OTL logfile created on: 2012-08-19 10:20:00 - Run 4 OTL by OldTimer - Version 3.2.58.0 Folder = C:\Users\Dawid Szewczyk\Downloads Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,49 Gb Available Physical Memory | 24,71% Memory free 4,00 Gb Paging File | 1,83 Gb Available in Paging File | 45,71% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 59,63 Gb Free Space | 25,61% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 11,89 Gb Free Space | 20,30% Space Free | Partition Type: NTFS Drive E: | 15,95 Gb Total Space | 11,97 Gb Free Space | 75,02% Space Free | Partition Type: FAT32 Drive H: | 641,51 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DAWIDSZEWCZYK | User Name: Dawid Szewczyk | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-19 10:19:22 | 000,598,016 | ---- | M] (OldTimer Tools) -- C:\Users\Dawid Szewczyk\Downloads\OTL.exe PRC - [2012-06-27 12:29:26 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2012-06-27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2012-06-06 09:16:00 | 000,185,856 | ---- | M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe PRC - [2012-05-26 06:32:44 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Dawid Szewczyk\AppData\Local\Akamai\netsession_win.exe PRC - [2012-04-17 17:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2012-04-01 17:04:00 | 000,634,880 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe PRC - [2011-12-20 18:12:18 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\NLSSRV32.EXE PRC - [2011-12-20 18:11:58 | 000,196,896 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe PRC - [2011-09-15 13:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2011-09-02 02:15:40 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE PRC - [2011-08-03 15:23:54 | 000,828,944 | ---- | M] (GlavSoft LLC.) -- C:\Program Files\TightVNC\tvnserver.exe PRC - [2011-06-17 16:43:56 | 000,409,608 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe PRC - [2011-06-17 16:43:54 | 001,536,520 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe PRC - [2011-06-17 16:43:54 | 000,360,768 | ---- | M] (G Data Software AG) -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe PRC - [2011-06-17 16:43:52 | 001,426,952 | ---- | M] (G Data Software AG) -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe PRC - [2011-06-17 16:43:46 | 000,921,608 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe PRC - [2011-05-03 11:39:32 | 001,608,120 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe PRC - [2011-05-03 11:26:18 | 001,368,648 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011-01-28 13:22:50 | 000,632,792 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe PRC - [2010-11-25 19:08:30 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2010-11-25 19:08:30 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2010-11-22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files\Tunngle\TnglCtrl.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-15 16:05:30 | 000,112,600 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe PRC - [2010-03-06 04:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-07-31 07:36:14 | 000,442,392 | ---- | M] () -- C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll MOD - [2012-07-31 07:36:13 | 012,235,288 | ---- | M] () -- C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll MOD - [2012-07-31 07:36:12 | 003,997,720 | ---- | M] () -- C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll MOD - [2012-07-31 07:34:57 | 000,526,872 | ---- | M] () -- C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\Application\21.0.1180.60\libglesv2.dll MOD - [2012-07-31 07:34:55 | 000,104,984 | ---- | M] () -- C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\Application\21.0.1180.60\libegl.dll MOD - [2012-07-31 07:34:45 | 000,144,424 | ---- | M] () -- C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\Application\21.0.1180.60\avutil-51.dll MOD - [2012-07-31 07:34:43 | 000,266,792 | ---- | M] () -- C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\Application\21.0.1180.60\avformat-54.dll MOD - [2012-07-31 07:34:42 | 002,480,680 | ---- | M] () -- C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll MOD - [2012-05-11 12:57:28 | 002,335,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\e3d2577e00aef6bc9b3e235eb83634f3\Microsoft.JScript.ni.dll MOD - [2012-05-11 12:30:31 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll MOD - [2012-05-11 12:28:19 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012-05-11 12:28:13 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012-05-11 12:28:12 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012-05-11 12:27:53 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012-04-01 17:04:00 | 001,515,520 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll MOD - [2012-04-01 17:04:00 | 000,634,880 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe MOD - [2012-04-01 17:04:00 | 000,559,244 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll MOD - [2012-04-01 17:04:00 | 000,516,599 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll MOD - [2012-04-01 17:04:00 | 000,385,024 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDetect.dll MOD - [2012-04-01 17:04:00 | 000,172,032 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll MOD - [2012-04-01 17:04:00 | 000,151,552 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll MOD - [2012-04-01 17:04:00 | 000,103,936 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\OutputLog.dll MOD - [2012-04-01 17:04:00 | 000,094,208 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll MOD - [2012-01-08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll MOD - [2012-01-04 04:51:03 | 003,190,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2011-03-17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010-12-01 15:55:14 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll MOD - [2010-11-13 04:39:47 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2010-11-05 03:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010-11-05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010-11-05 03:58:04 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2009-06-10 23:23:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll MOD - [2009-06-10 23:23:03 | 000,749,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll MOD - [2001-04-16 18:39:02 | 000,037,808 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-08-19 10:04:09 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-06-27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-06-20 17:15:05 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-06-06 