wklejto.pl

Dodane przez: ~Anonim (2010-04-26 19:56) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
554.
555.
556.
557.
558.
559.
560.
561.
562.
563.
564.
565.
566.
567.
568.
569.
570.
571.
572.
573.
574.
575.
576.
577.
578.
579.
580.
581.
582.
583.
584.
585.
586.
587.
588.
589.
590.
591.
592.
593.
594.
595.
596.
597.
598.
599.
600.
601.
602.
603.
604.
605.
606.
607.
608.
609.
610.
611.
612.
613.
614.
615.
616.
617.
618.
619.
620.
621.
622.
623.
624.
625.
626.
627.
628.
629.
630.
631.
632.
633.
634.
635.
636.
637.
638.
639.
640.
641.
642.
643.
644.
645.
646.
647.
648.
649.
650.
651.
652.
653.
654.
655.
656.
657.
658.
659.
660.
661.
662.
663.
664.
665.
666.
667.
668.
669.
670.
671.
672.
673.
674.
675.
676.
677.
678.
679.
680.
681.
682.
683.
684.
685.
OTL logfile created on: 2010-04-26 19:44:59 - Run 1
OTL by OldTimer - Version 3.2.3.0     Folder = C:\\Users\\Dawid\\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)
Drive C: | 50,10 Gb Total Space | 25,92 Gb Free Space | 51,74% Space Free | Partition Type: NTFS
Drive D: | 200,00 Gb Total Space | 144,66 Gb Free Space | 72,33% Space Free | Partition Type: NTFS
Drive E: | 200,00 Gb Total Space | 100,38 Gb Free Space | 50,19% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: INSIGNIA
Current User Name: Dawid
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010-04-26 19:36:55 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\\Users\\Dawid\\Desktop\\OTL.exe
PRC - [2010-02-24 19:47:33 | 000,066,872 | ---- | M] () -- C:\\Windows\\SysWOW64\\PnkBstrA.exe
PRC - [2009-10-20 20:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\avp.exe
PRC - [2007-09-02 14:58:52 | 000,495,616 | ---- | M] () -- D:\\Program Files\\RocketDock\\RocketDock\\RocketDock.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010-04-26 19:36:55 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\\Users\\Dawid\\Desktop\\OTL.exe
MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\SysWOW64\\comdlg32.dll
MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\winsxs\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2010-03-17 16:40:35 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\\Program Files\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:[b]64bit:[/b] - [2010-03-03 06:12:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\\Windows\\SysNative\\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-09-26 05:28:30 | 004,924,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Program Files\\Common Files\\Microsoft Shared\\OfficeSoftwareProtectionPlatform\\OSPPSVC.EXE -- (osppsvc)
SRV:[b]64bit:[/b] - [2009-09-26 04:36:06 | 000,174,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Program Files\\Common Files\\Microsoft Shared\\Source Engine\\OSE.EXE -- (ose64)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\wwansvc.dll -- (WwanSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\wbiosrvc.dll -- (WbioSrvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\umrdp.dll -- (UmRdpService)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Windows\\SysNative\\umpo.dll -- (Power)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Windows\\SysNative\\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\sppuinotify.dll -- (sppuinotify)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\sensrsvc.dll -- (SensrSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\StorSvc.dll -- (StorSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\PeerDistSvc.dll -- (PeerDistSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\\Windows\\SysNative\\pnrpsvc.dll -- (PNRPsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\\Windows\\SysNative\\pnrpsvc.dll -- (p2pimsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\\Windows\\SysNative\\provsvc.dll -- (HomeGroupProvider)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\\Windows\\SysNative\\RpcEpMap.dll -- (RpcEptMapper)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\pnrpauto.dll -- (PNRPAutoReg)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\\Windows\\SysNative\\ListSvc.dll -- (HomeGroupListener)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\FntCache.dll -- (FontCache)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Windows\\SysNative\\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\defragsvc.dll -- (defragsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Windows\\SysNative\\cscsvc.dll -- (CscService)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\bthserv.dll -- (bthserv)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\\Windows\\SysNative\\bdesvc.dll -- (BDESVC)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\AxInstSv.dll -- (AxInstSV)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\appidsvc.dll -- (AppIDSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\wbengine.exe -- (wbengine)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\SysNative\\sppsvc.exe -- (sppsvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\FXSSVC.exe -- (Fax)
SRV - [2010-03-17 16:40:21 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-02-24 19:47:33 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\\Windows\\SysWOW64\\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009-10-29 11:33:00 | 050,612,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009-10-27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\\Program Files (x86)\\PC Connectivity Solution\\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009-10-20 20:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\avp.exe -- (AVP)
