OTL logfile created on: 26/02/2011 00:11:43 - Run 1 OTL by OldTimer - Version 3.2.21.0 Folder = C:\Users\Monika\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000809 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free 8.00 Gb Paging File | 6.00 Gb Available in Paging File | 78.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 229.93 Gb Total Space | 186.76 Gb Free Space | 81.22% Space Free | Partition Type: NTFS Drive G: | 221.52 Gb Total Space | 84.75 Gb Free Space | 38.26% Space Free | Partition Type: NTFS Computer Name: MONIKA-VAIO | User Name: Monika | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011/02/26 00:05:18 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe PRC - [2011/01/22 22:45:55 | 000,059,414 | ---- | M] () -- C:\Users\Monika\AppData\Local\inetserv.exe PRC - [2010/12/19 19:48:15 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2010/12/19 19:48:14 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010/11/22 13:15:14 | 018,630,656 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe PRC - [2010/11/16 22:25:40 | 000,054,784 | ---- | M] (Macrovision) -- C:\Windows\SysWOW64\drivers\CDAC11BA.EXE PRC - [2010/08/12 14:15:34 | 000,081,296 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCSpt.exe PRC - [2010/05/28 10:14:24 | 000,205,168 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe PRC - [2010/05/18 12:38:46 | 000,075,776 | ---- | M] (Sony of America Corporation) -- C:\Program Files\Sony\VAIO Care\listener.exe PRC - [2010/05/04 21:47:09 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2010/02/19 19:19:24 | 000,529,776 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe PRC - [2009/12/14 21:06:24 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009/12/14 21:06:08 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009/12/01 22:03:52 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe PRC - [2009/11/21 00:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2009/11/21 00:25:22 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2009/10/20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe PRC - [2009/09/14 19:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe PRC - [2009/09/14 18:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:21 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe PRC - [2009/05/21 22:13:36 | 000,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2009/05/21 21:54:18 | 000,116,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe PRC - [2009/05/21 21:46:36 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe PRC - [2009/05/21 21:46:36 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe PRC - [2009/05/21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe PRC - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe PRC - [2007/05/08 16:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011/02/26 00:05:18 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe MOD - [2010/10/27 05:40:22 | 001,293,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010/07/27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2010/06/29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010/04/07 08:10:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2009/12/11 08:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2009/12/11 08:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2009/07/14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2009/07/14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009/07/14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2009/07/14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009/07/14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009/07/14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009/07/14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009/07/14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2009/07/14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2009/07/14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009/07/14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2009/07/14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2009/07/14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009/07/14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009/07/14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2009/07/14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009/07/14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2009/07/14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009/07/14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2009/07/14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009/07/14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2009/07/14 02:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009/07/14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2009/07/14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2009/07/14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009/07/14 02:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2009/07/14 02:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009/07/14 02:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2009/07/14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009/07/14 02:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2009/07/14 02:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/11/16 22:25:40 | 000,054,784 | ---- | M] (Macrovision) [Auto | Running] -- C:\Windows\SysWOW64\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA) SRV - [2010/05/28 10:14:24 | 000,205,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2010/05/05 17:18:27 | 000,607,048 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010/02/26 14:49:38 | 001,398,088 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2010/02/26 14:43:48 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2009/12/14 21:06:24 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009/12/14 21:06:08 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009/11/21 00:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2009/10/20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2009/10/15 16:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2009/10/15 16:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr) SRV - [2009/10/15 16:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2009/10/15 16:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2009/10/15 16:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr) SRV - [2009/09/14 19:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc) SRV - [2009/09/14 19:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service) SRV - [2009/09/14 18:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2009/08/31 01:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10) SRV - [2009/08/31 01:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010/11/16 22:25:41 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\CDAC15BA.SYS -- (CdaC15BA) DRV - [2009/10/14 07:24:44 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2716970125-82983577-3020837423-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01 IE - HKU\S-1-5-21-2716970125-82983577-3020837423-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-2716970125-82983577-3020837423-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01 IE - HKU\S-1-5-21-2716970125-82983577-3020837423-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-2716970125-82983577-3020837423-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01" FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736 FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5 FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/06 14:29:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/19 19:48:15 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/19 19:48:15 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010/05/05 17:56:53 | 000,000,000 | ---D | M] [2011/02/18 19:47:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions [2010/05/15 21:26:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions-BackupByFirefoxPortable [2010/05/15 21:26:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions-BackupByFirefoxPortable\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2010/05/15 21:26:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\4vy6zjqn.default\extensions [2010/05/16 08:41:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010/05/16 08:42:02 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru [2010/06/06 14:29:02 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES (X86)\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3 [2010/10/26 18:15:02 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2010/10/26 18:15:02 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2010/10/26 18:15:02 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2010/10/26 18:15:02 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2010/10/26 18:15:02 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2010/10/26 18:15:02 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-2716970125-82983577-3020837423-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-2716970125-82983577-3020837423-1000..\Run: [inetserv] C:\Users\Monika\AppData\Local\inetserv.exe () O4 - HKU\S-1-5-21-2716970125-82983577-3020837423-1000..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKU\S-1-5-21-2716970125-82983577-3020837423-1000..\Run: [Microsoft Firewall 2.9] C:\Users\Monika\AppData\Roaming\WMPRWISE.EXE (VMware, Inc.) O4 - HKU\S-1-5-21-2716970125-82983577-3020837423-1000..\Run: [mssend] C:\Users\Monika\AppData\Roaming\xxifdbbu1l3zgt2nbzhdkykk3cpmlqfd2\svcnost.exe () O4 - HKU\S-1-5-21-2716970125-82983577-3020837423-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-2716970125-82983577-3020837423-1000..