00 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At1.job [2011-01-06 18:37:02 | 000,000,896 | ---- | C] () -- C:\Users\Marcinek\Desktop\Capture-A-ScreenShot.lnk [2010-12-26 11:50:07 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\Tempst3908.html [2010-12-19 22:41:40 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\Tempfu5640.html [2010-12-12 14:25:30 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\TempAp1792.html [2010-11-21 19:53:02 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\TempHO1304.html [2010-11-11 20:16:08 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\TempVs3956.html [2010-11-11 20:16:08 | 000,002,089 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\TempBN3956.html [2010-11-11 16:44:44 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\TempVa3112.html [2010-11-05 22:22:32 | 000,002,432 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\Tempmh3560.html [2010-05-16 21:24:34 | 000,000,012 | ---- | C] () -- C:\Users\Marcinek\AppData\Roaming\qvjsge.dat [2010-01-03 14:11:22 | 000,027,456 | ---- | C] () -- C:\Windows\System32\solidlocalmon.dll [2010-01-03 14:11:22 | 000,018,752 | ---- | C] () -- C:\Windows\System32\solidlocalui.dll [2010-01-03 13:42:21 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfmonnt.dll [2009-12-25 19:11:52 | 000,112,688 | ---- | C] () -- C:\Windows\System32\shw32.dll [2009-10-23 18:21:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009-10-23 18:20:51 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll [2009-08-12 21:41:10 | 000,001,356 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\d3d9caps.dat [2008-12-31 00:04:08 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll [2008-12-31 00:04:08 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll [2008-12-31 00:04:08 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll [2008-12-31 00:04:07 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2008-12-31 00:04:07 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll [2008-07-01 18:08:21 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini [2008-02-11 09:39:26 | 000,253,952 | ---- | C] () -- C:\Windows\System32\OnlineScannerDLLA.dll [2008-02-11 09:39:18 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OnlineScannerDLLW.dll [2008-02-08 13:53:46 | 000,110,592 | ---- | C] () -- C:\Windows\System32\OnlineScannerLang.dll [2008-01-13 12:34:35 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat [2008-01-12 19:44:31 | 000,041,336 | ---- | C] () -- C:\Users\Marcinek\AppData\Roaming\nvModes.001 [2008-01-12 19:17:53 | 000,041,336 | ---- | C] () -- C:\Users\Marcinek\AppData\Roaming\nvModes.dat [2008-01-12 18:27:26 | 000,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2008-01-12 17:27:53 | 000,113,152 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-01-12 17:03:23 | 000,356,352 | ---- | C] () -- C:\Windows\EMCRI.dll [2008-01-12 16:39:54 | 000,059,288 | ---- | C] () -- C:\Users\Marcinek\AppData\Local\GDIPFONTCACHEV1.DAT [2007-07-27 14:49:02 | 000,225,355 | ---- | C] () -- C:\Windows\System32\lnod32apiW.dll [2007-07-27 14:49:02 | 000,196,683 | ---- | C] () -- C:\Windows\System32\lnod32apiA.dll [2007-03-25 17:44:20 | 000,042,594 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2006-11-02 13:50:50 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 11:33:01 | 000,697,560 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [2006-11-02 11:24:31 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2006-11-02 11:23:31 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2006-11-02 11:23:31 | 000,000,179 | ---- | C] () -- C:\Windows\win.ini [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 08:09:45 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys [2006-11-02 08:09:44 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS [2006-11-02 08:09:44 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS [2006-11-02 08:09:42 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS [2006-11-02 08:09:41 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS [2006-11-02 08:09:40 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS [2006-11-02 08:09:38 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS [2006-11-02 08:09:35 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS [2006-11-02 08:09:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS [2006-11-02 08:09:29 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS [2006-11-02 08:09:26 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS [2006-11-02 08:09:24 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS [2006-11-02 08:09:23 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS [2006-11-02 08:09:22 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS [2006-11-02 08:09:20 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS [2006-11-02 07:25:08 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll [2005-12-05 19:25:22 | 000,139,264 | ---- | C] () -- C:\Windows\System32\lnod32umc.dll [2005-12-05 12:37:10 | 000,106,496 | ---- | C] () -- C:\Windows\System32\lnod32upd.dll [color=#E56717]========== LOP Check ==========[/color] [2008-11-16 13:51:27 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\Activision [2010-03-21 12:15:35 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2010-11-05 22:21:26 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\Gadu-Gadu 10 [2008-07-12 16:52:06 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\GanymedeNet [2010-01-10 00:48:34 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\IObit [2009-04-06 22:50:57 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\Nowe Gadu-Gadu [2010-01-02 23:42:14 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\OpenFM [2009-03-21 13:32:07 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\OpenOffice.org [2010-01-10 00:52:38 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\RayV [2010-01-03 14:34:54 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\SolidDocuments [2009-12-26 11:11:08 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\Thinstall [2009-08-12 17:19:14 | 000,000,000 | ---D | M] -- C:\Users\Marcinek\AppData\Roaming\UpdateStar [2011-01-17 01:15:00 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\At1.job [2011-01-17 01:15:00 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\At2.job [2011-01-17 01:15:00 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\At3.job [2011-01-21 01:45:00 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\At4.job [2011-01-23 12:57:58 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >