OTL logfile created on: 2/10/2011 8:28:49 PM - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\lapek\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 75.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 87.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 172.79 Gb Total Space | 125.23 Gb Free Space | 72.47% Space Free | Partition Type: NTFS Drive D: | 115.20 Gb Total Space | 86.84 Gb Free Space | 75.38% Space Free | Partition Type: NTFS Computer Name: LAPEK | User Name: lapek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/02/10 20:26:58 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\lapek\Downloads\OTL_3.2.20.6(dobreprogramy.pl).exe PRC - [2010/09/03 15:15:44 | 009,726,568 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2010/03/02 07:41:18 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe PRC - [2010/03/02 07:41:16 | 001,590,536 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe PRC - [2010/03/02 07:41:08 | 001,500,424 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe PRC - [2010/02/26 01:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccsvchst.exe PRC - [2010/01/19 17:29:02 | 000,713,544 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2010/01/19 17:27:18 | 001,043,784 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2009/11/06 10:59:04 | 002,244,608 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/07/13 10:01:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009/07/13 10:01:28 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009/07/09 15:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MSIService.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011/02/10 20:26:58 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\lapek\Downloads\OTL_3.2.20.6(dobreprogramy.pl).exe MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011/01/26 11:26:48 | 000,573,224 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010/12/08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010/11/02 05:36:16 | 000,801,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2010/09/22 23:21:24 | 001,493,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010/09/22 15:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010/09/22 11:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2010/08/06 14:27:44 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010/05/18 17:05:34 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/02 07:41:16 | 001,590,536 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent) SRV - [2010/03/02 07:41:08 | 001,500,424 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine) SRV - [2010/02/26 01:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe -- (NIS) SRV - [2010/01/19 17:27:18 | 001,043,784 | ---- | M] (TuneUp Software) [On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010/01/19 17:24:12 | 000,030,024 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [On_Demand | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009/07/31 05:20:04 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalator formantów ActiveX (AxInstSV) SRV - [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009/07/13 10:01:28 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009/07/09 15:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/02/01 22:29:38 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110210.003\NAVEX15.SYS -- (NAVEX15) DRV - [2011/02/01 22:29:38 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110210.003\NAVENG.SYS -- (NAVENG) DRV - [2011/01/20 22:24:48 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010/11/23 03:20:07 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20110114.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2010/11/09 01:50:30 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20110209.001\IDSvix86.sys -- (IDSVix86) DRV - [2010/09/22 23:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2010/09/03 15:16:18 | 003,185,640 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2010/06/20 20:00:22 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2010/06/20 20:00:22 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2010/05/06 05:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\windows\System32\Drivers\NIS\1108000.005\SYMTDIV.SYS -- (SYMTDIv) DRV - [2010/05/06 05:01:44 | 000,044,080 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM) DRV - [2010/04/29 06:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\windows\system32\drivers\NIS\1108000.005\Ironx86.SYS -- (SymIRON) DRV - [2010/04/22 05:15:04 | 000,019,232 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys -- (atitray) DRV - [2010/04/22 04:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\windows\system32\drivers\NIS\1108000.005\SYMEFA.SYS -- (SymEFA) DRV - [2010/04/22 03:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\windows\System32\Drivers\NIS\1108000.005\SRTSP.SYS -- (SRTSP) DRV - [2010/04/22 03:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\windows\system32\drivers\NIS\1108000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2010/03/03 04:07:16 | 000,152,064 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2010/02/26 01:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\windows\system32\drivers\NIS\1108000.005\ccHPx86.sys -- (ccHP) DRV - [2010/01/26 23:17:00 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2009/12/22 10:33:08 | 000,135,184 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\windows\System32\drivers\DefragFs.sys -- (DefragFS) DRV - [2009/12/11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009/10/14 06:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2009/08/30 01:17:18 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\NIS\1108000.005\SYMDS.SYS -- (SymDS) DRV - [2009/08/04 10:48:16 | 000,616,960 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28.sys -- (netr28) DRV - [2009/07/29 04:01:26 | 000,069,480 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2009/07/29 02:38:00 | 000,049,016 