\Run: [wuaucldt] c:\users\monika\wuaucldt.exe (DreamLair) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 173.193.227.124 173.192.105.217 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - ("C:\Users\Monika\AppData\Roaming\flzswe1gzabuf1papzvfmw1pyt3ufpz2\csrss.exe") - C:\Users\Monika\AppData\Roaming\flzswe1gzabuf1papzvfmw1pyt3ufpz2\csrss.exe () O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{056d2351-03cf-11e0-90c5-0024bebd86be}\Shell - "" = AutoRun O33 - MountPoints2\{056d2351-03cf-11e0-90c5-0024bebd86be}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{0b02dff4-c0c4-11df-bc7d-0024bebd86be}\Shell - "" = AutoRun O33 - MountPoints2\{0b02dff4-c0c4-11df-bc7d-0024bebd86be}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{bc49e60f-36cf-11e0-8c08-0024bebd86be}\Shell - "" = AutoRun O33 - MountPoints2\{bc49e60f-36cf-11e0-8c08-0024bebd86be}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{bc49e629-36cf-11e0-8c08-0024bebd86be}\Shell - "" = AutoRun O33 - MountPoints2\{bc49e629-36cf-11e0-8c08-0024bebd86be}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{c1079c05-cefd-11df-bbe5-0024bebd86be}\Shell - "" = AutoRun O33 - MountPoints2\{c1079c05-cefd-11df-bbe5-0024bebd86be}\Shell\AutoRun\command - "" = H:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - - File not found MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe () MsConfig:64bit - StartUpReg: [b]MarketingTools[/b] - hkey= - key= - C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) MsConfig:64bit - StartUpReg: [b]mcagent_exe[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]McENUI[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]NortonOnlineBackupReminder[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]PMBVolumeWatcher[/b] - hkey= - key= - c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) MsConfig:64bit - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011/02/26 00:05:17 | 000,577,024 | ---- | C] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe [2011/02/26 00:02:53 | 000,577,024 | ---- | C] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe.part [2011/02/25 22:03:07 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW [2011/02/25 21:58:30 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/02/25 21:58:30 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/02/25 21:58:30 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/02/25 21:58:22 | 000,000,000 | --SD | C] -- C:\ComboFix [2011/02/25 21:58:22 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/02/25 21:58:07 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/02/25 21:57:46 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2011/02/25 21:43:37 | 000,108,544 | -H-- | C] (VMware, Inc.) -- C:\Users\Monika\AppData\Roaming\WMPRWISE.EXE [2011/02/25 21:43:06 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\xxifdbbu1l3zgt2nbzhdkykk3cpmlqfd2 [2011/02/25 21:43:02 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\flzswe1gzabuf1papzvfmw1pyt3ufpz2 [2011/02/25 21:42:52 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\x2zmyaalsd1drgnkmuinckrm2pexrcku2 [2011/02/25 21:42:49 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\iw3ndi3msoklp3oqsixtypssrxllmbp2 [2011/02/25 21:42:37 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\x1kyduebmsvyynohdhdo3fzerdavyark2 [2011/02/25 21:42:34 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\2uyzyybawqyivmvjmp1qlenu1qvmtu22 [2011/02/25 21:42:03 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011/02/25 12:14:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec [2011/02/25 12:14:26 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan [2011/02/25 12:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan [2011/02/25 12:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2011/02/25 12:14:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2011/02/25 12:14:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller [2011/02/24 16:19:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe [2011/02/24 15:36:49 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\xh2gmemffr1ifdotkablpxebwkb2qvos2 [2011/02/23 20:00:01 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Local\ElevatedDiagnostics [2011/02/23 17:45:09 | 000,058,880 | ---- | C] (DreamLair) -- C:\Users\Monika\wuaucldt.exe [2011/02/23 17:43:06 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\xtnfdgjzru13fjamt2xtmsewpluriz1i2 [2011/02/23 17:43:03 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\swvfrtnieys3jq2j3de3v1ssio23g2r2 [2011/02/22 16:11:13 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\xeklfxqlny3332uv2xubebojb1bezqus2 [2011/02/21 16:18:15 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\xpoqajxu2kqrblmfmoqrcv3tnr1da2gm2 [2011/02/21 16:17:10 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\st2qprtgqxsmbg3gxfp3fj2dkhi2dsz2 [2011/02/21 16:17:03 | 000,063,488 | ---- | C] (Opera Software) -- C:\Users\Monika\Desktop\update.exe [2011/02/21 15:40:34 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\xctamz2lbdozdbjuodvszgykip313gjk2 [2011/02/20 15:18:26 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\xfrykixo1gyscwuzcgay22tggndbxxq32 [2011/02/19 19:42:29 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\balllllllll2 [2011/02/19 15:46:41 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\balllll [2011/02/18 11:06:30 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\xa1bqgdaefhtuknznv3bfdxxzc3nooab2 [2011/02/18 11:06:26 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\vo1flivnpn1z3uofbk3i3pipsrze2232 [2011/02/17 10:22:12 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\2222222222222 [2011/02/15 03:00:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 [2011/02/14 10:43:57 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Nowy folder (3) [2011/02/13 21:07:02 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Birdstep Technology [2011/02/13 21:06:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Birdstep Technology [2011/02/13 21:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3 Mobile Broadband [2011/02/13 21:06:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Huawei Modems [2011/02/13 21:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\3 Mobile Broadband [2011/02/11 13:08:24 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\xnkyhzbu1ypdxotemc3k1fqcwcwexyxi2 [2011/02/10 15:39:07 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\xgky13ehnhiy1afbspkw2b21nepvuimi2 [2011/02/10 15:39:05 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\ghnzeasbbiwjolm3ruhioyugbyrrhon2 [2011/02/09 10:07:53 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011/02/09 10:07:53 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011/02/06 23:17:30 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Malwarebytes [2011/02/06 23:17:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011/02/06 23:17:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/02/06 23:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/02/06 23:17:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/02/03 19:47:50 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\xlz2qrudbrdz13oxuiczefdhs1tdqxbc2 [2011/02/02 23:11:14 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\xanhdchjkxfyceyvdls12urjhc1kmtbb2 [2011/02/02 23:11:10 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\qme1zi2q2iywvmulgjkozxrxucjwgdx [2011/01/26 23:03:26 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\uakad [2011/01/22 09:34:56 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\RDRM [2011/01/11 23:42:17 | 000,000,000 | ---D | C] -- C:\867bb419a5c248c614b362f91efaa4 [2010/12/30 10:50:08 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\2010-12 (gru) [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011/02/26 00:05:18 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe [2011/02/26 00:02:58 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe.part [2011/02/25 23:37:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/02/25 22:37:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/02/25 21:57:24 | 004,274,659 | R--- | M] () -- C:\Users\Monika\Desktop\ComboFix.exe [2011/02/25 21:47:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/02/25 21:47:08 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys [2011/02/25 21:43:32 | 000,108,544 | -H-- | M] (VMware, Inc.) -- C:\Users\Monika\AppData\Roaming\WMPRWISE.EXE [2011/02/25 17:31:07 | 000,002,432 | ---- | M] () -- C:\Users\Monika\AppData\Local\TempSI5960.html [2011/02/25 17:31:07 | 000,002,089 | ---- | M] () -- C:\Users\Monika\AppData\Local\TempDL5960.html [2011/02/25 16:20:27 | 000,000,504 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Monika.job [2011/02/25 12:14:30 | 000,001,355 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk [2011/02/24 17:00:06 | 000,002,432 | ---- | M] () -- C:\Users\Monika\AppData\Local\Tempag4756.html [2011/02/24 17:00:06 | 000,002,089 | ---- | M] () -- C:\Users\Monika\AppData\Local\TempTK4756.html [2011/02/23 19:36:48 | 000,002,432 | ---- | M] () -- C:\Users\Monika\AppData\Local\TemplJ4240.html [2011/02/23 19:36:48 | 000,002,089 | ---- | M] () -- C:\Users\Monika\AppData\Local\TempSP4240.html [2011/02/23 19:31:54 | 000,002,432 | ---- | M] () -- C:\Users\Monika\AppData\Local\Tempau5756.html [2011/02/23 19:31:54 | 000,002,089 | ---- | M] () -- C:\Users\Monika\AppData\Local\TempEt5756.html [2011/02/23 18:25:23 | 000,014,590 | ---- | M] () -- C:\Users\Monika\Desktop\9999000000000000000000000002406209-bighead.png [2011/02/23 17:49:01 | 000,065,536 | -H-- | M] () -- C:\Users\Monika\Desktop\Version [2011/02/23 17:48:50 | 000,063,488 | ---- | M] (Opera Software) -- C:\Users\Monika\Desktop\update.exe [2011/02/23 17:45:09 | 000,058,880 | ---- | M] (DreamLair) -- C:\Users\Monika\wuaucldt.exe [2011/02/22 16:31:06 | 000,002,432 | ---- | M] () -- C:\Users\Monika\AppData\Local\TempDD4776.html [2011/02/22 16:31:06 | 000,002,089 | ---- | M] () -- C:\Users\Monika\AppData\Local\TempqX4776.html [2011/02/21 12:35:09 | 000,031,744 | ---- | M] () -- C:\Users\Monika\Desktop\listmotywacyjny.doc [2011/02/17 10:23:19 | 000,002,432 | ---- | M] () -- C:\Users\Monika\AppData\Local\TempTu4980.html [2011/02/13 21:06:54 | 000,002,099 | ---- | M] () -- C:\Users\Public\Desktop\3Connect.lnk [2011/02/13 21:06:02 | 000,070,667 | ---- | M] () -- C:\Windows\Huawei ModemsUninstall.exe [2011/02/06 23:17:27 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/02/01 20:16:59 | 000,072,704 | ---- | M] () -- C:\Users\Public\Documents\19792079 [2011/01/26 19:34:30 | 000,013,221 | ---- | M] () -- C:\Users\Monika\Desktop\Kosztorys