SRV - [2009-08-24 23:50:54 | 000,093,336 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- D:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2010\\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009-07-14 05:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\\Windows\\Vss -- (VSS)
SRV - [2009-07-14 05:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\\Windows\\SysWOW64\\Msdtc -- (MSDTC)
SRV - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\\Windows\\SysWOW64\\provsvc.dll -- (HomeGroupProvider)
SRV - [2009-07-14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Windows\\SysWOW64\\dhcpcore.dll -- (Dhcp)
SRV - [2009-07-13 22:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\wbem\\vds.mof -- (vds)
SRV - [2009-06-10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework64\\v2.0.50727\\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2010-04-19 23:54:42 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2010-03-18 14:08:28 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2010-03-18 14:08:27 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2010-03-03 06:23:10 | 006,402,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2010-03-03 06:23:10 | 006,402,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\atipmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010-03-03 05:07:32 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2010-02-15 19:12:45 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\\Windows\\SysNative\\drivers\\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2010-01-28 16:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\AtiHdmi.sys -- (AtiHdmiService)
DRV:[b]64bit:[/b] - [2009-10-14 21:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\klbg.sys -- (KLBG)
DRV:[b]64bit:[/b] - [2009-10-06 12:54:18 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:[b]64bit:[/b] - [2009-10-06 12:53:56 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ccdcmbox64.sys -- (nmwcdcx64)
DRV:[b]64bit:[/b] - [2009-10-06 12:53:56 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\usbser_lowerfltx64.sys -- (upperdev)
DRV:[b]64bit:[/b] - [2009-10-06 12:53:54 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ccdcmbx64.sys -- (nmwcdx64)
DRV:[b]64bit:[/b] - [2009-10-02 19:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2009-09-14 14:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2009-09-01 15:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\kl1.sys -- (kl1)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,153,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\ksecpkg.sys -- (KSecPkg)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\hwpolicy.sys -- (hwpolicy)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\fsdepends.sys -- (FsDepends)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\wimmount.sys -- (WIMMount)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\vhdmp.sys -- (vhdmp)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\vmbus.sys -- (vmbus)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\vmstorfl.sys -- (storflt)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\vdrvroot.sys -- (vdrvroot)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\storvsc.sys -- (storvsc)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\rdyboost.sys -- (rdyboost)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\pcw.sys -- (pcw)
DRV:[b]64bit:[/b] - [2009-07-14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\cng.sys -- (CNG)
DRV:[b]64bit:[/b] - [2009-07-14 03:43:13 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\fvevol.sys -- (fvevol)
DRV:[b]64bit:[/b] - [2009-07-14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\rdpbus.sys -- (rdpbus)
DRV:[b]64bit:[/b] - [2009-07-14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\RDPREFMP.sys -- (RDPREFMP)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\wfplwf.sys -- (WfpLwf)
DRV:[b]64bit:[/b] - [2009-07-14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ndiscap.sys -- (NdisCap)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\vwifibus.sys -- (vwifibus)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\1394ohci.sys -- (1394ohci)
DRV:[b]64bit:[/b] - [2009-07-14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\HdAudio.sys -- (HdAudAddService)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\umpass.sys -- (UmPass)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:28 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\winusb.sys -- (WinUsb)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\mshidkmdf.sys -- (mshidkmdf)
DRV:[b]64bit:[/b] - [2009-07-14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\WUDFPf.sys -- (WudfPf)
DRV:[b]64bit:[/b] - [2009-07-14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\MTConfig.sys -- (MTConfig)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\beep.sys -- (Beep)
DRV:[b]64bit:[/b] - [2009-07-14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\appid.sys -- (AppID)
DRV:[b]64bit:[/b] - [2009-07-14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\\Windows\\SysNative\\drivers\\scfilter.sys -- (scfilter)
DRV:[b]64bit:[/b] - [2009-07-14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\vms3cap.sys -- (s3cap)
DRV:[b]64bit:[/b] - [2009-07-14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\VMBusHID.sys -- (VMBusHID)
DRV:[b]64bit:[/b] - [2009-07-14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\discache.sys -- (discache)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\hidbatt.sys -- (HidBatt)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\CmBatt.sys -- (CmBatt)
DRV:[b]64bit:[/b] - [2009-07-14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\acpipmi.sys -- (AcpiPmi)
DRV:[b]64bit:[/b] - [2009-07-14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\csc.sys -- (CSC)
DRV:[b]64bit:[/b] - [2009-07-14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdppm.sys -- (AmdPPM)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-03-02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\pccsmcfdx64.sys -- (pccsmcfd)
DRV:[b]64bit:[/b] - [2008-06-27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\adfs.sys -- (adfs)
DRV - [2009-12-03 23:45:10 | 000,222,160 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\\Windows\\SysWOW64\\drivers\\truecrypt.sys -- (truecrypt)
DRV - [2009-11-25 19:06:48 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\\Windows\\gdrv.sys -- (gdrv)
DRV - [2009-11-25 18:02:15 | 000,000,000 | ---D | M] [Kernel | System | Running] -- C:\\Windows\\CSC -- (CSC)
DRV - [2009-08-08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- D:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2010\\WNt500x64\\sandra.sys -- (SANDRA)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\drivers\\wimmount.sys -- (WIMMount)
DRV - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\winusb.dll -- (WinUsb)
DRV - [2009-07-14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\\Windows\\SysWOW64\\netbios.dll -- (NetBIOS)
DRV - [2009-06-10 23:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\\Windows\\SysWOW64\\wbem\\mpsdrv.mof -- (mpsdrv)
DRV - [2009-06-10 23:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\\Windows\\SysWOW64\\wbem\\tcpip.mof -- (Tcpip)
DRV - [2008-08-14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysWOW64\\drivers\\adfs.sys -- (adfs)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm
 
IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.onet.pl/
IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
 
FF - HKLM\\software\\mozilla\\Firefox\\Extensions\\\\bkmrksync@nokia.com: D:\\Program Files\\Nokia\\Nokia PC Suite 7\\bkmrksync\\ [2009-12-24 14:16:48 | 000,000,000 | ---D | M]
FF - HKLM\\software\\mozilla\\Firefox\\Extensions\\\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\\Program Files (x86)\\Nokia\\Nokia Ovi Suite\\Connectors\\Bookmarks Connector\\FirefoxExtension\\ [2009-12-24 15:08:03 | 000,000,000 | ---D | M]
FF - HKLM\\software\\mozilla\\Mozilla Firefox 3.6\\extensions\\\\Components: D:\\Program Files\\Mozilla Firefox\\components [2010-04-25 13:46:55 | 000,000,000 | ---D | M]
FF - HKLM\\software\\mozilla\\Mozilla Firefox 3.6\\extensions\\\\Plugins: D:\\Program Files\\Mozilla Firefox\\plugins [2010-04-25 13:46:55 | 000,000,000 | ---D | M]
FF - HKLM\\software\\mozilla\\Thunderbird\\Extensions\\\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\THBExt [2010-02-15 19:07:57 | 000,000,000 | ---D | M]
 
[2009-11-25 18:17:12 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Extensions
[2010-04-26 17:58:38 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions
[2009-11-25 19:56:03 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2010-04-11 22:01:12 | 000,000,000 | ---D | M] (FlashGot) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009-12-03 13:46:47 | 000,000,000 | ---D | M] (Stop Autoplay) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\{2e61e246-e640-4c56-b1ed-f146dbed48cd}
[2010-04-15 00:03:55 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009-11-25 19:56:03 | 000,000,000 | ---D | M] (PDF Download) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009-11-25 19:56:03 | 000,000,000 | ---D | M] (oldbar) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\{46868735-c3fa-47ce-8ce7-cce51a66aceb}
[2010-04-21 17:11:32 | 000,000,000 | ---D | M] (NoScript) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010-01-11 20:16:05 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-04-12 20:40:02 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010-03-28 19:00:37 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010-04-21 17:11:31 | 000,000,000 | ---D | M] (Torbutton) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2009-11-25 20:15:56 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\coc@ble.pl
[2009-11-25 19:56:03 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\fastdial@telega.phpnet.us
[2009-11-25 19:56:03 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\tineye@ideeinc.com
[2010-01-22 12:37:02 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\5v0v8yze.Dawid\\extensions\\ubiquity@labs.mozilla.com
[2009-11-30 17:53:36 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\756r2cbv.Iza\\extensions
[2009-11-25 19:29:53 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\n4p2urli.Zbyszek\\extensions
[2009-11-25 19:29:52 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\n4p2urli.Zbyszek\\extensions\\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2009-11-25 19:29:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\n4p2urli.Zbyszek\\extensions\\{20a82645-c095-46ed-80e3-08825760534b}
[2009-11-25 19:29:52 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\n4p2urli.Zbyszek\\extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009-11-25 19:29:52 | 000,000,000 | ---D | M] (PDF Download) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\n4p2urli.Zbyszek\\extensions\\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009-11-25 19:29:52 | 000,000,000 | ---D | M] (Speed Dial) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\n4p2urli.Zbyszek\\extensions\\{64161300-e22b-11db-8314-0800200c9a66}
[2009-11-25 19:29:53 | 000,000,000 | ---D | M] (NoScript) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\n4p2urli.Zbyszek\\extensions\\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009-11-25 19:29:53 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\n4p2urli.Zbyszek\\extensions\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-11-25 19:29:53 | 000,000,000 | ---D | M] (Torbutton) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\n4p2urli.Zbyszek\\extensions\\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2009-11-25 19:29:51 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\n4p2urli.Zbyszek\\extensions\\pl@dictionaries.addons.mozilla.org
[2009-11-25 19:29:52 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\n4p2urli.Zbyszek\\extensions\\ubiquity@labs.mozilla.com
[2009-11-25 19:29:54 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\ng9edb8l.Iza\\extensions
[2009-11-25 19:29:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\ng9edb8l.Iza\\extensions\\{20a82645-c095-46ed-80e3-08825760534b}
[2009-11-25 19:29:54 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\ng9edb8l.Iza\\extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009-11-25 19:29:54 | 000,000,000 | ---D | M] (NoScript) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\ng9edb8l.Iza\\extensions\\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009-11-25 19:29:54 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\ng9edb8l.Iza\\extensions\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-11-25 19:29:54 | 000,000,000 | ---D | M] (Torbutton) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\ng9edb8l.Iza\\extensions\\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2009-11-25 19:29:54 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\ng9edb8l.Iza\\extensions\\pl@dictionaries.addons.mozilla.org
[2009-11-25 19:47:57 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\quts6k4w.Zbyszek\\extensions
[2009-11-25 19:29:59 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions
[2009-11-25 19:29:58 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2009-11-25 19:29:58 | 000,000,000 | ---D | M] (FlashGot) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009-11-25 19:29:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\{20a82645-c095-46ed-80e3-08825760534b}
[2009-11-25 19:29:58 | 000,000,000 | ---D | M] (Stop Autoplay) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\{2e61e246-e640-4c56-b1ed-f146dbed48cd}
[2009-11-25 19:29:58 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009-11-25 19:29:58 | 000,000,000 | ---D | M] (PDF Download) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009-11-25 19:29:58 | 000,000,000 | ---D | M] (oldbar) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\{46868735-c3fa-47ce-8ce7-cce51a66aceb}
[2009-11-25 19:29:58 | 000,000,000 | ---D | M] (NoScript) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009-11-25 19:29:58 | 000,000,000 | ---D | M] (NoScript) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)
[2009-11-25 19:29:58 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-11-25 19:29:58 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009-11-25 19:29:59 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009-11-25 19:30:00 | 000,000,000 | ---D | M] (Torbutton) -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2009-11-25 19:29:56 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\coc@ble.pl
[2009-11-25 19:29:56 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\fastdial@telega.phpnet.us
[2009-11-25 19:29:56 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\pl@dictionaries.addons.mozilla.org
[2009-11-25 19:29:56 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\tineye@ideeinc.com
[2009-11-25 19:29:58 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\zb52zixt.Dawid\\extensions\\ubiquity@labs.mozilla.com
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\\Windows\\SysNative\\drivers\\etc\\hosts
O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\x64\\ievkbd.dll (Kaspersky Lab)
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\\Program Files\\Microsoft Office\\Office14\\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\\Program Files\\Microsoft Office\\Office14\\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\x64\\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\\PROGRA~2\\MICROS~1\\Office14\\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Pomocnik rejestracji usługi Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\\PROGRA~2\\MICROS~1\\Office14\\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\klwtbbho.dll (Kaspersky Lab)
O4 - HKLM..\\Run: [AdobeCS4ServiceManager] C:\\Program Files (x86)\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\\Run: [AVP] C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\avp.exe (Kaspersky Lab)
O4 - HKLM..\\Run: [StartCCC] C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\\Run: []  File not found
O4 - HKCU..\\Run: [AQQ] D:\\Program Files\\Wapster AQQ\\AQQ.exe (Creative Team S.A.)
