OTL logfile created on: 2011-05-10 17:42:44 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Download Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 40,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 51,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 116,44 Gb Total Space | 37,95 Gb Free Space | 32,59% Space Free | Partition Type: NTFS Drive D: | 106,68 Gb Total Space | 32,68 Gb Free Space | 30,64% Space Free | Partition Type: NTFS Computer Name: MARCEL-PC | User Name: M. Szczepaniak | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-05-09 23:35:06 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Download\OTL.exe PRC - [2011-05-09 10:13:48 | 019,759,104 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files\ipla\ipla.exe PRC - [2011-04-28 07:52:48 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.53\GoogleCrashHandler.exe PRC - [2011-04-26 08:57:54 | 008,989,184 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe PRC - [2011-02-23 17:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011-02-23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2010-11-04 18:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2010-10-27 21:21:54 | 001,155,072 | ---- | M] (Last.fm) -- C:\Program Files\Last.fm\LastFM.exe PRC - [2010-08-17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-04-02 15:20:20 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-03-06 14:44:16 | 001,781,248 | ---- | M] () -- C:\Program Files\foobar2000\foobar2000.exe PRC - [2009-08-18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009-08-18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009-08-07 04:24:04 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe PRC - [2009-06-15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-02-25 14:47:24 | 002,652,056 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe PRC - [2009-02-02 11:40:38 | 000,110,592 | ---- | M] () -- C:\Program Files\NCH Software\Components\mp3el\mp3enc.exe PRC - [2009-02-02 11:40:32 | 000,499,716 | ---- | M] (NCH Software) -- C:\Program Files\NCH Swift Sound\BroadWave\broadwave.exe PRC - [2009-02-02 11:40:10 | 000,475,140 | ---- | M] (NCH Software) -- C:\Program Files\NCH Software\Fling\fling.exe PRC - [2008-12-29 13:31:02 | 000,068,096 | ---- | M] (ChangeIP.com) -- C:\Program Files\HomingBeacon.NET\hb3svc.exe PRC - [2008-12-11 17:58:44 | 000,146,800 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe PRC - [2008-10-25 12:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2008-10-09 17:52:54 | 000,333,120 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe PRC - [2008-10-02 20:05:30 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe PRC - [2008-06-19 21:18:12 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe PRC - [2008-06-18 07:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe PRC - [2008-06-14 00:22:14 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe PRC - [2008-06-04 05:19:17 | 000,692,224 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe PRC - [2008-04-17 05:49:59 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008-04-10 20:32:18 | 001,796,648 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe PRC - [2008-04-10 20:32:18 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2008-04-10 20:32:18 | 000,518,696 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe PRC - [2008-03-18 03:07:02 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2008-03-18 02:59:40 | 002,289,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe PRC - [2008-02-02 00:17:26 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe PRC - [2008-02-01 23:29:32 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\DMedia.exe PRC - [2008-01-24 08:31:51 | 001,208,320 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe PRC - [2008-01-23 19:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe PRC - [2008-01-21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 04:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\alg.exe PRC - [2008-01-21 04:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008-01-21 04:23:32 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe PRC - [2008-01-21 04:23:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe PRC - [2008-01-16 02:27:10 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe PRC - [2008-01-12 07:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe PRC - [2007-12-06 09:12:57 | 000,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2007-12-06 09:12:43 | 001,029,416 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2007-12-04 19:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe PRC - [2007-11-05 04:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe PRC - [2007-10-03 06:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe PRC - [2007-09-09 09:31:46 | 001,046,688 | ---- | M] (Mischel Internet Security) -- C:\Program Files\TrojanHunter 5.0\THGuard.exe PRC - [2007-08-15 20:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe PRC - [2007-08-08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe PRC - [2007-08-03 21:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe PRC - [2007-07-17 20:13:56 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2007-07-17 20:13:34 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe PRC - [2007-07-06 01:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe PRC - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe PRC - [2007-05-18 11:31:16 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe PRC - [2006-02-28 13:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2005-07-15 23:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe PRC - [2005-07-07 00:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-05-09 23:35:06 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Download\OTL.exe MOD - [2011-02-23 17:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2011-01-21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2011-01-21 18:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2011-01-20 18:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2011-01-20 18:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-10-15 15:48:59 | 001,205,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-08-31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-06-28 19:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-04-16 18:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 16:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-06-15 16:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-04-23 14:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 08:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 08:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 08:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2008-10-09 17:53:03 | 000,062,776 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll MOD - [2008-04-10 20:31:36 | 000,208,896 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BtMmHook.dll MOD - [2008-04-10 20:25:54 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll MOD - [2008-01-21 04:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 04:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 04:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 04:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 04:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 04:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-02-23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-10-17 22:22:04 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-03-23 16:24:26 | 000,361,728 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2009-02-02 11:40:32 | 000,499,716 | ---- | M] (NCH Software) [Auto | Running] -- C:\Program Files\NCH Swift Sound\BroadWave\broadwave.exe -- (BroadWaveService) SRV - [2009-02-02 11:40:10 | 000,475,140 | ---- | M] (NCH Software) [Auto | Running] -- C:\Program Files\NCH Software\Fling\fling.exe -- (FlingService) SRV - [2008-12-29 13:31:02 | 000,068,096 | ---- | M] (ChangeIP.com) [Auto | Running] -- C:\Program Files\HomingBeacon.NET\hb3svc.exe -- (HomingBeacon) SRV - [2008-12-11 17:58:44 | 000,146,800 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus) SRV - [2008-10-02 20:05:30 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice) SRV - [2008-07-18 16:05:40 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-10-03 06:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2007-08-08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2007-08-03 21:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr) SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2007-05-18 11:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService) SRV - [2000-06-29 10:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) [Disabled | Stopped] -- C:\Windows\System32\Crypserv.exe -- (Crypkey License) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-23 16:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011-02-23 16:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011-02-23 16:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011-02-23 16:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011-02-23 16:55:03 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011-02-23 16:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-07-30 14:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-07-30 14:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009-06-30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot) DRV - [2009-04-11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009-02-25 14:48:19 | 000,073,840 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PCTAppEvent.sys -- (PCTAppEvent) DRV - [2009-02-25 14:47:41 | 000,095,640 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctplfw.sys -- (pctplfw) DRV - [2008-12-11 09:38:22 | 000,159,600 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\pctgntdi.sys -- (pctgntdi) DRV - [2008-10-21 23:03:52 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2008-09-22 13:29:18 | 000,097,408 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctfw.sys -- (SFilter) DRV - [2008-09-03 14:07:16 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) DRV - [2008-09-03 14:07:14 | 000,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2008-09-03 14:07:12 | 000,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-06-04 06:35:23 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008-06-03 08:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2008-05-29 19:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby) DRV - [2008-05-02 07:59:39 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008-04-27 20:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008-04-07 08:00:45 | 000,006,656 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CRFILTER.sys -- (CRFILTER) DRV - [2008-03-20 03:28:52 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2008-01-24 08:39:23 | 001,090,304 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2007-11-14 08:53:09 | 000,014,864 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2007-10-01 08:59:45 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2007-08-11 05:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm) DRV - [2007-08-03 06:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio) DRV - [2007-07-24 20:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP) DRV - [2006-12-14 06:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2006-09-24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan) DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1993679506-2260695406-3402478088-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com IE - HKU\S-1-5-21-1993679506-2260695406-3402478088-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1993679506-2260695406-3402478088-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-1993679506-2260695406-3402478088-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1993679506-2260695406-3402478088-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1993679506-2260695406-3402478088-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks= [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-03-09 09:30:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011-04-30 20:45:37 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-11-10 00:57:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-02-08 15:23:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011-04-30 20:45:38 | 000,000,000 | ---D | M] [2009-01-18 17:15:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\M. Szczepaniak\AppData\Roaming\mozilla\Extensions [2011-05-10 16:33:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\M. Szczepaniak\AppData\Roaming\mozilla\Firefox\Profiles\yqtehk5x.default\extensions [2010-04-27 21:17:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\M. Szczepaniak\AppData\Roaming\mozilla\Firefox\Profiles\yqtehk5x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-08-19 22:16:19 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\M. Szczepaniak\AppData\Roaming\mozilla\Firefox\Profiles\yqtehk5x.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010-08-19 22:16:11 | 000,000,000 | ---D | M] (Lockerz.com.pl Toolbar) -- C:\Users\M. Szczepaniak\AppData\Roaming\mozilla\Firefox\Profiles\yqtehk5x.default\extensions\{b06f87ae-ae75-4cb0-9d89-0bc6baf0ed00} [2011-01-23 12:19:02 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\M. Szczepaniak\AppData\Roaming\mozilla\Firefox\Profiles\yqtehk5x.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2011-01-23 12:18:59 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\M. Szczepaniak\AppData\Roaming\mozilla\Firefox\Profiles\yqtehk5x.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011-01-23 12:18:52 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\M. Szczepaniak\AppData\Roaming\mozilla\Firefox\Profiles\yqtehk5x.default\extensions\foxyproxy@eric.h.jung [2010-06-30 15:19:17 | 000,000,000 | ---D | M] ("Informational Tab") -- C:\Users\M. Szczepaniak\AppData\Roaming\mozilla\Firefox\Profiles\yqtehk5x.default\extensions\informationaltab@piro.sakura.ne.jp [2010-02-03 23:07:04 | 000,000,000 | ---D | M] (RadioBar Toolbar) -- C:\Users\M. Szczepaniak\AppData\Roaming\mozilla\Firefox\Profiles\yqtehk5x.default\extensions\radiobar@toolbar [2011-04-16 18:21:39 | 000,000,000 | ---D | M] (vShare) -- C:\Users\M. Szczepaniak\AppData\Roaming\mozilla\Firefox\Profiles\yqtehk5x.default\extensions\vshare@toolbar [2009-09-29 21:13:56 | 000,009,941 | ---- | M] () -- C:\Users\M. Szczepaniak\AppData\Roaming\Mozilla\Firefox\Profiles\yqtehk5x.default\searchplugins\mywebsearch.xml [2011-05-10 13:12:16 | 000,001,860 | ---- | M] () -- C:\Users\M. Szczepaniak\AppData\Roaming\Mozilla\Firefox\Profiles\yqtehk5x.default\searchplugins\search.xml [2011-04-16 18:21:56 | 000,001,583 | ---- | M] () -- C:\Users\M. Szczepaniak\AppData\Roaming\Mozilla\Firefox\Profiles\yqtehk5x.default\searchplugins\web-search.xml [2011-05-10 16:43:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-05-23 10:29:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-08-12 20:42:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-10-24 20:26:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-05-01 14:18:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2009-12-21 13:14:50 | 000,000,000 | ---D | M] ("Torbutton") -- C:\Program Files\Mozilla Firefox\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2011-03-09 09:30:56 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2011-04-30 20:45:37 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION [2009-05-08 15:33:26 | 000,000,000 | ---D | M] ("Hide IP NG Add-on") -- C:\USERS\M. SZCZEPANIAK\APPDATA\ROAMING\HIDE IP NG\FIREFOX_PLUGIN [2008-09-04 02:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll [2011-02-02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2004-02-04 20:53:58 | 000,102,400 | ---- | M] (Star Downloader) -- C:\Program Files\Mozilla Firefox\plugins\npstar.dll [2010-03-13 12:56:13 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-03-13 12:56:13 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-03-13 12:56:13 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-03-13 12:56:13 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-03-13 12:56:13 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-03-13 12:56:13 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: ::1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found. O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O2 - BHO: () - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\Program Files\Star Downloader\SDIEInt.dll () O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll () O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-1993679506-2260695406-3402478088-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.) O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools) O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe () O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe () O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe () O4 - HKLM..\Run: [Readar_sl] C:\Users\M. Szczepaniak\AppData\Roaming\Readar_sl.exe (Created with WinAutomation (http://www.WinAutomation.com)) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [THGuard] C:\Program Files\TrojanHunter 5.0\THGuard.exe (Mischel Internet Security) O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1993679506-2260695406-3402478088-1001..\Run: [] File not found O4 - HKU\S-1-5-21-1993679506-2260695406-3402478088-1001..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.) O4 - HKU\S-1-5-21-1993679506-2260695406-3402478088-1001..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeAnimation = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0 O7 - HKU\S-1-5-21-1993679506-2260695406-3402478088-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O7 - HKU\S-1-5-21-1993679506-2260695406-3402478088-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1 O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm () O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm () O8 - Extra context menu item: Download with Star Downloader - C:\Program Files\Star Downloader\sdie.htm () O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - File not found O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1993679506-2260695406-3402478088-1001\..Trusted Domains: mks.com.pl ([.www] https in Zaufane witryny) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.113.224.36 217.113.224.35 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop WallPaper: C:\Users\M. Szczepaniak\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\M. Szczepaniak\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{3502d94d-3c04-11de-9869-94806a393dd5}\Shell - "" = AutoRun O33 - MountPoints2\{3502d94d-3c04-11de-9869-94806a393dd5}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{420bc429-1db3-11de-a6c7-891282cc7380}\Shell - "" = AutoRun O33 - MountPoints2\{420bc429-1db3-11de-a6c7-891282cc7380}\Shell\AutoRun\command - "" = G:\autorun.exe O33 - MountPoints2\{9b40e1ad-155a-11df-bb09-b81fa0f06bcf}\Shell - "" = AutoRun O33 - MountPoints2\{9b40e1ad-155a-11df-bb09-b81fa0f06bcf}\Shell\AutoRun\command - "" = H:\autorun.exe O33 - MountPoints2\{fee7d226-e7f8-11de-898a-c868d3624985}\Shell - "" = AutoRun O33 - MountPoints2\{fee7d226-e7f8-11de-898a-c868d3624985}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\Program Files\Microsoft Office 2000\Office\OSA9.EXE - (Microsoft Corporation) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Privoxy.lnk - C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe - (The Privoxy team - www.privoxy.org) MsConfig - StartUpFolder: C:^Users^M. Szczepaniak^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Budzik.lnk - C:\Program Files\Budzik\budzik.exe - (BLITZ-ART) MsConfig - StartUpFolder: C:^Users^M. Szczepaniak^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DDT2000 Quick Menu.lnk - C:\Program Files\DDT2000\DDT2000_menu.exe - (RENAULT) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]AdobeCS4ServiceManager[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]AlcoholAutomount[/b] - hkey= - key= - C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe (Alcohol Soft Development Team) MsConfig - StartUpReg: [b]BroadWave[/b] - hkey= - key= - C:\Program Files\NCH Swift Sound\BroadWave\broadwave.exe (NCH Software) MsConfig - StartUpReg: [b]eMuleAutoStart[/b] - hkey= - key= - C:\Program Files\eMule\emule.exe (http://www.emule-project.net) MsConfig - StartUpReg: [b]FastFox[/b] - hkey= - key= - C:\Program Files\NCH Swift Sound\FastFox\fastfox.exe (NCH Software) MsConfig - StartUpReg: [b]FlashGet[/b] - hkey= - key= - C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe (FLASHGET) MsConfig - StartUpReg: [b]Fling[/b] - hkey= - key= - C:\Program Files\NCH Software\Fling\fling.exe (NCH Software) MsConfig - StartUpReg: [b]Gadu-Gadu[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]GoD[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]HEXelon MAX[/b] - hkey= - key= - C:\Program Files\HEXelon MAX 6\hexelon.exe (Jerzy Znamirowski) MsConfig - StartUpReg: [b]HomingBeacon Client[/b] - hkey= - key= - C:\Program Files\HomingBeacon.NET\hb3gui.exe (ChangeIP.com) MsConfig - StartUpReg: [b]iGoD[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]IPLA![/b] - hkey= - key= - C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) MsConfig - StartUpReg: [b]Komunikator[/b] - hkey= - key= - C:\Program Files\Tlen.pl\tlen.exe (o2.pl Sp. z o.o.) MsConfig - StartUpReg: [b]Konnekt[/b] - hkey= - key= - C:\Program Files\Konnekt\konnekt.exe (Stamina) MsConfig - StartUpReg: [b]Messenger (Yahoo!)[/b] - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) MsConfig - StartUpReg: [b]NBAgent[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]NokiaMServer[/b] - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) MsConfig - StartUpReg: [b]NokiaOviSuite2[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) MsConfig - StartUpReg: [b]Nowe Gadu-Gadu[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Prec[/b] - hkey= - key= - C:\Program Files\Prec\PrecStarter.exe () MsConfig - StartUpReg: [b]RayV[/b] - hkey= - key= - C:\Program Files\RayV\RayV\RayV.exe (RayV) MsConfig - StartUpReg: [b]Sidebar[/b] - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]Sony Ericsson PC Suite[/b] - hkey= - key= - C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe () MsConfig - StartUpReg: [b]Steam[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: [b]Surfbar[/b] - hkey= - key= - C:\Program Files\Surfbar\SurfBar.exe () MsConfig - StartUpReg: [b]TrojanScanner[/b] - hkey= - key= - C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software) MsConfig - StartUpReg: [b]WinampAgent[/b] - hkey= - key= - C:\Program Files\Winamp\winampa.exe () MsConfig - StartUpReg: [b]Wru[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]XoftSpySE[/b] - hkey= - key= - File not found MsConfig - State: "startup" - 2 SafeBootMin: aawservice - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft) SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: aawservice - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft) SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - File not found SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - File not found SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-05-07 03:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2011-05-06 23:50:43 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM [2011-05-02 15:30:22 | 000,032,377 | ---- | C] (B-phreaks) -- C:\Windows\System32\drivers\prodigy.sys [2011-05-02 15:30:22 | 000,000,000 | ---D | C] -- C:\Users\M. Szczepaniak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NSS [2011-05-02 15:30:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NSS [2011-05-02 15:29:29 | 000,000,000 | ---D | C] -- C:\Program Files\NSS [2011-05-01 21:06:03 | 000,000,000 | ---D | C] -- C:\Users\M. Szczepaniak\AppData\Roaming\Malwarebytes [2011-05-01 21:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011-05-01 21:04:42 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011-05-01 21:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011-05-01 21:04:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011-05-01 21:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011-05-01 19:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\Przyspiesz Komputer [2011-05-01 14:38:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011-04-30 20:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia [2011-04-30 20:43:42 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys [2011-04-30 20:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2011-04-30 20:12:57 | 000,000,000 | ---D | C] -- C:\Users\M. Szczepaniak\Documents\Ovi [2011-04-30 19:50:46 | 000,000,000 | ---D | C] -- C:\Users\M. Szczepaniak\AppData\Local\ChomikBox [2011-04-30 19:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl [2011-04-30 19:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\ChomikBox [2011-04-23 00:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia [2011-04-08 11:54:07 | 000,000,000 | ---D | C] -- C:\Users\M. Szczepaniak\AppData\Roaming\Lavasoft [2011-04-08 11:53:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft Ad-Aware SE Personal [2011-04-06 12:27:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diagnostic [2011-04-06 12:27:49 | 000,057,344 | ---- | C] (RENAULT) -- C:\Windows\System32\IOTBD32V3.dll [2011-04-06 12:27:01 | 000,000,000 | ---D | C] -- C:\DDT2000data [2011-04-06 12:27:01 | 000,000,000 | ---D | C] -- C:\Program Files\DDT2000 [2011-04-05 20:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Techland [2011-04-05 20:36:14 | 000,000,000 | ---D | C] -- C:\Program Files\Techland [2011-03-29 17:22:44 | 000,000,000 | ---D | C] -- C:\Users\M. Szczepaniak\AppData\Roaming\Nero [2011-03-29 16:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2011-03-29 16:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2011-03-25 22:50:03 | 000,000,000 | ---D | C] -- C:\ignition_cvr.pl [2011-03-17 12:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ajt Soft [2011-03-17 12:39:52 | 000,000,000 | ---D | C] -- C:\Ajt Soft [2011-03-15 23:43:03 | 000,000,000 | ---D | C] -- C:\Users\M. Szczepaniak\AppData\Local\DNA [2011-03-15 23:42:33 | 000,000,000 | ---D | C] -- C:\Users\M. Szczepaniak\AppData\Roaming\DNA [2011-01-27 16:48:33 | 000,311,296 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Users\M. Szczepaniak\AppData\Roaming\Readar_sl.exe [2008-06-03 08:41:51 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys [8 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-05-10 18:07:21 | 005,767,168 | ---- | M] () -- C:\Users\M. Szczepaniak\ntuser.dat [2011-05-10 17:58:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-05-10 17:09:06 | 000,004,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-05-10 17:09:06 | 000,004,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-05-10 14:21:10 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011-05-10 13:10:35 | 000,000,436 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics [2011-05-10 13:09:54 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2011-05-10 13:09:36 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-05-10 13:09:32 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2011-05-10 13:09:31 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2011-05-10 13:09:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-05-10 13:08:56 | 1878,155,264 | -HS- | M] () -- C:\hiberfil.sys [2011-05-10 11:16:16 | 000,003,204 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-05-10 11:16:00 | 000,524,288 | -HS- | M] () -- C:\Users\M. Szczepaniak\ntuser.dat{b6c08cb3-19ce-11e0-bb7f-ed8142367b8e}.TMContainer00000000000000000001.regtrans-ms [2011-05-10 11:16:00 | 000,065,536 | -HS- | M] () -- C:\Users\M. Szczepaniak\ntuser.dat{b6c08cb3-19ce-11e0-bb7f-ed8142367b8e}.TM.blf [2011-05-10 11:15:39 | 006,108,600 | -H-- | M] () -- C:\Users\M. Szczepaniak\AppData\Local\IconCache.db [2011-05-09 23:49:22 | 000,015,854 | ---- | M] () -- C:\Users\M. Szczepaniak\Documents\cc_20110509_234916.reg [2011-05-08 10:53:01 | 001,503,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2011-05-08 10:53:01 | 000,675,488 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-05-08 10:53:01 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-05-08 10:53:01 | 000,131,772 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-05-08 10:53:01 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-05-07 05:22:03 | 000,000,436 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job [2011-05-03 21:29:07 | 319,925,712 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011-05-02 15:49:27 | 000,000,000 | ---- | M] () -- C:\SI.db [2011-05-01 18:38:26 | 000,029,300 | ---- | M] () -- C:\Users\M. Szczepaniak\Documents\cc_20110501_183819.reg [2011-04-30 23:17:58 | 000,008,547 | ---- | M] () -- C:\Users\M. Szczepaniak\.recently-used.xbel [2011-04-30 20:10:52 | 000,400,318 | ---- | M] () -- C:\Windows\unins000.dat [2011-04-30 20:08:50 | 000,725,005 | ---- | M] () -- C:\Windows\unins000.exe [2011-04-22 09:01:01 | 000,006,836 | ---- | M] () -- C:\Users\M. Szczepaniak\AppData\Local\d3d9caps.dat [2011-04-17 04:04:43 | 001,731,968 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-04-09 18:55:28 | 000,179,261 | ---- | M] () -- C:\Windows\System32\xlive.dll.cat [2011-04-05 21:04:50 | 000,104,784 | ---- | M] () -- C:\Users\M. Szczepaniak\AppData\Local\GDIPFONTCACHEV1.DAT [2011-04-04 11:03:56 | 000,011,870 | ---- | M] () -- C:\Users\M. Szczepaniak\Documents\cc_20110404_110351.reg [2011-03-30 21:13:51 | 000,218,585 | ---- | M] () -- C:\Users\M. Szczepaniak\AppData\Local\census.cache [2011-03-30 21:13:38 | 000,000,000 | ---- | M] () -- C:\Users\M. Szczepaniak\AppData\Local\ars.cache [2011-03-30 09:57:26 | 000,000,036 | ---- | M] () -- C:\Users\M. Szczepaniak\AppData\Local\housecall.guid.cache [2011-03-19 00:46:09 | 000,094,720 | ---- | M] () -- C:\Users\M. Szczepaniak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-03-15 23:15:41 | 000,020,510 | ---- | M] () -- C:\Users\M. Szczepaniak\Documents\cc_20110315_221531.reg [8 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-05-09 23:49:20 | 000,015,854 | ---- | C] () -- C:\Users\M. Szczepaniak\Documents\cc_20110509_234916.reg [2011-05-08 