budowlany kotłownia.docx [2011/01/26 19:31:30 | 000,019,974 | ---- | M] () -- C:\Users\Monika\Desktop\Inwestor 1.docx [2011/01/26 14:29:53 | 000,013,870 | ---- | M] () -- C:\Users\Monika\Desktop\Reklama PLUS.docx [2011/01/26 11:07:55 | 000,011,736 | ---- | M] () -- C:\Users\Monika\Desktop\Dominika Bartosik list.docx [2011/01/25 22:09:20 | 000,030,208 | ---- | M] () -- C:\Users\Monika\Desktop\podanie wf dyrektorrr.doc [2011/01/24 22:27:33 | 000,011,803 | ---- | M] () -- C:\Users\Monika\Desktop\podanie do rektora.docx [2011/01/24 21:09:40 | 000,017,339 | ---- | M] () -- C:\Users\Monika\Desktop\Learning styles.docx [2011/01/24 15:49:22 | 000,010,065 | ---- | M] () -- C:\Users\Public\Documents\Mateusz krautwurst.docx [2011/01/22 22:45:55 | 000,059,414 | ---- | M] () -- C:\Users\Monika\AppData\Local\inetserv.exe [2011/01/09 23:11:45 | 000,047,616 | ---- | M] () -- C:\Users\Monika\Desktop\SPRAWOZDANIE OUTFOXED.doc [2011/01/09 15:50:24 | 008,188,656 | ---- | M] () -- C:\Users\Monika\Desktop\reportaz2.mp3 [2011/01/08 14:58:40 | 000,020,496 | ---- | M] () -- C:\Users\Monika\Desktop\kolberger.jpg [2011/01/08 14:17:18 | 000,129,307 | ---- | M] () -- C:\Users\Monika\Desktop\Polak w wakacje przed telewizorem.docx [2011/01/07 08:27:11 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011/01/07 06:33:11 | 000,294,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011/01/04 21:03:18 | 000,547,328 | ---- | M] () -- C:\Users\Monika\Desktop\zaświadczenie.doc [2011/01/04 20:57:24 | 000,527,931 | ---- | M] () -- C:\Users\Monika\Desktop\zaświadczenie.docx [2011/01/02 14:00:47 | 006,029,479 | ---- | M] () -- C:\Users\Monika\Desktop\reportaz.mp3 [2010/12/30 10:56:10 | 000,307,417 | ---- | M] () -- C:\Users\Monika\Desktop\skanowanie0001.jpg [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/02/25 22:00:25 | 004,274,659 | R--- | C] () -- C:\Users\Monika\Desktop\ComboFix.exe [2011/02/25 21:58:30 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011/02/25 21:58:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/02/25 21:58:30 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011/02/25 21:58:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/02/25 21:58:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/02/25 13:56:59 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempSI5960.html [2011/02/25 13:56:59 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempDL5960.html [2011/02/25 12:14:32 | 000,000,504 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Monika.job [2011/02/25 12:14:30 | 000,001,355 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk [2011/02/24 15:54:22 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempag4756.html [2011/02/24 15:54:22 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempTK4756.html [2011/02/23 19:35:12 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TemplJ4240.html [2011/02/23 19:35:12 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempSP4240.html [2011/02/23 18:25:23 | 000,014,590 | ---- | C] () -- C:\Users\Monika\Desktop\9999000000000000000000000002406209-bighead.png [2011/02/23 17:57:30 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempau5756.html [2011/02/23 17:57:30 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempEt5756.html [2011/02/22 16:12:06 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempDD4776.html [2011/02/22 16:12:06 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempqX4776.html [2011/02/21 16:17:29 | 000,065,536 | -H-- | C] () -- C:\Users\Monika\Desktop\Version [2011/02/17 09:19:07 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempTu4980.html [2011/02/13 21:06:54 | 000,002,099 | ---- | C] () -- C:\Users\Public\Desktop\3Connect.lnk [2011/02/13 21:06:02 | 000,070,667 | ---- | C] () -- C:\Windows\Huawei ModemsUninstall.exe [2011/02/08 16:53:59 | 000,000,000 | -H-- | C] () -- C:\Users\Monika\AppData\Roaming\jbMhE16d0h.txt [2011/02/06 23:17:27 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/02/01 20:16:58 | 000,072,704 | ---- | C] () -- C:\Users\Public\Documents\19792079 [2011/01/26 19:34:30 | 000,013,221 | ---- | C] () -- C:\Users\Monika\Desktop\Kosztorys budowlany kotłownia.docx [2011/01/26 19:31:30 | 000,019,974 | ---- | C] () -- C:\Users\Monika\Desktop\Inwestor 1.docx [2011/01/26 14:29:33 | 000,013,870 | ---- | C] () -- C:\Users\Monika\Desktop\Reklama PLUS.docx [2011/01/26 11:07:55 | 000,011,736 | ---- | C] () -- C:\Users\Monika\Desktop\Dominika Bartosik list.docx [2011/01/25 22:09:20 | 000,030,208 | ---- | C] () -- C:\Users\Monika\Desktop\podanie wf dyrektorrr.doc [2011/01/24 21:15:29 | 000,011,803 | ---- | C] () -- C:\Users\Monika\Desktop\podanie do rektora.docx [2011/01/24 21:08:20 | 000,017,339 | ---- | C] () -- C:\Users\Monika\Desktop\Learning styles.docx [2011/01/24 15:49:21 | 000,010,065 | ---- | C] () -- C:\Users\Public\Documents\Mateusz krautwurst.docx [2011/01/22 22:45:55 | 000,059,414 | ---- | C] () -- C:\Users\Monika\AppData\Local\inetserv.exe [2011/01/18 13:00:30 | 000,031,744 | ---- | C] () -- C:\Users\Monika\Desktop\listmotywacyjny.doc [2011/01/09 23:11:45 | 000,047,616 | ---- | C] () -- C:\Users\Monika\Desktop\SPRAWOZDANIE OUTFOXED.doc [2011/01/09 15:49:24 | 008,188,656 | ---- | C] () -- C:\Users\Monika\Desktop\reportaz2.mp3 [2011/01/08 14:58:39 | 000,020,496 | ---- | C] () -- C:\Users\Monika\Desktop\kolberger.jpg [2011/01/08 14:17:18 | 000,129,307 | ---- | C] () -- C:\Users\Monika\Desktop\Polak w wakacje przed telewizorem.docx [2011/01/04 21:03:17 | 000,547,328 | ---- | C] () -- C:\Users\Monika\Desktop\zaświadczenie.doc [2011/01/04 20:57:23 | 000,527,931 | ---- | C] () -- C:\Users\Monika\Desktop\zaświadczenie.docx [2011/01/02 14:00:05 | 006,029,479 | ---- | C] () -- C:\Users\Monika\Desktop\reportaz.mp3 [2010/12/30 10:56:17 | 000,307,417 | ---- | C] () -- C:\Users\Monika\Desktop\skanowanie0001.jpg [2010/12/04 23:35:52 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TemphJ4680.html [2010/12/04 23:34:42 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempsb4680.html [2010/12/04 23:34:42 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempHu4680.html [2010/12/02 20:00:05 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TemprG1968.html [2010/12/02 20:00:05 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempgx1968.html [2010/11/22 16:42:19 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempzf4088.html [2010/11/22 16:42:19 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempJx4088.html [2010/11/19 14:57:19 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempZQ6640.html [2010/11/19 14:57:19 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempzk6640.html [2010/11/19 14:57:19 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempim6640.html [2010/11/18 16:24:27 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempUP4812.html [2010/11/18 16:24:27 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempGd4812.html [2010/11/18 16:24:27 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempdO4812.html [2010/11/11 17:40:05 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempfy3852.html [2010/11/11 17:38:30 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempaj3852.html [2010/11/02 12:33:03 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempOk7324.html [2010/10/23 09:18:52 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempnf4980.html [2010/10/18 18:33:18 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempUz5028.html [2010/10/18 18:33:18 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempsX5028.html [2010/10/16 21:24:01 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempLd5708.html [2010/10/16 21:24:01 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempRN5708.html [2010/10/09 09:50:08 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempYE6604.html [2010/10/08 19:23:38 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempnYg808.html [2010/10/08 19:23:38 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempQVE808.html [2010/10/05 12:42:15 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempeu6072.html [2010/10/05 12:42:15 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempGU6072.html [2010/09/27 17:01:47 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempMY6048.html [2010/09/27 17:01:47 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempxZ6048.html [2010/09/21 19:01:35 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempEd5956.html [2010/09/21 19:01:35 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempCh5956.html [2010/09/06 19:14:08 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempVk1824.html [2010/08/29 20:13:44 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempia3976.html [2010/08/29 20:13:44 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempxc3976.html [2010/08/25 20:33:33 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempim3440.html [2010/08/25 20:33:15 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempQb3440.html [2010/08/24 11:46:11 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempVl1432.html [2010/08/24 11:45:47 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempFF1432.html [2010/08/12 09:06:30 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempup4676.html [2010/08/12 09:06:30 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TemppV4676.html [2010/08/07 20:26:29 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Temphf4352.html [2010/08/07 20:26:29 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempyR4352.html [2010/06/15 18:12:11 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempXc5020.html [2010/06/14 14:13:46 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempOw4364.html [2010/06/14 14:13:46 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempbp4364.html [2010/06/10 09:00:27 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TemplT1440.html [2010/06/06 14:22:00 | 000,001,250 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2010/06/06 14:12:45 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempHc1240.html [2010/06/06 12:52:32 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempDI2204.html [2010/06/06 12:52:32 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempLb2204.html [2010/06/06 12:51:14 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\Tempch2204.html [2010/05/29 18:47:28 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempYN4836.html [2010/05/29 18:47:28 | 000,002,089 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempBW4836.html [2010/05/18 16:40:08 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TempWH3592.html [2010/05/17 22:53:07 | 000,002,432 | ---- | C] () -- C:\Users\Monika\AppData\Local\TemppQ2116.html [2010/05/08 13:03:10 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/05/05 22:47:35 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010/05/05 22:46:07 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010/05/05 22:46:07 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2009/12/26 01:43:03 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2009/12/26 01:43:03 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [color=#E56717]========== LOP Check ==========[/color] [2011/02/25 21:42:35 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\2uyzyybawqyivmvjmp1qlenu1qvmtu22 [2010/06/06 15:18:27 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Auslogics [2011/02/13 21:07:02 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Birdstep Technology [2011/02/25 21:43:03 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\flzswe1gzabuf1papzvfmw1pyt3ufpz2 [2011/02/12 19:26:39 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Gadu-Gadu 10 [2011/02/12 11:54:09 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\ghnzeasbbiwjolm3ruhioyugbyrrhon2 [2011/02/25 21:47:43 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\ipla [2011/02/25 21:42:49 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\iw3ndi3msoklp3oqsixtypssrxllmbp2 [2010/05/20 20:46:44 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\OpenFM [2010/05/05 17:25:51 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Opera [2011/02/02 23:11:10 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\qme1zi2q2iywvmulgjkozxrxucjwgdx [2011/01/22 09:35:00 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\RDRM [2011/02/22 13:40:38 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\st2qprtgqxsmbg3gxfp3fj2dkhi2dsz2 [2011/02/25 12:30:45 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\swvfrtnieys3jq2j3de3v1ssio23g2r2 [2010/05/05 17:13:26 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\TuneUp Software [2011/02/22 16:23:04 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\vo1flivnpn1z3uofbk3i3pipsrze2232 [2011/02/25 21:42:42 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\x1kyduebmsvyynohdhdo3fzerdavyark2 [2011/02/25 21:42:56 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\x2zmyaalsd1drgnkmuinckrm2pexrcku2 [2011/02/18 11:06:30 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\xa1bqgdaefhtuknznv3bfdxxzc3nooab2 [2011/02/02 23:11:14 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\xanhdchjkxfyceyvdls12urjhc1kmtbb2 [2011/02/21 15:40:34 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\xctamz2lbdozdbjuodvszgykip313gjk2 [2011/02/22 16:11:13 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\xeklfxqlny3332uv2xubebojb1bezqus2 [2011/02/20 15:18:26 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\xfrykixo1gyscwuzcgay22tggndbxxq32 [2011/02/10 15:39:07 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\xgky13ehnhiy1afbspkw2b21nepvuimi2 [2011/02/24 15:36:49 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\xh2gmemffr1ifdotkablpxebwkb2qvos2 [2011/02/06 23:22:14 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\xlz2qrudbrdz13oxuiczefdhs1tdqxbc2 [2011/02/11 13:08:24 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\xnkyhzbu1ypdxotemc3k1fqcwcwexyxi2 [2011/02/21 16:18:15 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\xpoqajxu2kqrblmfmoqrcv3tnr1da2gm2 [2011/02/23 17:43:06 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\xtnfdgjzru13fjamt2xtmsewpluriz1i2 [2011/02/25 21:43:06 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\xxifdbbu1l3zgt2nbzhdkykk3cpmlqfd2 [2010/12/02 16:36:00 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011/02/25 21:47:08 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys [2010/05/04 21:46:39 | 000,305,862 | ---- | M] () -- C:\lv.log [2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll [2011/02/25 21:47:13 | 4141,977,600 | -HS- | M] () -- C:\pagefile.sys [2010/05/04 21:41:25 | 000,002,895 | ---- | M] () -- C:\RHDSetup.log [2010/05/04 21:46:28 | 000,000,073 | -H-- | M] () -- C:\splash.idx [2010/06/06 15:19:45 | 000,088,977 | ---- | M] () -- C:\test.xml [2009/12/15 11:53:48 | 000,003,872 | -H-- | M] () -- C:\version [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009/07/14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009/07/14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys [2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys [2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys [2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe [2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < End of report >