O4 - HKCU..\\Run: [RocketDock] D:\\Program Files\\RocketDock\\RocketDock\\RocketDock.exe ()
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktop = 1
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: Dodaj do blokowanych banerów - C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\ie_banner_deny.htm ()
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - D:\\Program Files\\Microsoft Office\\Office14\\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - D:\\Program Files\\Microsoft Office\\Office14\\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\ie_banner_deny.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\\Program Files\\Microsoft Office\\Office14\\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - D:\\Program Files\\Microsoft Office\\Office14\\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\\Program Files\\Microsoft Office\\Office14\\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra \'Tools\' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\\Program Files\\Microsoft Office\\Office14\\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\x64\\klwtbbho.dll (Kaspersky Lab)
O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\\Program Files\\Microsoft Office\\Office14\\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra \'Tools\' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\\Program Files\\Microsoft Office\\Office14\\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\x64\\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra \'Tools\' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra \'Tools\' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2010\\klwtbbho.dll (Kaspersky Lab)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.1.100
O18:[b]64bit:[/b] - Protocol\\Handler\\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll (Microsoft Corporation)
O18 - Protocol\\Handler\\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\\Filter\\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\\Program Files\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\\Filter\\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\\PROGRA~2\\KASPER~1\\KASPER~1\\x64\\sbhook64.dll) - C:\\PROGRA~2\\KASPER~1\\KASPER~1\\x64\\sbhook64.dll (Kaspersky Lab)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\\PROGRA~2\\KASPER~1\\KASPER~1\\x64\\kloehk.dll) - C:\\PROGRA~2\\KASPER~1\\KASPER~1\\x64\\kloehk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\\PROGRA~2\\KASPER~1\\KASPER~1\\mzvkbd3.dll) - C:\\PROGRA~2\\KASPER~1\\KASPER~1\\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\\PROGRA~2\\KASPER~1\\KASPER~1\\sbhook.dll) - C:\\PROGRA~2\\KASPER~1\\KASPER~1\\sbhook.dll (Kaspersky Lab)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\\Windows\\SysNative\\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\SysWow64\\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\\Windows\\SysWow64\\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\\Notify\\klogon: DllName - Reg Error: Key error. - C:\\Windows\\SysNative\\klogon.dll (Kaspersky Lab)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\\Program Files\\Microsoft Office\\Office14\\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\\PROGRA~2\\MICROS~1\\Office14\\GROOVEEX.DLL (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\\Windows\\SysNative\\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\\Windows\\SysWow64\\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:[b]64bit:[/b] - HKLM\\..comfile [open] -- \"%1\" %*
O35:[b]64bit:[/b] - HKLM\\..exefile [open] -- \"%1\" %*
O35 - HKLM\\..comfile [open] -- \"%1\" %*
O35 - HKLM\\..exefile [open] -- \"%1\" %*
O37:[b]64bit:[/b] - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37:[b]64bit:[/b] - HKLM\\...exe [@ = exefile] -- \"%1\" %*
O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*
 
NetSvcs:[b]64bit:[/b] Ias - C:\\Windows\\SysNative\\ias [2009-07-14 05:20:14 | 000,000,000 | ---D | M]
NetSvcs:[b]64bit:[/b] Irmon - C:\\Windows\\SysNative\\irmon.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] Wmi - C:\\Windows\\SysNative\\wmi.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] Themes - C:\\Windows\\SysNative\\themeservice.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] BDESVC - C:\\Windows\\SysNative\\bdesvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] AppMgmt - C:\\Windows\\SysNative\\appmgmts.dll (Microsoft Corporation)
NetSvcs: Ias - C:\\Windows\\SysWOW64\\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\\Windows\\SysWOW64\\wmi.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OfficeSAS.lnk - C:\\Program Files\\Microsoft Office\\Office14\\OfficeSAS\\OfficeSASScheduler.exe - (Microsoft Corporation)
MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe File not found
MsConfig:64bit - StartUpReg: [b]BCSSync[/b] - hkey= - key= - D:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: [b]BrMfcWnd[/b] - hkey= - key= - C:\\Program Files (x86)\\Brother\\Brmfcmon\\BrMfcWnd.exe (Brother Industries, Ltd.)
MsConfig:64bit - StartUpReg: [b]ControlCenter3[/b] - hkey= - key= - C:\\Program Files (x86)\\Brother\\ControlCenter3\\brctrcen.exe (Brother Industries, Ltd.)
MsConfig:64bit - StartUpReg: [b]Google Quick Search Box[/b] - hkey= - key= - C:\\Program Files (x86)\\Google\\Quick Search Box\\GoogleQuickSearchBox.exe File not found
MsConfig:64bit - StartUpReg: [b]NokiaMServer[/b] - hkey= - key= - C:\\Program Files (x86)\\Common Files\\Nokia\\MPlatform\\NokiaMServer.exe (Nokia)
MsConfig:64bit - StartUpReg: [b]NokiaOviSuite2[/b] - hkey= - key= - C:\\Program Files (x86)\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe (Nokia)
MsConfig:64bit - StartUpReg: [b]PC Suite Tray[/b] - hkey= - key= - D:\\Program Files\\Nokia\\Nokia PC Suite 7\\PCSuite.exe (Nokia)
MsConfig:64bit - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\\Program Files (x86)\\Java\\jre6\\bin\\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: [b]swg[/b] - hkey= - key= - C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe File not found
MsConfig:64bit - State: \"startup\" - Reg Error: Key error.
