OTL logfile created on: 2010-06-18 22:27:29 - Run 3 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Mateusz\Downloads An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 66,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 7,09 Gb Free Space | 18,16% Space Free | Partition Type: NTFS Drive D: | 109,98 Gb Total Space | 12,12 Gb Free Space | 11,02% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MATEUSZ-PC Current User Name: Mateusz Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-06-18 22:06:41 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Downloads\OTL.exe PRC - [2010-06-17 22:31:52 | 000,094,208 | ---- | M] () -- C:\Program Files\Tlen7\tlen7.exe PRC - [2010-06-15 02:57:43 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe PRC - [2010-06-02 07:57:48 | 000,945,648 | ---- | M] (Google Inc.) -- C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2010-03-18 10:09:17 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Mateusz\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe PRC - [2010-03-09 04:52:49 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe PRC - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe PRC - [2010-02-26 01:22:09 | 000,194,424 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\AddOns\Norton AddOn Pack\Engine\4.7.0.4\ccproxy.exe PRC - [2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-10-08 22:25:14 | 011,391,592 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe PRC - [2009-09-12 01:34:12 | 001,488,128 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe PRC - [2009-08-31 16:56:26 | 000,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009-07-14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009-07-14 03:14:28 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe PRC - [2009-05-19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009-04-30 12:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe PRC - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008-07-08 10:48:16 | 000,204,800 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\Windows\System32\s3trayp.exe PRC - [2008-03-05 09:12:24 | 000,102,400 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\Windows\System32\S3Funkey.exe PRC - [2007-03-06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-06-18 22:06:41 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Downloads\OTL.exe MOD - [2009-07-14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009-07-14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-05-26 11:54:10 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-04-10 17:05:58 | 000,266,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc) SRV - [2010-03-28 21:27:03 | 000,332,720 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe -- (NIS) SRV - [2010-02-26 01:22:09 | 000,194,424 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\AddOns\Norton AddOn Pack\Engine\4.7.0.4\ccProxy.exe -- (ccProxy) SRV - [2009-10-27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-09-12 01:34:12 | 001,488,128 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (O&O Defrag) SRV - [2009-08-30 13:22:30 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009-07-14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009-07-14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009-07-14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009-07-14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009-07-14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009-07-14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-07-14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009-07-14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009-07-14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009-07-14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009-07-14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009-07-14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalator formantów ActiveX (AxInstSV) SRV - [2009-07-14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009-07-14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009-05-19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009-04-30 12:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service) SRV - [2009-04-29 03:21:04 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService) SRV - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2007-05-31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007-03-06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-05-28 21:33:19 | 000,344,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100617.001\IDSvix86.sys -- (IDSVix86) DRV - [2010-05-28 13:04:52 | 000,014,896 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI) DRV - [2010-05-27 12:54:29 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2010-05-27 12:54:29 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2010-05-22 20:16:04 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100522.