13:58:54 | 000,679,936 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-05-03 21:29:07 | 319,925,712 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011-05-02 15:49:27 | 000,000,000 | ---- | C] () -- C:\SI.db [2011-05-01 18:38:22 | 000,029,300 | ---- | C] () -- C:\Users\M. Szczepaniak\Documents\cc_20110501_183819.reg [2011-04-30 23:17:58 | 000,008,547 | ---- | C] () -- C:\Users\M. Szczepaniak\.recently-used.xbel [2011-04-30 19:58:52 | 000,725,005 | ---- | C] () -- C:\Windows\unins000.exe [2011-04-30 19:58:51 | 000,400,318 | ---- | C] () -- C:\Windows\unins000.dat [2011-04-28 07:53:45 | 000,001,036 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-04-28 07:53:38 | 000,001,032 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011-04-04 11:03:55 | 000,011,870 | ---- | C] () -- C:\Users\M. Szczepaniak\Documents\cc_20110404_110351.reg [2011-03-30 21:13:51 | 000,218,585 | ---- | C] () -- C:\Users\M. Szczepaniak\AppData\Local\census.cache [2011-03-30 21:13:38 | 000,000,000 | ---- | C] () -- C:\Users\M. Szczepaniak\AppData\Local\ars.cache [2011-03-30 09:57:26 | 000,000,036 | ---- | C] () -- C:\Users\M. Szczepaniak\AppData\Local\housecall.guid.cache [2011-03-16 23:23:15 | 000,000,972 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job [2011-03-15 23:15:35 | 000,020,510 | ---- | C] () -- C:\Users\M. Szczepaniak\Documents\cc_20110315_221531.reg [2011-01-27 16:48:32 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe [2010-10-15 20:28:01 | 000,002,432 | ---- | C] () -- C:\Users\M. Szczepaniak\AppData\Local\TempXx4060.html [2010-10-15 20:24:35 | 000,002,432 | ---- | C] () -- C:\Users\M. Szczepaniak\AppData\Local\TempvP4040.html [2010-10-04 14:29:10 | 000,000,604 | ---- | C] () -- C:\Windows\Thps3.INI [2010-07-13 19:06:41 | 000,000,451 | ---- | C] () -- C:\Windows\mgreg.ini [2010-07-13 19:03:04 | 000,000,030 | ---- | C] () -- C:\Windows\mgwin.ini [2010-06-15 10:35:52 | 000,006,836 | ---- | C] () -- C:\Users\M. Szczepaniak\AppData\Local\d3d9caps.dat [2010-04-25 15:36:34 | 000,000,159 | ---- | C] () -- C:\Windows\civ.ini [2010-02-18 20:14:13 | 000,042,584 | ---- | C] () -- C:\Windows\SETUPQSB.EXE [2009-11-01 11:47:03 | 000,000,044 | ---- | C] () -- C:\Windows\Crypkey.ini [2009-11-01 11:46:55 | 000,027,648 | R--- | C] () -- C:\Windows\Setup_ck.exe [2009-11-01 11:46:55 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll [2009-11-01 11:46:55 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe [2009-10-24 02:44:40 | 000,002,384 | ---- | C] () -- C:\Windows\wininit.ini [2009-09-29 09:01:55 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll [2009-09-29 09:01:55 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll [2009-09-29 09:01:55 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll [2009-09-29 09:01:54 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll [2009-08-18 22:45:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009-08-18 22:45:38 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009-08-18 22:45:11 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll [2009-08-15 14:46:27 | 000,778,752 | ---- | C] () -- C:\Windows\System32\rgss103j.dll [2009-08-15 14:46:26 | 000,778,752 | ---- | C] () -- C:\Windows\System32\rgss102e.dll [2009-05-27 20:18:17 | 000,000,081 | ---- | C] () -- C:\Windows\TOONWORX.INI [2009-03-30 18:40:25 | 000,008,984 | ---- | C] () -- C:\Windows\hpdj3600.ini [2009-03-30 16:36:44 | 000,000,552 | ---- | C] () -- C:\Windows\ODBC.INI [2009-03-30 16:36:15 | 000,000,061 | ---- | C] () -- C:\Windows\vbaddin.ini [2009-01-18 18:24:00 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009-01-18 17:37:15 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2009-01-18 17:15:15 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009-01-12 19:53:09 | 000,000,948 | ---- | C] () -- C:\Windows\ARPR.INI [2009-01-03 22:37:41 | 006,108,600 | -H-- | C] () -- C:\Users\M. Szczepaniak\AppData\Local\IconCache.db [2009-01-03 22:35:22 | 000,104,784 | ---- | C] () -- C:\Users\M. Szczepaniak\AppData\Local\GDIPFONTCACHEV1.DAT [2008-12-28 20:14:21 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008-12-28 20:14:20 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2008-12-28 20:14:15 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008-11-03 20:06:59 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2008-11-03 20:06:59 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll [2008-11-03 20:06:59 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll [2008-11-03 20:06:59 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll [2008-11-03 20:06:59 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll [2008-10-21 23:03:52 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2008-10-19 13:30:33 | 000,000,241 | ---- | C] () -- C:\Windows\RomeTW.ini [2008-10-16 15:10:38 | 000,962,560 | ---- | C] () -- C:\Windows\System32\RPGVXJPN.dll [2008-10-16 15:02:16 | 000,059,392 | R--- | C] () -- C:\Windows\System32\streamhlp.dll [2008-10-08 13:58:56 | 000,001,890 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2008-10-08 13:58:56 | 000,000,088 | RHS- | C] () -- C:\ProgramData\3EE9D4178F.sys [2008-10-06 03:08:24 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008-10-02 19:49:20 | 000,000,100 | ---- | C] () -- C:\Windows\Kit.ini [2008-09-25 18:21:20 | 000,000,046 | ---- | C] () -- C:\Windows\adiras.ini [2008-09-25 17:46:55 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2008-09-25 17:31:48 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe [2008-08-03 08:18:00 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog.exe [2008-08-03 07:42:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2008-08-03 06:49:53 | 000,003,204 | ---- | C] () -- C:\Windows\bthservsdp.dat [2008-06-04 05:21:07 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008-06-04 04:49:59 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2008-05-16 11:58:04 | 000,012,632 | ---- | C] () -- C:\Windows\System32\lsdelete.exe [2008-04-28 23:09:07 | 000,172,033 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2008-04-18 02:01:53 | 000,675,488 