 
SafeBootMin:[b]64bit:[/b] AppMgmt - C:\\Windows\\SysNative\\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Power - C:\\Windows\\SysNative\\umpo.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] RpcEptMapper - C:\\Windows\\SysNative\\RpcEpMap.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\\Program Files\\Windows Defender\\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] WudfPf - C:\\Windows\\SysNative\\drivers\\WUDFPf.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: VDS - C:\\Windows\\SysWOW64\\wbem\\vds.mof ()
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:[b]64bit:[/b] AppMgmt - C:\\Windows\\SysNative\\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] Dhcp - C:\\Windows\\SysNative\\dhcpcore.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] ndiscap - C:\\Windows\\SysNative\\drivers\\ndiscap.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Power - C:\\Windows\\SysNative\\umpo.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] RpcEptMapper - C:\\Windows\\SysNative\\RpcEpMap.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\\Program Files\\Windows Defender\\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfPf - C:\\Windows\\SysNative\\drivers\\WUDFPf.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Dhcp - C:\\Windows\\SysWOW64\\dhcpcore.dll (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSDrv - C:\\Windows\\SysWOW64\\wbem\\mpsdrv.mof ()
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOS - C:\\Windows\\SysWOW64\\netbios.dll (Microsoft Corporation)
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: Tcpip - C:\\Windows\\SysWOW64\\wbem\\tcpip.mof ()
SafeBootNet: TDI - Driver Group
SafeBootNet: VDS - C:\\Windows\\SysWOW64\\wbem\\vds.mof ()
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010-04-26 19:36:45 | 000,563,712 | ---- | C] (OldTimer Tools) -- C:\\Users\\Dawid\\Desktop\\OTL.exe
[2010-04-25 11:06:05 | 000,000,000 | -HSD | C] -- C:\\Config.Msi
[2010-04-24 14:01:35 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Common Files\\PX Storage Engine
[2010-04-20 15:50:06 | 001,645,320 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\gdiplus.dll
[2010-04-20 00:19:45 | 000,000,000 | ---D | C] -- C:\\Users\\Dawid\\Documents\\Alcohol 52%
[2010-04-18 16:03:47 | 000,000,000 | ---D | C] -- C:\\Program Files\\Common Files\\ATI Technologies
[2010-04-18 16:01:40 | 000,000,000 | ---D | C] -- C:\\ProgramData\\ATI
[2010-04-18 16:01:25 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Common Files\\ATI Technologies
[2010-04-18 15:58:39 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\ATI Technologies
[2010-04-18 15:58:34 | 000,000,000 | ---D | C] -- C:\\Program Files\\ATI
[2010-04-18 15:57:29 | 000,000,000 | ---D | C] -- C:\\Program Files\\ATI Technologies
[2010-04-18 01:46:17 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\XAudio2_6.dll
[2010-04-18 01:46:17 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\XAudio2_6.dll
[2010-04-18 01:46:17 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\XAPOFX1_4.dll
[2010-04-18 01:46:17 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\XAPOFX1_4.dll
[2010-04-18 01:46:14 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\xactengine3_6.dll
[2010-04-18 01:46:14 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\xactengine3_6.dll
[2010-04-18 01:46:12 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\X3DAudio1_7.dll
[2010-04-18 01:46:12 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\X3DAudio1_7.dll
[2010-04-14 13:41:01 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\vbscript.dll
[2010-04-14 13:41:01 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\vbscript.dll
[2010-04-14 13:41:00 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ntoskrnl.exe
[2010-04-14 13:40:59 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ntkrnlpa.exe
[2010-04-14 13:40:59 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ntoskrnl.exe
[2010-04-14 13:40:43 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\wintrust.dll
[2010-04-14 13:40:43 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\wintrust.dll
[2010-04-14 13:40:42 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\cabview.dll
[2010-04-14 13:40:42 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\cabview.dll
[2010-04-12 20:58:16 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\\Windows\\SysWow64\\pncrt.dll
[2010-04-12 20:58:15 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\\Windows\\SysWow64\\lameACM.acm
[2010-04-12 20:58:14 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\\Windows\\SysWow64\\yv12vfw.dll