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2009/07/28 04:09:28 | 000,055,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd) DRV - [2009/07/24 19:31:58 | 000,021,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds) DRV - [2009/07/14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009/07/14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009/07/14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009/07/14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009/07/14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009/07/14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009/07/14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009/07/14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009/07/14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009/07/14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009/07/14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009/07/14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009/07/14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009/07/14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009/07/14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009/07/14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009/07/14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009/07/14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009/07/14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009/07/14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009/07/14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009/07/14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009/07/14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009/07/14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009/07/14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009/07/14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009/07/14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009/07/14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009/07/14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009/07/14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009/07/14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009/07/14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009/07/14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009/07/14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009/07/14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009/07/14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009/07/14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\rdpbus.sys -- (rdpbus) DRV - [2009/07/14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009/07/14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009/07/14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009/07/14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/07/14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt) DRV - [2009/07/14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009/07/14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\1394ohci.sys -- (1394ohci) DRV - [2009/07/14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009/07/14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009/07/14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009/07/14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\system32\DRIVERS\CompositeBus.sys -- (CompositeBus) DRV - [2009/07/14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\appid.sys -- (AppID) DRV - [2009/07/14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009/07/14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009/07/14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009/07/14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009/07/13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009/07/13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009/07/13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009/07/13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009/07/13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009/07/13 23:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2009/07/13 23:02:53 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH) DRV - [2009/07/13 23:02:52 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167) DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009/07/13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009/07/13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009/07/13 10:01:22 | 004,993,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009/07/08 05:38:34 | 000,168,936 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd) DRV - [2009/06/19 17:58:08 | 000,009,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\Toshidpt.sys -- (toshidpt) DRV - [2009/06/19 17:57:20 | 000,079,872 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid) DRV - [2009/06/19 17:56:48 | 000,042,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp) DRV - [2009/06/17 19:59:46 | 000,046,984 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte) DRV - [2009/06/04 09:45:48 | 000,166,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009/04/29 15:37:26 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86) DRV - [2009/03/27 01:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz132_x32.sys -- (cpuz132) DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-21-1661388004-1945382914-1634934909-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-1661388004-1945382914-1634934909-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1408409&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Allegro" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010/05/26 13:24:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010/01/27 20:19:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/11 11:39:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/30 22:24:57 | 000,000,000 | ---D | M] [2011/01/04 22:01:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lapek\AppData\Roaming\mozilla\Extensions [2011/02/09 21:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lapek\AppData\Roaming\mozilla\Firefox\Profiles\9d7b1bn8.default\extensions [2011/01/06 22:50:53 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\lapek\AppData\Roaming\mozilla\Firefox\Profiles\9d7b1bn8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/02/09 21:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/01/06 16:00:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010/05/26 13:24:49 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPLGN [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010/10/22 20:39:20 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010/10/22 20:39:20 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010/10/22 20:39:20 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010/10/22 20:39:20 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010/10/22 20:39:20 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010/10/22 20:39:20 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010/05/18 17:46:12 | 000,000,600 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ipsbho.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O7 - HKU\S-1-5-21-1661388004-1945382914-1634934909-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-1661388004-1945382914-1634934909-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\windows\System32\livessp.dll (Microsoft Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/08/19 21:24:02 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (PDBoot.exe) - C:\windows\System32\PDBoot.exe (Raxco Software, Inc.) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation) NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation) MsConfig - StartUpReg: [b]AlcoholAutomount[/b] - hkey= - key= - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) MsConfig - StartUpReg: [b]ITSecMng[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]PC Suite Tray[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) MsConfig - State: "bootini" - 2 MsConfig - State: "startup" - 0 MsConfig - State: "services" - 0 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootMin: Primary disk - Driver Group SafeBootMin: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: Dhcp - C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - File not found SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: ndiscap - C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color] [2011/02/10 19:40:09 | 000,000,000 | ---D | C] -- C:\Users\lapek\AppData\Local\NokiaAccount [2011/02/10 19:21:14 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2011/02/10 19:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache [2011/02/10 19:15:08 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite [2011/02/08 20:30:57 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll [2011/02/08 20:30:57 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2011/02/08 20:30:57 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2011/02/08 20:30:57 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2011/02/08 20:30:57 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll [2011/02/08 20:30:56 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2011/02/08 20:30:56 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec [2011/02/08 20:30:56 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2011/02/08 20:30:56 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2011/02/08 20:30:51 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll [2011/02/08 20:30:51 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll [2011/02/08 20:30:49 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll [2011/02/08 20:30:49 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll [2011/02/08 20:30:47 | 002,329,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2011/02/08 20:30:42 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe [2011/02/08 20:30:42 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe [2011/02/08 20:29:36 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\upnp.dll [2011/02/08 20:29:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2011/02/08 20:29:34 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\davclnt.dll [2011/02/08 20:29:34 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wscapi.dll [2011/02/08 20:29:34 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2011/02/08 20:29:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\slwga.dll [2011/02/08 20:29:10 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys [2011/02/06 00:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\AIMP2 [2011/02/01 22:48:42 | 000,000,000 | ---D | C] -- C:\Users\lapek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer [2011/02/01 22:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer [2011/01/20 22:52:20 | 000,000,000 | ---D | C] -- C:\Users\lapek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alcohol 120% [2011/01/20 22:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120% [2011/01/20 22:51:38 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft [2011/01/20 20:20:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft [2011/01/15 13:55:40 | 000,000,000 | ---D | C] -- C:\Users\lapek\AppData\Roaming\GlarySoft [2011/01/13 21:22:14 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbc32.dll [2011/01/13 21:22:00 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll [2011/01/13 21:22:00 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll [2011/01/13 21:22:00 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FntCache.dll [2011/01/13 21:22:00 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll [2011/01/13 21:22:00 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll [2011/01/13 21:21:59 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ExplorerFrame.dll [2011/01/13 21:21:59 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll [2011/01/13 21:21:59 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll [2011/01/13 21:21:59 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll [2011/01/13 