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2008-04-18 02:01:53 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2008-04-18 02:01:53 | 000,131,772 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2008-04-18 02:01:53 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2008-04-18 01:45:31 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini [2008-04-07 08:00:45 | 000,005,120 | ---- | C] () -- C:\Windows\System32\CRFILTER.dll [2008-03-06 02:38:43 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2008-01-21 04:24:38 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini [2007-10-01 08:59:45 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2007-05-09 09:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2007-04-16 12:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin [2006-11-02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006-11-02 14:47:37 | 001,731,968 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 12:33:01 | 001,503,948 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [2006-11-02 12:33:01 | 000,598,900 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006-11-02 12:33:01 | 000,104,914 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006-11-02 12:24:31 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2006-11-02 12:23:31 | 000,000,656 | ---- | C] () -- C:\Windows\win.ini [2006-11-02 12:23:31 | 000,000,394 | ---- | C] () -- C:\Windows\system.ini [2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006-11-02 09:10:37 | 000,053,536 | ---- | C] () -- C:\Windows\System32\dosx.exe [2006-11-02 09:10:02 | 000,000,718 | ---- | C] () -- C:\Windows\System32\mscdexnt.exe [2006-11-02 09:10:00 | 000,002,842 | ---- | C] () -- C:\Windows\System32\redir.exe [2006-11-02 09:09:59 | 000,069,886 | ---- | C] () -- C:\Windows\System32\edit.com [2006-11-02 09:09:59 | 000,019,694 | ---- | C] () -- C:\Windows\System32\GRAPHICS.COM [2006-11-02 09:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\share.exe [2006-11-02 09:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\fastopen.exe [2006-11-02 09:09:57 | 000,014,710 | ---- | C] () -- C:\Windows\System32\KB16.COM [2006-11-02 09:09:56 | 000,007,052 | ---- | C] () -- C:\Windows\System32\nlsfunc.exe [2006-11-02 09:09:55 | 000,039,274 | ---- | C] () -- C:\Windows\System32\mem.exe [2006-11-02 09:09:55 | 000,001,131 | ---- | C] () -- C:\Windows\System32\LOADFIX.COM [2006-11-02 09:09:53 | 000,011,753 | ---- | C] () -- C:\Windows\System32\setver.exe [2006-11-02 09:09:52 | 000,020,634 | ---- | C] () -- C:\Windows\System32\debug.exe [2006-11-02 09:09:51 | 000,008,424 | ---- | C] () -- C:\Windows\System32\exe2bin.exe [2006-11-02 09:09:50 | 000,012,642 | ---- | C] () -- C:\Windows\System32\edlin.exe [2006-11-02 09:09:49 | 000,050,648 | ---- | C] () -- C:\Windows\System32\COMMAND.COM [2006-11-02 09:09:49 | 000,012,498 | ---- | C] () -- C:\Windows\System32\append.exe [2006-11-02 09:09:45 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys [2006-11-02 09:09:44 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS [2006-11-02 09:09:44 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS [2006-11-02 09:09:42 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS [2006-11-02 09:09:41 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS [2006-11-02 09:09:40 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS [2006-11-02 09:09:38 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS [2006-11-02 09:09:35 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS [2006-11-02 09:09:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS [2006-11-02 09:09:29 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS [2006-11-02 09:09:26 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS [2006-11-02 09:09:24 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS [2006-11-02 09:09:23 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS [2006-11-02 09:09:22 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS [2006-11-02 09:09:20 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS [2006-11-02 08:25:08 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll [2006-08-23 11:33:46 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2006-03-09 00:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2006-02-25 13:12:34 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2004-06-25 00:00:00 | 000,771,584 | ---- | C] () -- C:\Windows\System32\RGSS100J.dll [2003-01-30 06:46:44 | 000,028,672 | ---- | C] () -- C:\Windows\System32\adinst32.dll [2002-11-18 18:02:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\MMAVILNG.exe [2002-11-15 15:11:28 | 000,077,824 | ---- | C] () -- C:\Windows\System32\MMSwitch.dll [2002-10-06 21:42:58 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll [2002-10-05 02:04:26 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll [2002-10-05 02:04:26 | 000,188,416 | ---- | C] () -- C:\Windows\System32\VORBIS.DLL [2002-10-05 02:04:18 | 000,045,056 | ---- | C] () -- C:\Windows\System32\OGG.DLL [2001-11-14 22:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [2001-01-24 17:44:38 | 000,094,720 | ---- | C] () -- C:\Users\M. Szczepaniak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [1999-01-22 18:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL [1998-03-26 00:12:00 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll [1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2011-05-01 13:56:12 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\PC Suite [2011-05-01 13:58:42 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\PCToolsFirewallPlus [2009-06-16 11:37:14 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Ashampoo [2009-03-24 21:33:14 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Audacity [2009-11-12 16:11:56 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Autodesk [2011-02-08 14:53:46 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\BITS [2011-02-14 16:19:13 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\BitTorrent [2010-02-15 00:30:26 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Cool Record