[2010-04-12 20:58:14 | 000,151,552 | ---- | C] (fccHandler) -- C:\\Windows\\SysWow64\\ac3acm.acm
[2010-04-12 20:58:13 | 000,685,056 | ---- | C] (DivX, Inc.) -- C:\\Windows\\SysWow64\\divx.dll
[2010-04-12 20:58:13 | 000,090,112 | ---- | C] (DivX, Inc.) -- C:\\Windows\\SysWow64\\dpl100.dll
[2010-04-08 15:44:48 | 000,000,000 | ---D | C] -- C:\\Users\\Dawid\\AppData\\Local\\ElevatedDiagnostics
[2010-03-31 12:29:36 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\wininet.dll
[2010-03-31 12:29:36 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mstime.dll
[2010-03-31 12:29:36 | 000,977,920 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\wininet.dll
[2010-03-31 12:29:36 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mstime.dll
[2010-03-31 12:29:36 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iedkcs32.dll
[2010-03-31 12:29:36 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iedkcs32.dll
[2010-03-31 12:29:36 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msfeedsbs.dll
[2010-03-31 12:29:36 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msfeedsbs.dll
[2010-03-30 00:11:31 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\browserchoice.exe
[4 C:\\Windows\\SysWow64\\*.tmp files -> C:\\Windows\\SysWow64\\*.tmp -> ]
[3 C:\\ProgramData\\*.tmp files -> C:\\ProgramData\\*.tmp -> ]
[3 C:\\ProgramData\\*.tmp files -> C:\\ProgramData\\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010-04-26 19:47:46 | 004,456,448 | -HS- | M] () -- C:\\Users\\Dawid\\NTUSER.DAT
[2010-04-26 19:36:55 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\\Users\\Dawid\\Desktop\\OTL.exe
[2010-04-26 17:50:27 | 000,013,248 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-04-26 17:50:27 | 000,013,248 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-04-26 17:49:44 | 001,523,412 | ---- | M] () -- C:\\Windows\\SysNative\\PerfStringBackup.INI
[2010-04-26 17:49:44 | 000,687,590 | ---- | M] () -- C:\\Windows\\SysNative\\perfh015.dat
[2010-04-26 17:49:44 | 000,606,992 | ---- | M] () -- C:\\Windows\\SysNative\\perfh009.dat
[2010-04-26 17:49:44 | 000,131,176 | ---- | M] () -- C:\\Windows\\SysNative\\perfc015.dat
[2010-04-26 17:49:44 | 000,103,370 | ---- | M] () -- C:\\Windows\\SysNative\\perfc009.dat
[2010-04-26 17:43:15 | 000,000,006 | -H-- | M] () -- C:\\Windows\\tasks\\SA.DAT
[2010-04-26 17:43:07 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat
[2010-04-26 17:43:02 | 3220,037,632 | -HS- | M] () -- C:\\hiberfil.sys
[2010-04-26 01:15:05 | 004,173,053 | -H-- | M] () -- C:\\Users\\Dawid\\AppData\\Local\\IconCache.db
[2010-04-20 17:38:31 | 000,466,520 | ---- | M] (Creative Labs) -- C:\\Windows\\SysNative\\wrap_oal.dll
[2010-04-20 17:38:31 | 000,445,016 | ---- | M] (Creative Labs) -- C:\\Windows\\SysWow64\\wrap_oal.dll
[2010-04-20 17:38:31 | 000,122,968 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\\Windows\\SysNative\\OpenAL32.dll
[2010-04-20 17:38:31 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\\Windows\\SysWow64\\OpenAL32.dll
[2010-04-20 16:48:37 | 000,000,255 | ---- | M] () -- C:\\Users\\Dawid\\AppData\\Roaming\\burnaware.ini
[2010-04-20 15:28:27 | 000,000,110 | ---- | M] () -- C:\\Users\\Dawid\\Documents\\ax_files.xml
[2010-04-19 23:54:42 | 000,834,544 | ---- | M] () -- C:\\Windows\\SysNative\\drivers\\sptd.sys
[4 C:\\Windows\\SysWow64\\*.tmp files -> C:\\Windows\\SysWow64\\*.tmp -> ]
[3 C:\\ProgramData\\*.tmp files -> C:\\ProgramData\\*.tmp -> ]
[3 C:\\ProgramData\\*.tmp files -> C:\\ProgramData\\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010-04-20 15:51:34 | 000,000,255 | ---- | C] () -- C:\\Users\\Dawid\\AppData\\Roaming\\burnaware.ini
[2010-04-20 00:26:35 | 000,000,110 | ---- | C] () -- C:\\Users\\Dawid\\Documents\\ax_files.xml
[2010-04-19 23:54:42 | 000,834,544 | ---- | C] () -- C:\\Windows\\SysNative\\drivers\\sptd.sys
[2010-04-12 21:49:41 | 000,190,464 | ---- | C] () -- C:\\Windows\\SysNative\\unrar.dll
[2010-04-12 21:49:41 | 000,100,352 | ---- | C] () -- C:\\Windows\\SysNative\\ff_vfw.dll
[2010-04-12 20:58:15 | 000,000,414 | ---- | C] () -- C:\\Windows\\SysWow64\\lame_acm.xml
[2010-04-12 20:58:15 | 000,000,038 | ---- | C] () -- C:\\Windows\\avisplitter.ini
[2010-04-12 20:58:14 | 000,881,664 | ---- | C] () -- C:\\Windows\\SysWow64\\xvidcore.dll
[2010-04-12 20:58:14 | 000,205,824 | ---- | C] () -- C:\\Windows\\SysWow64\\xvidvfw.dll
[2010-04-12 20:58:13 | 003,596,288 | ---- | C] () -- C:\\Windows\\SysWow64\\qt-dx331.dll
[2010-04-12 20:58:12 | 000,085,504 | ---- | C] () -- C:\\Windows\\SysWow64\\ff_vfw.dll
[2010-04-12 20:58:12 | 000,000,547 | ---- | C] () -- C:\\Windows\\SysWow64\\ff_vfw.dll.manifest