21:21:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsRasterService.dll [2011/01/13 21:21:59 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdd.dll [2011/01/06 16:00:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011/01/06 16:00:29 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe [2011/01/06 16:00:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe [2011/01/06 16:00:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe [2010/12/30 22:24:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2010/12/30 22:24:51 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2010/12/30 22:18:28 | 000,000,000 | ---D | C] -- C:\Users\lapek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2010/12/30 20:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/12/23 20:25:45 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2010/12/16 17:52:34 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\consent.exe [2010/12/16 17:52:33 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webio.dll [2010/12/16 17:52:32 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskschd.dll [2010/12/16 17:52:32 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmicmiplugin.dll [2010/12/16 17:52:31 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskcomp.dll [2010/12/16 17:52:31 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\schtasks.exe [2010/12/16 17:52:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll [2010/12/12 09:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10 [color=#E56717]========== Files - Modified Within 90 Days ==========[/color] [2011/02/10 19:58:04 | 000,017,600 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/02/10 19:58:04 | 000,017,600 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/02/10 19:50:20 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2011/02/10 19:50:17 | 2415,370,240 | -HS- | M] () -- C:\hiberfil.sys [2011/02/08 20:40:01 | 000,341,192 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2011/02/05 20:29:35 | 000,007,651 | ---- | M] () -- C:\Users\lapek\AppData\Local\resmon.resmoncfg [2011/02/05 12:56:40 | 000,000,116 | ---- | M] () -- C:\windows\NeroDigital.ini [2011/02/03 06:45:07 | 000,219,008 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys [2011/02/02 18:39:45 | 000,005,297 | ---- | M] () -- C:\Users\lapek\Documents\Talk Talk.PLS [2011/02/01 21:58:59 | 000,000,225 | ---- | M] () -- C:\Users\lapek\Documents\ax_files.xml [2011/02/01 15:20:49 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempEK2968.html [2011/01/23 16:54:19 | 000,697,912 | ---- | M] () -- C:\windows\System32\perfh015.dat [2011/01/23 16:54:19 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat [2011/01/23 16:54:19 | 000,134,990 | ---- | M] () -- C:\windows\System32\perfc015.dat [2011/01/23 16:54:19 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat [2011/01/23 01:08:01 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempbR3572.html [2011/01/22 16:24:18 | 000,000,041 | -HS- | M] () -- C:\ProgramData\.zreglib [2011/01/21 20:32:22 | 000,001,450 | ---- | M] () -- C:\Users\lapek\Desktop\LdR_Alcohol.lnk [2011/01/20 22:24:48 | 000,436,792 | ---- | M] () -- C:\windows\System32\drivers\sptd.sys [2011/01/18 20:25:29 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempzI3212.html [2011/01/18 15:16:24 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempEp2432.html [2011/01/17 20:20:25 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempMt2908.html [2011/01/16 20:14:30 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempkZ2432.html [2011/01/16 13:32:13 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempcI2948.html [2011/01/16 02:18:22 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempSJ2868.html [2011/01/13 09:56:16 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\Tempyy2524.html [2011/01/10 15:58:14 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempJE2772.html [2011/01/09 01:52:08 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempxR2996.html [2011/01/07 08:27:11 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\windows\System32\atmlib.dll [2011/01/07 06:33:11 | 000,294,400 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll [2011/01/05 22:55:35 | 000,000,280 | ---- | M] () -- C:\windows\System32\PDBootState [2011/01/05 06:37:33 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll [2011/01/05 06:34:32 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jscript.dll [2011/01/05 04:37:38 | 002,329,088 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2010/12/22 20:15:33 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempAw2904.html [2010/12/21 20:19:47 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempfF3260.html [2010/12/21 06:38:24 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wscapi.dll [2010/12/21 06:38:19 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\upnp.dll [2010/12/21 06:38:16 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\slwga.dll [2010/12/21 06:34:12 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\davclnt.dll [2010/12/20 22:11:01 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempLi3344.html [2010/12/20 20:11:57 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempjH3344.html [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2010/12/19 21:57:19 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempEM3036.html [2010/12/19 21:02:20 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempmG1796.html [2010/12/19 17:58:57 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempLJ2764.html [2010/12/18 22:21:48 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempvX2988.html [2010/12/18 18:45:14 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\Tempmi3152.html [2010/12/18 06:30:19 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mstime.dll [2010/12/18 06:30:07 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2010/12/18 06:30:07 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2010/12/18 06:29:40 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll [2010/12/18 06:29:18 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2010/12/18 06:29:13 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2010/12/18 06:26:52 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2010/12/18 05:20:55 | 000,386,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\html.iec [2010/12/18 04:47:59 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2010/12/16 19:08:49 | 000,000,813 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2010/12/14 19:28:42 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempxA3052.html [2010/12/13 15:52:32 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempQJ2872.html [2010/12/12 09:01:53 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk [2010/12/06 07:55:08 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TemprA2972.html [2010/12/05 16:27:16 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempZS2372.html [2010/12/05 11:28:40 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempyR2572.html [2010/12/04 20:17:27 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\Tempob3188.html [2010/11/30 15:10:00 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\Tempvy2980.html [2010/11/28 00:37:57 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempnU2472.html [2010/11/24 15:09:17 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempgM2800.html [2010/11/22 18:54:25 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TemppY2108.html [2010/11/17 15:42:14 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\Tempeo2068.html [2010/11/17 15:18:08 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempeO3084.html [2010/11/17 15:18:08 | 000,002,089 | ---- | M] () -- C:\Users\lapek\AppData\Local\Tempbg3084.html [2010/11/15 07:51:07 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempvY3192.html [2010/11/13 14:34:16 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\Tempui3028.html [2010/11/13 08:57:02 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TempfI2780.html [2010/11/13 00:10:37 | 000,002,432 | ---- | M] () -- C:\Users\lapek\AppData\Local\TemptQ3172.html [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/02/02 18:39:45 | 000,005,297 | ---- | C] () -- C:\Users\lapek\Documents\Talk Talk.PLS [2011/02/01 14:56:59 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempEK2968.html [2011/01/22 21:13:42 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempbR3572.html [2011/01/21 20:32:22 | 000,001,450 | ---- | C] () -- C:\Users\lapek\Desktop\LdR_Alcohol.lnk [2011/01/20 20:26:01 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2011/01/18 18:20:23 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempzI3212.html [2011/01/18 15:09:04 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempEp2432.html [2011/01/17 16:50:43 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempMt2908.html [2011/01/16 16:07:37 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempkZ2432.html [2011/01/16 11:21:52 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempcI2948.html [2011/01/15 21:35:06 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempSJ2868.html [2011/01/13 09:11:58 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempyy2524.html [2011/01/10 15:54:31 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempJE2772.html [2011/01/08 23:40:31 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempxR2996.html [2011/01/05 22:55:35 | 000,000,280 | ---- | C] () -- C:\windows\System32\PDBootState [2010/12/30 22:24:57 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2010/12/22 18:29:45 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempAw2904.html [2010/12/21 17:51:48 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempfF3260.html [2010/12/20 20:12:01 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempLi3344.html [2010/12/20 20:10:35 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempjH3344.html [2010/12/19 21:02:47 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempEM3036.html [2010/12/19 19:49:31 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempmG1796.html [2010/12/19 15:44:36 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempLJ2764.html [2010/12/18 18:49:53 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempvX2988.html [2010/12/18 17:57:19 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempmi3152.html [2010/12/14 18:20:44 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempxA3052.html [2010/12/13 15:20:08 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempQJ2872.html [2010/12/12 09:01:53 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk [2010/12/12 09:01:41 | 000,000,987 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadu-Gadu 10.lnk [2010/12/06 07:49:44 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TemprA2972.html [2010/12/05 13:58:35 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempZS2372.html [2010/12/05 10:35:34 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempyR2572.html [2010/12/04 18:55:11 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempob3188.html [2010/11/30 14:59:43 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempvy2980.html [2010/11/27 21:53:12 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempnU2472.html [2010/11/24 14:15:54 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempgM2800.html [2010/11/22 18:34:25 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TemppY2108.html [2010/11/17 15:19:01 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempeo2068.html [2010/11/17 15:17:49 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempeO3084.html [2010/11/17 15:17:49 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempbg3084.html [2010/11/15 07:47:21 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempvY3192.html [2010/11/13 13:40:36 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempui3028.html [2010/11/13 08:46:35 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempfI2780.html [2010/11/12 22:04:19 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TemptQ3172.html [2010/11/05 15:32:41 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempVR3868.html [2010/11/03 15:21:52 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempUy1580.html [2010/11/03 12:58:07 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempik3064.html [2010/11/02 14:40:23 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempmC2936.html [2010/11/02 11:01:00 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempPi3224.html [2010/11/01 21:26:55 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempzh3108.html [2010/11/01 13:39:59 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempNT2820.html [2010/10/31 21:10:56 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempBc3176.html [2010/10/31 12:15:21 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempzM3024.html [2010/10/27 18:12:08 | 000,000,038 | ---- | C] () -- C:\windows\AviSplitter.INI [2010/10/27 05:44:39 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempnQ3176.html [2010/10/22 18:14:21 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempNU3004.html [2010/10/22 14:45:23 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempDD3032.html [2010/10/16 18:36:42 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempAL3252.html [2010/10/16 13:12:15 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempeg2972.html [2010/10/09 18:05:27 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempWn3036.html [2010/10/08 20:48:23 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempUD3028.html [2010/10/05 05:55:37 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempvt1600.html [2010/10/02 19:59:01 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempqVy548.html [2010/09/27 15:01:59 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempCJ2804.html [2010/09/24 17:51:15 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempaN3096.html [2010/09/23 14:19:10 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempiZ3044.html [2010/09/15 14:59:39 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempsi3184.html [2010/09/14 15:03:33 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempdC3104.html [2010/09/13 15:30:03 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempnN3084.html [2010/09/12 15:36:09 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempYS3088.html [2010/09/12 13:01:16 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempZk3124.html [2010/09/11 12:13:59 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Temppb3132.html [2010/09/08 14:52:52 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempUi3064.html [2010/09/06 16:25:35 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempye3180.html [2010/09/04 10:55:36 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempCo3136.html [2010/09/01 13:23:35 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempvO3080.html [2010/08/30 05:59:04 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempJw3440.html [2010/08/29 17:29:58 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempys3116.html [2010/08/29 15:17:17 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TemplO3252.html [2010/08/28 21:40:13 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempcq3180.html [2010/08/27 10:13:19 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempzB3068.html [2010/08/26 08:34:27 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempTP2896.html [2010/08/25 10:55:20 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TemptL3148.html [2010/08/24 10:19:58 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempPv3152.html [2010/08/23 18:30:38 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempeq3204.html [2010/08/23 14:03:27 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempPH2956.html [2010/08/23 10:39:07 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempyi3120.html [2010/08/21 12:40:53 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempED3288.html [2010/08/21 09:37:55 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempjU3152.html [2010/08/20 10:29:44 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempEo1656.html [2010/08/20 10:28:49 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempCH3200.html [2010/08/20 10:28:49 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempjF3200.html [2010/08/19 13:13:14 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TemptS3836.html [2010/08/16 10:47:46 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TemphT3172.html [2010/08/14 10:09:58 | 000,000,022 | -HS- | C] () -- C:\Users\lapek\AppData\Roaming\Sys6925.Config Collection.sys [2010/08/13 20:29:43 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempqd1780.html [2010/08/13 10:14:36 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempuF3100.html [2010/08/11 10:59:17 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempuL3220.html [2010/07/15 14:16:36 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempRY3376.html [2010/07/01 11:37:06 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempxO3320.html [2010/07/01 11:37:06 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TemprG3320.html [2010/06/30 10:25:40 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempfr3100.html [2010/06/29 20:17:43 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempfd3176.html [2010/06/28 10:22:24 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempjeW448.html [2010/06/27 12:09:46 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempSX2876.html [2010/06/26 22:08:19 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempYn1068.html [2010/06/26 12:35:13 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempFB3284.html [2010/06/24 11:34:40 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempXV2260.html [2010/06/24 08:30:42 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempYX3372.html [2010/06/23 11:14:41 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempVq3500.html [2010/06/22 20:09:05 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempKok212.html [2010/06/22 13:12:28 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempiD3148.html [2010/06/22 13:12:28 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempZV3148.html [2010/06/17 11:32:01 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempds3564.html [2010/06/13 12:45:30 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempSR3252.html [2010/06/13 11:04:17 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempWU2780.html [2010/06/03 12:47:02 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempjD3960.html [2010/05/29 13:18:41 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempqM2892.html [2010/05/29 13:18:41 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempCR2892.html [2010/05/13 15:31:45 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempGx1588.html [2010/05/13 15:31:45 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempvl1588.html [2010/05/13 15:29:49 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempcXd280.html [2010/05/13 15:29:49 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempbfs280.html [2010/05/13 15:12:57 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempQf3420.html [2010/05/13 15:12:57 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempBL3420.html [2010/05/13 15:09:24 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempyL2944.html [2010/05/13 15:09:24 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempDt2944.html [2010/05/04 13:22:19 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempwe3648.html [2010/05/04 13:22:19 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempLL3648.html [2010/05/01 11:58:44 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempsA3908.html [2010/05/01 11:58:44 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempff3908.html [2010/04/29 12:19:56 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempoH3748.html [2010/04/29 12:19:56 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempsj3748.html [2010/04/27 13:54:14 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempyK3800.html [2010/04/27 13:54:14 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempFB3800.html [2010/04/27 11:23:06 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempFW3988.html [2010/04/27 11:23:06 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempFQ3988.html [2010/04/20 12:52:01 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempgz3728.html [2010/04/20 12:52:01 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Temprn3728.html [2010/04/17 11:23:02 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempCS2656.html [2010/04/17 11:23:02 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempkT2656.html [2010/04/15 19:52:55 | 000,008,735 | ---- | C] () -- C:\Users\lapek\AppData\Roaming\PStrip.ini [2010/04/15 19:45:53 | 000,000,062 | ---- | C] () -- C:\windows\wininit.ini [2010/04/11 18:02:22 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempCN6256.html [2010/04/11 18:02:22 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempNo6256.html [2010/04/11 17:53:27 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Temppo6820.html [2010/04/11 17:53:27 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempwA6820.html [2010/04/10 15:43:10 | 000,038,847 | ---- | C] () -- C:\Users\lapek\AppData\Local\Perfmon.PerfmonCfg [2010/04/08 17:29:58 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempaj3608.html [2010/04/08 17:29:58 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempyP3608.html [2010/04/08 06:18:21 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempwL2828.html [2010/04/08 06:18:21 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempSv2828.html [2010/04/04 22:41:05 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TemppFy928.html [2010/04/04 22:41:05 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempdOD928.html [2010/04/04 12:43:21 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempvo3992.html [2010/04/04 12:43:21 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempua3992.html [2010/03/25 16:29:38 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempzt1176.html [2010/03/25 16:29:38 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempom1176.html [2010/03/24 07:56:43 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempNe3896.html [2010/03/24 07:56:43 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempcy3896.html [2010/03/21 13:38:53 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempgW3856.html [2010/03/21 13:38:53 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempqu3856.html [2010/03/20 17:37:34 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempNv2624.html [2010/03/20 17:37:34 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Templf2624.html [2010/03/19 21:25:54 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempWB2172.html [2010/03/19 21:25:54 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempff2172.html [2010/03/14 19:21:47 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempfe2840.html [2010/03/14 19:21:47 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempNd2840.html [2010/03/14 13:47:34 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempxs3528.html [2010/03/14 13:47:34 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempoB3528.html [2010/03/14 10:40:59 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempTA2956.html [2010/03/14 10:40:59 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempda2956.html [2010/03/13 20:52:37 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempxX3836.html [2010/03/13 20:52:37 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempkJ3836.html [2010/03/13 10:47:40 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempSo2220.html [2010/03/13 10:47:40 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Temped2220.html [2010/02/28 16:24:49 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempiZ3756.html [2010/02/28 16:24:49 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempne3756.html [2010/02/28 16:19:45 