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2010-05-11 12:24:21 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100617.051\NAVEX15.SYS -- (NAVEX15) DRV - [2010-05-11 12:24:21 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100617.051\NAVENG.SYS -- (NAVENG) DRV - [2010-05-06 06:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1107000.00C\SYMTDIV.SYS -- (SYMTDIv) DRV - [2010-05-06 06:01:44 | 000,044,080 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM) DRV - [2010-04-29 07:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NIS\1107000.00C\Ironx86.SYS -- (SymIRON) DRV - [2010-04-22 05:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NIS\1107000.00C\SYMEFA.SYS -- (SymEFA) DRV - [2010-04-22 04:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\Drivers\NIS\1107000.00C\SRTSP.SYS -- (SRTSP) DRV - [2010-04-22 04:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NIS\1107000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2010-04-02 21:52:02 | 001,266,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2010-02-26 02:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NIS\1107000.00C\ccHPx86.sys -- (ccHP) DRV - [2009-12-30 12:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt) DRV - [2009-12-11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009-11-15 22:13:17 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-11-06 00:06:13 | 000,328,752 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\NIS\1107000.00C\SYMDS.SYS -- (SymDS) DRV - [2009-10-06 12:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-10-06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-10-06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-10-06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-09-11 15:18:57 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2009-07-14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009-07-14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009-07-14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009-07-14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009-07-14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009-07-14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009-07-14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009-07-14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009-07-14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009-07-14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009-07-14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009-07-14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009-07-14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009-07-14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009-07-14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009-07-14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009-07-14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009-07-14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009-07-14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009-07-14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009-07-14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009-07-14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009-07-14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009-07-14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009-07-14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009-07-14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009-07-14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009-07-14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009-07-14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009-07-14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009-07-14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009-07-14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009-07-14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009-07-14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009-07-14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009-07-14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009-07-14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus) DRV - [2009-07-14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009-07-14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009-07-14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009-07-14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009-07-14 01:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt) DRV - [2009-07-14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009-07-14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci) DRV - [2009-07-14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009-07-14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009-07-14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009-07-14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009-07-14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009-07-14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID) DRV - [2009-07-14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009-07-14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt) DRV - [2009-07-14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009-07-14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009-07-14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009-07-14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009-07-14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009-07-14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009-07-14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009-07-14 00:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92) DRV - [2009-07-14 00:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac) DRV - [2009-07-14 00:13:45 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA) DRV - [2009-07-14 00:02:53 | 000,044,032 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fetnd6.sys -- (FETNDIS) DRV - [2009-07-14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009-07-14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009-07-14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009-07-10 