[2010-03-11 11:27:52 | 000,000,136 | ---- | C] () -- C:\\Windows\\SysWow64\\cpuz.ini
[2010-01-19 19:33:40 | 000,000,404 | ---- | C] () -- C:\\Windows\\BRWMARK.INI
[2010-01-19 19:33:40 | 000,000,027 | ---- | C] () -- C:\\Windows\\BRPP2KA.INI
[2009-11-25 21:06:45 | 000,165,376 | ---- | C] () -- C:\\Windows\\SysWow64\\unrar.dll
[2009-11-25 19:06:38 | 000,000,010 | ---- | C] () -- C:\\Windows\\GSetup.ini
[2009-11-06 11:58:04 | 000,178,975 | ---- | C] () -- C:\\Windows\\SysWow64\\xlive.dll.cat
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\\Windows\\SysWow64\\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\\Windows\\SysWow64\\msjetoledb40.dll
[2008-10-07 10:13:30 | 000,197,912 | ---- | C] () -- C:\\Windows\\SysWow64\\physxcudart_20.dll
[2008-10-07 10:13:22 | 000,058,648 | ---- | C] () -- C:\\Windows\\SysWow64\\AgCPanelTraditionalChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\\Windows\\SysWow64\\AgCPanelSwedish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\\Windows\\SysWow64\\AgCPanelSpanish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\\Windows\\SysWow64\\AgCPanelSimplifiedChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\\Windows\\SysWow64\\AgCPanelPortugese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\\Windows\\SysWow64\\AgCPanelKorean.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\\Windows\\SysWow64\\AgCPanelJapanese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\\Windows\\SysWow64\\AgCPanelGerman.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\\Windows\\SysWow64\\AgCPanelFrench.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009-11-25 21:00:48 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\AIMP
[2010-03-17 17:26:22 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\gtk-2.0
[2009-12-24 15:15:03 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\Nokia
[2009-12-24 14:20:08 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\PC Suite
[2009-11-28 18:32:49 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\Rainmeter
[2009-12-03 23:48:25 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\TrueCrypt
[2010-03-18 15:15:11 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\Ubisoft
[2010-03-08 01:17:43 | 000,000,000 | ---D | M] -- C:\\Users\\Dawid\\AppData\\Roaming\\XnView
[2010-03-03 13:35:41 | 000,032,592 | ---- | M] () -- C:\\Windows\\Tasks\\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %systemdrive%\\*.* >[/color]
[2010-04-26 17:43:02 | 3220,037,632 | -HS- | M] () -- C:\\hiberfil.sys
[2010-04-26 17:43:05 | 4293,386,240 | -HS- | M] () -- C:\\pagefile.sys
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\\Windows\\SysWow64\\DriverStore\\FileRepository\\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\\Windows\\winsxs\\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\\Windows\\SysWow64\\DriverStore\\FileRepository\\mshdc.inf_amd64_neutral_a69a58a4286f0b22\\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\\Windows\\winsxs\\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\\atapi.sys
 
[color=#A23BEC]< MD5 for: BEEP.SYS  >[/color]
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\\Windows\\winsxs\\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\\beep.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\\Windows\\SysWow64\\DriverStore\\FileRepository\\cdrom.inf_amd64_neutral_8363d00ecae4322d\\cdrom.sys
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\\Windows\\winsxs\\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\\cdrom.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\\Windows\\winsxs\\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\\ndis.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2009-07-14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\\Windows\\SysWOW64\\userinit.exe
[2009-07-14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\\Windows\\SysWOW64\\userinit.exe
[2009-07-14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\\Windows\\winsxs\\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\\userinit.exe
[2009-07-14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\\Windows\\winsxs\\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\\Windows\\winsxs\\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\\winlogon.exe
[2009-10-28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\\Windows\\winsxs\\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\\winlogon.exe
[2009-10-28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\\Windows\\winsxs\\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\\winlogon.exe
< End of report >
 
Wygenerowano w 0.492s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!