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempmw1832.html [2010/02/28 16:19:45 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TemptA1832.html [2010/02/26 21:17:39 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempSS2516.html [2010/02/26 21:17:39 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempBu2516.html [2010/02/19 21:40:50 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempLi2380.html [2010/02/19 21:40:50 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempUt2380.html [2010/02/14 14:11:57 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempMz3900.html [2010/02/14 14:11:57 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempVS3900.html [2010/02/13 08:27:34 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempJh2824.html [2010/02/13 08:27:34 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempVG2824.html [2010/02/11 13:17:59 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TemplY3684.html [2010/02/11 13:17:59 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Temphd3684.html [2010/02/11 11:08:53 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempWN2256.html [2010/02/11 11:08:53 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempNq2256.html [2010/02/10 11:13:45 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempfY3868.html [2010/02/10 11:13:45 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempVU3868.html [2010/02/08 15:46:29 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempzG3920.html [2010/02/08 15:46:29 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempDc3920.html [2010/02/06 11:05:25 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempFO1604.html [2010/02/06 11:05:25 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempdM1604.html [2010/02/05 13:05:03 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempBI4444.html [2010/02/05 13:05:03 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempWD4444.html [2010/02/05 12:02:06 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempeV4068.html [2010/02/05 12:02:06 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempJh4068.html [2010/02/03 11:02:44 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempRz2656.html [2010/02/03 11:02:44 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempdZ2656.html [2010/02/03 10:49:21 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempQtc408.html [2010/02/03 10:49:21 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempROM408.html [2010/02/02 21:18:26 | 000,000,046 | ---- | C] () -- C:\windows\ABC_mru.ini [2010/02/02 16:18:13 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TemppT2812.html [2010/02/02 16:18:13 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempBy2812.html [2010/02/01 11:45:09 | 000,002,432 | ---- | C] () -- C:\Users\lapek\AppData\Local\TempUe5980.html [2010/02/01 11:45:09 | 000,002,089 | ---- | C] () -- C:\Users\lapek\AppData\Local\Tempif5980.html [2010/01/05 21:02:52 | 000,000,116 | ---- | C] () -- C:\windows\NeroDigital.ini [2010/01/05 20:54:49 | 000,003,584 | ---- | C] () -- C:\Users\lapek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/12/01 23:26:23 | 000,007,651 | ---- | C] () -- C:\Users\lapek\AppData\Local\resmon.resmoncfg [2009/12/01 21:28:18 | 000,436,792 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys [2009/11/29 12:51:24 | 000,165,376 | ---- | C] () -- C:\windows\System32\unrar.dll [2009/11/29 11:14:21 | 000,000,112 | ---- | C] () -- C:\Users\lapek\AppData\Roaming\wklnhst.dat [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll [1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\windows\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2011/02/06 00:26:59 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\AIMP [2010/02/02 20:47:54 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\AnvSoft [2010/04/25 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\ArcaVirMicroScan [2009/11/29 13:30:43 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\BESTplayer [2010/06/30 19:54:41 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010/02/07 21:13:10 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\foobar2000 [2010/12/18 17:27:33 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\Gadu-Gadu 10 [2011/01/15 13:57:01 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\GlarySoft [2009/12/17 22:24:02 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\ipla [2009/12/03 00:22:54 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\iZotope [2010/02/12 18:02:03 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\Nokia [2009/11/28 16:56:37 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\OpenFM [2010/08/20 16:16:21 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\Opera [2010/04/03 18:54:11 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\PC Suite [2010/09/08 20:00:03 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\StreamTorrent [2009/12/19 13:32:02 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\Template [2010/01/26 22:07:38 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\Tific [2010/06/20 20:18:28 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\TuneUp Software [2010/01/14 19:03:11 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\Uniblue [2011/02/05 15:28:20 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\uTorrent [2010/09/15 20:43:40 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\WinAVI [2010/03/27 14:07:42 | 000,000,000 | ---D | M] -- C:\Users\lapek\AppData\Roaming\Windows Live Writer [2010/12/20 23:04:45 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(438).TXT [2011/02/04 19:56:33 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009/07/14 02:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2011/02/10 19:50:17 | 2415,370,240 | -HS- | M] () -- C:\hiberfil.sys [2011/02/10 19:50:16 | 3220,496,384 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys [2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 24 bytes -> C:\Windows:D4781896147739E8 < End of report >