11:03:04 | 001,381,632 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2009-04-29 03:20:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio) DRV - [2009-02-12 14:00:22 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2009-02-12 13:58:16 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2009-02-12 13:57:28 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2009-02-03 17:36:58 | 000,059,000 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2009-01-12 07:50:40 | 000,814,592 | ---- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VTGKModeDX32.sys -- (S3GIGP) DRV - [2008-10-21 10:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdm.sys -- (s0017mdm) DRV - [2008-10-21 10:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) DRV - [2008-10-21 10:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) DRV - [2008-10-21 10:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017obex.sys -- (s0017obex) DRV - [2008-10-21 10:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM) DRV - [2008-10-21 10:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) DRV - [2008-10-21 10:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdfl.sys -- (s0017mdfl) DRV - [2008-09-22 03:20:42 | 000,043,520 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fetnd6v.sys -- (FETND6V) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-05-16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) DRV - [2008-05-16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) DRV - [2008-05-16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl) DRV - [2008-05-16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm) DRV - [2008-05-16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) DRV - [2008-05-16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex) DRV - [2008-05-16 12:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM) DRV - [2008-01-09 11:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri) DRV - [2007-09-25 16:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo) DRV - [2006-06-14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2003-04-19 00:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tandpl.sys -- (tandpl) DRV - [2003-03-02 17:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\enodpl.sys -- (enodpl) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: firefox@facebook.com:1.4.4 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3 FF - prefs.js..extensions.enabledItems: sxipper@sxip.com:2.3.3 FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:0.7.1 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6 FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.5 FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.2.3 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9 FF - prefs.js..extensions.enabledItems: {47624dda-b77e-4feb-820a-e4f077d5d4ca}:9.9.2 FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5 FF - prefs.js..extensions.enabledItems: {9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}:6.0.4 FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.1 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3 FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.1.0521 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.8 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.3 FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6 FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0 FF - prefs.js..extensions.enabledItems: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}:0.7.2 FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010-05-26 07:21:36 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010-01-26 12:13:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010-03-06 13:52:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-14 00:50:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-28 20:06:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-04-28 20:06:21 | 000,000,000 | ---D | M] [2010-06-12 23:48:47 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions [2010-06-12 23:48:47 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions\MediaCoder-Setup-Wizard [2010-05-28 17:01:38 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions [2010-03-13 00:26:00 | 000,000,000 | ---D | M] (MacOSX Theme) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9} [2010-05-17 01:40:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2010-05-17 01:40:48 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2009-12-09 21:43:12 | 000,000,000 | ---D | M] (AvantGarde Mist) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{1bb9ca60-cdad-11dd-ad8b-0800200c9a66} [2010-05-08 00:03:45 | 000,000,000 | ---D | M] (Weave Sync) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef} [2010-05-25 20:17:09 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010-03-02 15:16:30 | 000,000,000 | ---D | M] (Boost for Facebook) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{47624dda-b77e-4feb-820a-e4f077d5d4ca} [2010-02-16 21:50:45 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{64161300-e22b-11db-8314-0800200c9a66} [2009-12-09 21:46:29 | 000,000,000 | ---D | M] (MR Tech Toolkit) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC} [2010-05-28 16:51:59 | 000,000,000 | ---D | M] (kikin plugin (JDownloader Edition)) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED} [2009-08-29 14:24:49 | 000,000,000 | ---D | M] (BBCode) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{AE37D527-6604-461c-8102-975CF8053A2F} [2010-04-18 