Edit Pro [2010-05-13 03:04:26 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\DAEMON Tools [2009-01-31 21:49:53 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Deckadance [2009-11-02 21:52:33 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Dev-Cpp [2011-03-15 23:42:58 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\DNA [2011-03-05 15:29:45 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\EurekaLog [2009-02-02 12:01:54 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\FileZilla [2009-05-17 22:26:07 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\fltk.org [2011-05-10 17:05:55 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\foobar2000 [2009-03-24 21:39:32 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Free Sound Recorder [2009-01-18 17:22:05 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Gadu-Gadu [2009-11-25 23:15:44 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Gadu-Gadu 10 [2009-02-02 11:32:57 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\GHISLER [2011-04-30 23:15:44 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\gtk-2.0 [2009-11-18 23:47:05 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\HEXelon [2009-05-08 15:33:26 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Hide IP NG [2011-05-10 16:28:48 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\ipla [2010-06-26 19:17:19 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\IrfanView [2009-03-08 22:26:21 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Miranda [2009-02-02 11:40:54 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\NCH Swift Sound [2010-09-06 20:42:32 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Nokia [2009-07-04 22:55:04 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Nowe Gadu-Gadu [2009-09-13 18:22:07 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\OpenFM [2009-03-05 22:49:42 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Opera [2010-09-06 20:50:56 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\PC Suite [2009-01-03 22:35:41 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\PCToolsFirewallPlus [2010-03-20 19:35:01 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\RayV [2011-05-06 23:49:03 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\RDRM [2011-02-14 17:41:02 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\RigNRoll_pol [2011-04-30 17:03:25 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\SendSpace Wizard [2009-09-29 09:01:52 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Simply Super Software [2009-11-01 12:09:06 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\SWiSH Max3 [2009-08-22 15:14:03 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Teleca [2010-01-24 17:21:05 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Thinstall [2009-04-27 21:12:41 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\Tlen.pl [2009-03-28 12:31:55 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\TrojanHunter [2009-03-23 16:24:15 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\TuneUp Software [2009-02-06 12:35:10 | 000,000,000 | ---D | M] -- C:\Users\M. Szczepaniak\AppData\Roaming\WinPatrol [2011-03-27 22:21:51 | 000,000,000 | ---D | M] -- C:\Users\Marcel\AppData\Roaming\IrfanView [2011-05-07 05:22:03 | 000,000,436 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job [2011-05-10 11:16:14 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-04-11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008-04-18 02:02:24 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-12-30 01:22:40 | 000,000,007 | ---- | M] () -- C:\CF21.txt [2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2008-08-03 08:25:20 | 000,020,327 | ---- | M] () -- C:\devlist.txt [2008-09-23 16:35:08 | 001,048,576 | RH-- | M] () -- C:\F5Z.BIN [2008-07-01 14:14:12 | 000,000,013 | ---- | M] () -- C:\F5Z_VISTA.10 [2008-08-03 08:25:18 | 000,000,009 | ---- | M] () -- C:\Finish.log [2011-05-10 13:08:56 | 1878,155,264 | -HS- | M] () -- C:\hiberfil.sys [2008-12-25 21:06:22 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011-03-19 10:43:50 | 000,037,958 | ---- | M] () -- C:\mksbasel.cpp.log [2008-12-25 21:06:22 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-22 11:40:32 | 000,000,031 | ---- | M] () -- C:\NERO.LOG [2008-02-01 21:29:55 | 000,000,013 | ---- | M] () -- C:\NIS2008.TXT [2007-03-16 01:18:45 | 000,000,025 | ---- | M] () -- C:\OFFICE2007_F.TXT [2011-05-10 13:08:54 | 2191,937,536 | -HS- | M] () -- C:\pagefile.sys [2008-08-02 19:13:55 | 000,000,105 | ---- | M] () -- C:\Pass.txt [2008-05-23 11:55:52 | 000,002,035 | ---- | M] () -- C:\Patch.LOG [2008-04-29 16:30:15 | 000,000,020 | ---- | M] () -- C:\READER_F.TXT [2008-07-01 14:14:12 | 000,000,005 | ---- | M] () -- C:\RECOVERY.DAT [2008-08-03 07:46:23 | 000,000,400 | ---- | M] () -- C:\RHDSetup.log [2008-10-02 18:45:08 | 000,000,184 | ---- | M] () -- C:\setup.log [2011-05-02 15:49:27 | 000,000,000 | ---- | M] () -- C:\SI.db [2010-10-24 12:50:27 | 003,932,184 | ---- | M] () -- C:\snp2uvc-001.raw [2006-05-16 02:22:24 | 000,000,005 | ---- | M] () -- C:\store.log [2008-08-03 07:25:04 | 000,000,166 | ---- | M] () -- C:\SumHidd.txt [2008-08-03 07:24:24 | 000,000,098 | ---- | M] () -- C:\SumOS.txt [2008-04-17 02:32:52 | 000,000,024 | ---- | M] () -- C:\V541.TXT [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-03-12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys [2008-03-12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys [2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008-03-12 08:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008-01-21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [2008-02-08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys [2008-02-08 06:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008-01-21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 64 bytes -> C:\Users\M. Szczepaniak\Documents\Film0010.mp4:TOC.WMV @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C31F31E6 @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report >