23:29:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2009-09-09 18:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB} [2010-05-25 20:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} [2010-05-08 00:03:46 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-04-18 23:29:56 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2009-09-09 18:27:42 | 000,000,000 | ---D | M] (Extended Statusbar) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d} [2010-04-18 23:30:02 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-05-17 12:59:22 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2009-08-29 01:51:27 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\elemhidehelper@adblockplus.org [2010-05-08 00:03:41 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\firefox@facebook.com [2010-04-18 23:29:48 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\personas@christopher.beard [2010-03-08 12:58:15 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\sxipper@sxip.com [2009-11-11 22:25:18 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\sz019e0q.default\extensions\tineye@ideeinc.com [2009-09-27 19:17:11 | 000,006,199 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\FireFox\Profiles\sz019e0q.default\searchplugins\filmwebpl.xml [2010-05-25 17:00:30 | 000,001,104 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\FireFox\Profiles\sz019e0q.default\searchplugins\konfliktypl.xml [2009-11-23 14:37:25 | 000,001,979 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\FireFox\Profiles\sz019e0q.default\searchplugins\wrzuta.xml [2010-04-15 14:24:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-03-03 01:12:48 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-06-14 12:44:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-06-14 12:43:31 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-01-23 17:23:54 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-01-23 17:23:54 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-23 17:23:54 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-23 17:23:54 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-23 17:23:54 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-23 17:23:54 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-06-15 16:54:35 | 000,610,636 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 fr.a2dfp.net O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net O1 - Hosts: 127.0.0.1 ad.a8.net O1 - Hosts: 127.0.0.1 asy.a8ww.net O1 - Hosts: 127.0.0.1 adserver.abv.bg O1 - Hosts: 127.0.0.1 adv.abv.bg O1 - Hosts: 127.0.0.1 bimg.abv.bg O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com O1 - Hosts: 127.0.0.1 accuserveadsystem.com O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com O1 - Hosts: 127.0.0.1 achmedia.com O1 - Hosts: 127.0.0.1 aconti.net O1 - Hosts: 127.0.0.1 secure.aconti.net O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti] O1 - Hosts: 127.0.0.1 ads.active.com O1 - Hosts: 127.0.0.1 am1.activemeter.com O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie] O1 - Hosts: 127.0.0.1 ads.activepower.net O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie] O1 - Hosts: 127.0.0.1 ad2games.com O1 - Hosts: 127.0.0.1 cms.ad2click.nl O1 - Hosts: 127.0.0.1 ads.ad2games.com O1 - Hosts: 127.0.0.1 content.ad20.net O1 - Hosts: 16100 more lines... O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll (kikin) O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\5.0.375.62\npchrome_frame.dll (Google Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Mateusz\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [S3Funkey] C:\Windows\System32\S3Funkey.exe (S3 Graphics Co., Ltd.) O4 - HKLM..\Run: [S3Trayp] C:\Windows\System32\s3trayp.exe (S3 Graphics Co., Ltd.) O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001..\Run: [Tlen.pl] C:\Program Files\Tlen7\tlen7.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0 O7 - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0 O7 - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserFolderInStartMenu = 0 O7 - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0 O7 - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0 O7 - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyGames = 0 O7 - HKU\S-1-5-21-2260013373-3029060159-2391835994-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm () O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Ustawienia wtyczki &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll (kikin) O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.51 213.199.225.14 213.199.225.10 O18 - Protocol\Handler\cf - No CLSID value found O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\5.0.375.62\npchrome_frame.dll (Google Inc.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010-06-02 15:25:56 | 000,012,621 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O33 - MountPoints2\{10800184-9425-11de-9e9c-00140b3c7d25}\Shell - "" = AutoRun O33 - MountPoints2\{10800184-9425-11de-9e9c-00140b3c7d25}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- File not found O33 - MountPoints2\{1c050007-f781-11de-8b99-00140b3c7d25}\Shell - "" = AutoRun O33 - MountPoints2\{1c050007-f781-11de-8b99-00140b3c7d25}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (OODBS) - C:\Windows\System32\OODBS.exe (O&O Software GmbH) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-06-18 02:10:06 | 000,000,000 | ---D | C] -- C:\fsc.tmp [2010-06-17 01:48:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Monopol - Product of Poland Vol. 100 Percent PL 2009 [2010-06-16 01:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ALLPlayer [2010-06-15 00:15:00 | 000,044,080 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SymIMV.sys [2010-06-14 23:05:36 | 000,068,096 | ---- | C] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe [2010-06-14 20:37:35 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe [2010-06-14 20:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\Jamdat [2010-06-14 12:44:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010-06-14 12:43:54 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010-06-14 12:43:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010-06-14 12:43:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010-06-13 22:42:48 | 000,000,000 | ---D | C] -- C:\Program Files\Palringo [2010-06-12 23:48:37 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Broad Intelligence [2010-06-11 23:23:17 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Magnetyzujące dekolty - Joe Monster_files [2010-06-11 00:41:26 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010-06-11 00:41:26 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010-06-11 00:41:26 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010-06-11 00:41:26 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010-06-11 00:41:24 | 002,326,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010-06-11 00:41:01 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010-06-11 00:40:18 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010-06-11 00:40:18 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010-06-06 17:00:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sierra [2010-06-06 17:00:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Empire Earth II [2010-06-03 20:58:33 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\System32\tm20dec.ax [2010-06-03 20:58:33 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LMRTREND.dll [2010-06-03 20:58:31 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft3.dll [2010-06-03 20:58:26 | 000,217,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\strmdll.dll [2010-06-03 20:58:25 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unam4ie.exe [2010-06-03 20:58:11 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\danim.dll [2010-06-03 20:58:11 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz.drv [2010-06-03 20:58:10 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcut.dll [2010-06-03 20:58:06 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.dll [2010-06-03 20:58:06 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.dll [2010-06-03 16:16:42 | 000,162,816 | ---- | C] (Firelight Technologies Pty, Ltd) -- C:\Windows\System32\fmod.dll [2010-06-02 18:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\MegaDev [2010-06-02 15:10:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\palmtop [2010-06-02 13:27:52 | 000,000,000 | ---D | C] -- C:\Program Files\CeRegEditor [2010-06-02 11:33:20 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile [2010-05-31 21:07:34 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll [2010-05-31 21:07:34 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2010-05-31 21:07:34 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2010-05-31 21:07:34 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2010-05-31 21:07:29 | 001,294,336 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\System32\vorbis.acm [2010-05-31 21:07:29 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm [2010-05-31 21:07:29 | 000,287,744 | ---- | C] (Kristal StudioDFileDescription) -- C:\Windows\System32\divxa32.acm [2010-05-31 21:07:29 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\mp3fhg.acm [2010-05-31 21:07:28 | 000,391,680 | ---- | C] (Intel Corporation) -- C:\Windows\System32\I263_32.drv [2010-05-31 21:07:28 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2010-05-31 21:07:28 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2010-05-31 21:07:28 | 000,039,936 | ---- | C] (Disappearing Inc.) -- C:\Windows\System32\huffyuv.dll [2010-05-31 21:07:27 | 000,630,784 | ---- | C] (On2.com) -- C:\Windows\System32\vp7vfw.dll [2010-05-31 21:07:27 | 000,438,272 | ---- | C] (On2.com) -- C:\Windows\System32\vp6vfw.dll [2010-05-31 21:07:27 | 000,413,760 | ---- | C] (Hacked with Joy !) -- C:\Windows\System32\DivXc32f.dll [2010-05-31 21:07:27 | 000,413,760 | ---- | C] (Hacked with Joy !) -- C:\Windows\System32\DivXc32.dll [2010-05-31 21:07:26 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\dpl100.dll [2010-05-31 21:07:25 | 000,720,384 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx.dll [2010-05-31 02:14:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\HPAppData [2010-05-31 02:11:54 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia [2010-05-30 02:02:34 | 000,000,000 | ---D | C] -- C:\Program Files\mektek.net [2010-05-28 22:50:57 | 000,000,000 | ---D | C] -- C:\Program Files\SoftprojectGP [2010-05-28 13:04:52 | 000,014,896 | ---- | C] (Secunia) -- C:\Windows\System32\drivers\psi_mf.sys [2010-05-27 16:28:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\FixItCenter [2010-05-27 16:21:16 | 000,000,000 | ---D | C] -- C:\Windows\MATS [2010-05-27 16:21:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center [2010-05-27 16:05:59 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\kikin [2010-05-27 16:05:52 | 000,000,000 | ---D | C] -- C:\Program Files\kikin [2010-05-27 16:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader [2010-05-26 18:29:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm [2010-05-26 18:28:43 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Last.fm [2010-05-26 18:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\Last.fm [2010-05-26 11:54:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat [2010-05-26 07:15:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010-05-25 16:57:08 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe3A15.dll [2010-05-25 16:54:41 | 000,000,000 | ---D | C] -- C:\Program Files\Avanquest update [2010-05-23 23:22:58 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\s [2010-05-23 14:51:28 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\System32\D3DX81ab.dll [2010-05-23 14:51:26 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine [2010-05-23 14:25:17 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Eidos [2010-05-21 18:32:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Student [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-06-18 22:33:18 | 007,864,320 | ---- | M] () -- C:\Users\Mateusz\NTUSER.DAT [2010-06-18 22:14:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2260013373-3029060159-2391835994-1001UA.job [2010-06-18 22:09:05 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010-06-18 22:09:05 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010-06-18 22:04:13 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2010-06-18 22:02:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-06-18 22:01:26 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2010-06-18 22:01:25 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-06-18 22:01:17 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-06-18 22:01:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-06-18 22:01:08 | 000,691,684 | ---- | M] () -- C:\Windows\System32\oodbs.lor [2010-06-18 21:58:58 | 006,291,456 | -H-- | M] () -- C:\Users\Mateusz\AppData\Local\IconCache.db [2010-06-18 21:58:30 | 000,000,176 | ---- | M] () -- C:\Users\Mateusz\defogger_reenable [2010-06-18 21:51:12 | 000,160,099 | ---- | M] () -- C:\Users\Mateusz\Desktop\norton.png [2010-06-18 21:14:28 | 001,156,286 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1107000.00C\Cat.DB [2010-06-18 00:23:32 | 001,632,843 | ---- | M] () -- C:\Users\Mateusz\Desktop\.... 011.jpg [2010-06-18 00:23:32 | 001,507,213 | ---- | M] () -- C:\Users\Mateusz\Desktop\009.jpg [2010-06-18 00:23:32 | 000,648,278 | ---- | M] () -- C:\Users\Mateusz\Desktop\010.jpg [2010-06-18 00:10:37 | 000,182,260 | ---- | M] () -- C:\Users\Mateusz\Desktop\3.png [2010-06-18 00:09:03 | 000,201,207 | ---- | M] () -- C:\Users\Mateusz\Desktop\2.png [2010-06-18 00:08:24 | 000,191,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\1.png [2010-06-17 09:14:03 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2260013373-3029060159-2391835994-1001Core.job [2010-06-15 16:52:35 | 000,610,636 | ---- | M] () -- C:\Users\Mateusz\Desktop\hosts [2010-06-15 13:06:54 | 000,312,772 | ---- | M] () -- C:\Users\Mateusz\Desktop\mapuncia ;).png [2010-06-14 23:05:42 | 000,009,657 | ---- | M] () -- C:\Windows\scunin.dat [2010-06-14 23:05:36 | 000,068,096 | ---- | M] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe [2010-06-14 23:05:36 | 000,000,967 | ---- | M] () -- C:\Windows\ScUnin.pif [2010-06-14 21:10:46 | 000,369,573 | ---- | M] () -- C:\Users\Mateusz\Desktop\GPS_002.jpg [2010-06-14 18:44:18 | 000,194,859 | ---- | M] () -- C:\Users\Mateusz\Desktop\GPS_001.jpg [2010-06-14 14:42:32 | 000,003,304 | ---- | M] () -- C:\bootsqm.dat [2010-06-14 12:43:29 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010-06-14 12:43:29 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010-06-14 12:43:29 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010-06-14 12:43:28 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010-06-14 12:16:02 | 000,737,482 | ---- | M] () -- C:\Users\Mateusz\Desktop\IMAG0008.jpg [2010-06-14 12:15:54 | 000,771,605 | ---- | M] () -- C:\Users\Mateusz\Desktop\IMAG0007.jpg [2010-06-14 12:15:46 | 000,746,905 | ---- | M] () -- C:\Users\Mateusz\Desktop\IMAG0006.jpg [2010-06-13 21:10:55 | 001,532,096 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010-06-13 21:10:55 | 000,691,176 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-06-13 21:10:55 | 000,610,094 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-06-13 21:10:55 | 000,132,638 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-06-13 21:10:55 | 000,104,412 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-06-13 00:02:46 | 000,626,951 | ---- | M] () -- C:\Users\Mateusz\Desktop\IMAG0005.jpg [2010-06-12 23:12:16 | 000,398,004 | ---- | M] () -- C:\Users\Mateusz\Desktop\RING-SYNTHIA.MP3 [2010-06-12 10:16:48 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\AWC Update.job [2010-06-11 23:23:17 | 000,071,758 | ---- | M] () -- C:\Users\Mateusz\Desktop\Magnetyzujące dekolty - Joe Monster.htm [2010-06-11 08:33:27 | 000,366,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-06-06 16:33:25 | 000,000,389 | ---- | M] () -- C:\Users\Public\Desktop\Uruchom Empire Earth II Władza absolutna.lnk [2010-06-06 16:09:55 | 000,000,385 | ---- | M] () -- C:\Users\Public\Desktop\Empire Earth II.lnk [2010-06-03 21:06:19 | 000,000,767 | ---- | M] () -- C:\Users\Mateusz\Desktop\Call To Power 2.lnk [2010-06-03 20:58:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.dll [2010-06-03 20:58:05 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.dll [2010-06-03 16:32:41 | 000,000,063 | -H-- | M] () -- C:\Users\Mateusz\Documents\.picasa.ini [2010-06-03 16:32:32 | 001,198,240 | ---- | M] () -- C:\Users\Mateusz\Documents\obraz4 372.jpg [2010-06-03 16:26:08 | 001,546,113 | ---- | M] () -- C:\Users\Mateusz\Documents\obraz4 371.jpg [2010-06-03 16:25:58 | 001,186,420 | ---- | M] () -- C:\Users\Mateusz\Documents\obraz4 374.jpg [2010-06-03 16:16:42 | 000,162,816 | ---- | M] (Firelight Technologies Pty, Ltd) -- C:\Windows\System32\fmod.dll [2010-06-02 11:41:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2010-06-01 15:15:03 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Civilization III Złota Edycja.lnk [2010-05-31 00:57:40 | 000,017,920 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-05-30 20:55:16 | 000,076,152 | ---- | M] () -- C:\Users\Mateusz\Desktop\Obraz.jpeg [2010-05-30 20:53:38 | 000,033,095 | ---- | M] () -- C:\Users\Mateusz\Documents\2.JPG [2010-05-28 17:17:58 | 000,000,587 | ---- | M] () -- C:\Users\Mateusz\Desktop\RegisterActxprxyAndIeproxy.cmd [2010-05-28 13:04:52 | 000,014,896 | ---- | M] (Secunia) -- C:\Windows\System32\drivers\psi_mf.sys [2010-05-27 10:00:00 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll [2010-05-27 10:00:00 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2010-05-27 10:00:00 | 000,108,032 | ---- | M] () -- C:\Windows\System32\ff_vfw.dll [2010-05-27 10:00:00 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2010-05-27 10:00:00 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2010-05-27 10:00:00 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.ini [2010-05-27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010-05-27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010-05-26 22:58:22 | 003,315,712 | ---- | M] () -- C:\Windows\System32\x264vfw.dll [2010-05-25 16:57:09 | 000,148,736 | ---- | M] (Avanquest Software) -- C:\ProgramData\hpe3A15.dll [2010-05-21 14:19:19 | 000,000,598 | ---- | M] () -- C:\Users\Public\Desktop\Gwiezdne Wilki 2.lnk [2010-05-21 07:14:50 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-06-18 21:57:53 | 000,000,176 | ---- | C] () -- C:\Users\Mateusz\defogger_reenable [2010-06-18 21:50:35 | 000,160,099 | ---- | C] () -- C:\Users\Mateusz\Desktop\norton.png [2010-06-18 00:22:38 | 001,632,843 | ---- | C] () -- C:\Users\Mateusz\Desktop\.... 011.jpg [2010-06-18 00:22:38 | 001,507,213 | ---- | C] () -- C:\Users\Mateusz\Desktop\009.jpg [2010-06-18 00:22:38 | 000,648,278 | ---- | C] () -- C:\Users\Mateusz\Desktop\010.jpg [2010-06-18 00:10:36 | 000,182,260 | ---- | C] () -- C:\Users\Mateusz\Desktop\3.png [2010-06-18 00:09:02 | 000,201,207 | ---- | C] () -- C:\Users\Mateusz\Desktop\2.png [2010-06-18 00:08:23 | 000,191,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\1.png [2010-06-15 13:06:53 | 000,312,772 | ---- | C] () -- C:\Users\Mateusz\Desktop\mapuncia ;).png [2010-06-14 23:13:04 | 000,369,573 | ---- | C] () -- C:\Users\Mateusz\Desktop\GPS_002.jpg [2010-06-14 23:13:02 | 000,194,859 | ---- | C] () -- C:\Users\Mateusz\Desktop\GPS_001.jpg [2010-06-14 23:05:42 | 000,009,657 | ---- | C] () -- C:\Windows\scunin.dat [2010-06-14 23:05:36 | 000,000,967 | ---- | C] () -- C:\Windows\ScUnin.pif [2010-06-14 15:36:46 | 000,737,482 | ---- | C] () -- C:\Users\Mateusz\Desktop\IMAG0008.jpg [2010-06-14 15:36:45 | 000,771,605 | ---- | C] () -- C:\Users\Mateusz\Desktop\IMAG0007.jpg [2010-06-14 15:36:43 | 000,746,905 | ---- | C] () -- C:\Users\Mateusz\Desktop\IMAG0006.jpg [2010-06-14 14:42:32 | 000,003,304 | ---- | C] () -- C:\bootsqm.dat [2010-06-13 00:00:53 | 000,626,951 | ---- | C] () -- C:\Users\Mateusz\Desktop\IMAG0005.jpg [2010-06-11 23:23:25 | 000,071,758 | ---- | C] () -- C:\Users\Mateusz\Desktop\Magnetyzujące dekolty - Joe Monster.htm [2010-06-06 16:33:25 | 000,000,389 | ---- | C] () -- C:\Users\Public\Desktop\Uruchom Empire Earth II Władza absolutna.lnk [2010-06-06 16:09:55 | 000,000,385 | ---- | C] () -- C:\Users\Public\Desktop\Empire Earth II.lnk [2010-06-03 21:06:19 | 000,000,767 | ---- | C] () -- C:\Users\Mateusz\Desktop\Call To Power 2.lnk [2010-06-03 20:58:11 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll [2010-06-03 20:58:11 | 000,005,672 | ---- | C] () -- C:\Windows\System32\quartz.vxd [2010-06-03 16:31:41 | 001,198,240 | ---- | C] () -- C:\Users\Mateusz\Documents\obraz4 372.jpg [2010-06-03 16:24:33 | 001,186,420 | ---- | C] () -- C:\Users\Mateusz\Documents\obraz4 374.jpg [2010-06-03 16:24:30 | 001,546,113 | ---- | C] () -- C:\Users\Mateusz\Documents\obraz4 371.jpg [2010-06-02 11:41:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2010-06-01 15:15:02 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Civilization III Złota Edycja.lnk [2010-05-31 21:07:31 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-05-31 21:07:29 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2010-05-31 21:07:28 | 003,315,712 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2010-05-31 21:07:27 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010-05-31 21:07:24 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-05-31 21:07:24 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2010-05-30 20:55:32 | 000,076,152 | ---- | C] () -- C:\Users\Mateusz\Desktop\Obraz.jpeg [2010-05-30 20:53:46 | 000,000,063 | -H-- | C] () -- C:\Users\Mateusz\Documents\.picasa.ini [2010-05-30 20:53:37 | 000,033,095 | ---- | C] () -- C:\Users\Mateusz\Documents\2.JPG [2010-05-28 22:50:58 | 000,059,904 | ---- | C] () -- C:\Windows\System32\zlib.dll [2010-05-23 14:51:28 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll [2010-05-21 14:19:18 | 000,000,598 | ---- | C] () -- C:\Users\Public\Desktop\Gwiezdne Wilki 2.lnk [2010-04-30 18:52:18 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2009-12-20 00:59:02 | 000,000,751 | ---- | C] () -- C:\Windows\STA2.ini [2009-10-14 02:00:53 | 000,007,552 | ---- | C] () -- C:\Windows\System32\drivers\enodpl.sys [2009-10-14 02:00:53 | 000,004,736 | ---- | C] () -- C:\Windows\System32\drivers\tandpl.sys [2009-10-02 19:43:02 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2009-10-02 19:43:02 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2009-10-02 19:43:02 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2009-09-26 21:39:55 | 000,008,704 | ---- | C] () -- C:\Windows\System32\cpuxp.sys [2009-08-28 17:47:51 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009-02-18 17:34:30 | 000,003,102 | ---- | C] () -- C:\Windows\Gs.ini [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008-04-28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2006-10-27 08:26:56 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll [2002-03-17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000088.DLL [color=#E56717]========== LOP Check ==========[/color] [2009-08-28 18:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\.wtw [2010-05-07 23:23:09 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\AIMP [2009-09-28 00:42:44 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Ashampoo [2010-04-08 18:21:43 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Auslogics [2010-06-16 00:55:19 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2010-05-06 14:55:43 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Broad Intelligence [2010-01-07 14:50:17 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\CBS Interactive [2010-05-14 23:01:17 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\cspa [2009-10-09 11:12:34 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2009-08-29 00:59:10 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Pro [2009-11-29 20:41:06 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DeviceDoctorSoftware [2010-01-18 21:39:23 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Echidna LLC [2010-06-16 00:53:25 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2010-04-22 22:59:10 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\FreshDiagnose [2010-03-25 17:56:58 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GG Tools [2009-10-25 23:13:37 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GlarySoft [2010-01-18 01:34:54 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\HD Tune Pro [2009-11-25 11:53:36 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\IObit [2010-05-28 16:51:59 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\kikin [2010-01-20 16:32:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MD5 Checksum Verifier [2010-05-25 20:26:41 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MyPhoneExplorer [2010-06-15 18:14:37 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\mytribe [2010-01-19 15:08:46 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Nokia [2010-03-25 21:40:48 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Nowe Gadu-Gadu [2010-01-08 00:33:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\OpenCandy [2009-09-13 17:50:59 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\OpenFM [2009-09-20 12:03:21 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera [2009-12-20 01:40:13 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\PC Suite [2010-04-05 17:23:47 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Petroglyph [2009-08-29 01:28:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Qrix [2010-04-08 16:33:56 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\SeriousBit [2010-06-06 17:00:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sierra [2010-01-11 23:22:31 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\smc [2010-03-30 21:23:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\SystemRequirementsLab [2009-08-28 23:16:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\TeamViewer [2009-10-13 23:26:02 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Tlen.pl [2010-01-14 00:40:47 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Ulead Systems [2009-10-25 17:43:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Uniblue [2010-06-14 20:32:46 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\uTorrent [2009-10-15 15:13:17 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ValuSoft [2009-10-13 20:11:08 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\VitySoft [2010-06-14 13:36:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\VSO [2010-01-25 01:00:14 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Wireshark [2010-06-12 10:16:48 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\AWC Update.job [2010-06-18 22:01:26 | 000,000,314 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job [2010-06-03 15:10:20 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:8FF81EB0 @Alternate Data Stream - 186 bytes -> C:\ProgramData\TEMP:D287FACF @Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:CF778051 @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:010ADD2C @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D74B6CF5 < End of report >