09:16:00 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV - [2012-05-13 13:06:57 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011-12-20 18:12:18 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc) SRV - [2011-12-20 18:11:58 | 000,196,896 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe -- (NitroDriverReadSpool2) SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Disabled | Stopped] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2011-09-15 13:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2011-08-03 15:23:54 | 000,828,944 | ---- | M] (GlavSoft LLC.) [Auto | Running] -- C:\Program Files\TightVNC\tvnserver.exe -- (tvnserver) SRV - [2011-06-17 16:43:56 | 000,409,608 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService) SRV - [2011-06-17 16:43:54 | 000,360,768 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2011-06-17 16:43:52 | 001,426,952 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2011-06-12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2011-05-03 11:39:32 | 001,608,120 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe -- (GDFwSvc) SRV - [2011-05-03 11:26:18 | 001,368,648 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe -- (AVKWCtl) SRV - [2011-02-19 13:34:33 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService) SRV - [2011-01-28 13:22:50 | 000,632,792 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2010-11-22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2010-10-22 14:04:38 | 001,555,304 | ---- | M] (2tox) [On_Demand | Stopped] -- C:\Program Files\Common Files\2ToX Common\BoostService.exe -- (AppBoosterService) SRV - [2010-05-20 20:26:24 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-05-31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [1998-06-06 00:00:00 | 000,034,036 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VARPC.EXE -- (Visual Studio Analyzer RPC bridge) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aougvttv) DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs) DRV - [2012-06-19 18:19:06 | 000,048,344 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PktIcpt.sys -- (GDPkIcpt) DRV - [2012-06-19 18:18:02 | 000,074,456 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV - [2012-06-19 18:18:02 | 000,039,640 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\HookCentre.sys -- (HookCentre) DRV - [2012-06-19 18:18:02 | 000,038,360 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\GDBehave.sys -- (GDBehave) DRV - [2012-06-19 18:18:00 | 000,029,400 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GdNetMon32.sys -- (GdNetMon) DRV - [2012-06-19 18:17:53 | 000,052,440 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\gdwfpcd32.sys -- (gdwfpcd) DRV - [2012-06-18 13:49:47 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2011-08-17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-12-01 14:44:16 | 000,100,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2010-12-01 14:44:12 | 000,143,248 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2010-12-01 14:44:12 | 000,111,504 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2010-11-24 17:58:55 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pssdk42.sys -- (PSSDK42) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-06-23 11:24:58 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot) DRV - [2009-12-21 20:39:14 | 000,016,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio) DRV - [2009-12-21 20:39:12 | 000,011,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio) DRV - [2009-10-27 00:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32) DRV - [2009-09-28 00:12:22 | 009,509,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009-09-16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) DRV - [2009-07-14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2008-12-26 13:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vcsvad.sys -- (VCSVADHWSer) DRV - [2007-02-07 17:50:32 | 000,118,552 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adiusbaw.sys -- (adiusbaw) DRV - [2007-02-07 17:50:14 | 000,056,088 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\adildr.sys -- (ELOADER) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gazeta.pl/0,0.html?p=109 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=desktop&s={searchTerms}&f=4 IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb165?a=6OyJPRMw1l&i=26 IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=desktop&s={searchTerms}&f=4 IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=113677&babsrc=SP_ss&mntrId=50b5be8500000000000000ff4380dec3 IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6OyJPRMw1l&i=26 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dawid Szewczyk\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dawid Szewczyk\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dawid Szewczyk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Dawid Szewczyk\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012-08-02 21:11:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-05-13 13:06:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-06-20 14:17:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b8\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 8\components [2010-12-24 13:34:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b8\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 8\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-06-23 21:28:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010-02-11 19:37:12 | 000,000,000 | ---D | M] [2010-01-25 15:07:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Extensions [2010-01-25 15:07:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012-08-19 09:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions [2010-03-31 19:44:01 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2012-07-09 21:14:46 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011-12-30 12:42:28 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2012-08-01 20:23:54 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2011-02-22 15:19:23 | 000,000,000 | ---D | M] (XHTML Mobile Profile) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f} [2011-05-14 06:56:39 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2010-12-24 13:28:34 | 000,000,000 | ---D | M] (CookieCuller) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460} [2010-12-26 12:40:40 | 000,000,000 | ---D | M] (Small Screen Renderer) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\{c0e4d074-e017-4610-83e3-ece995ae9b35} [2011-02-26 14:08:02 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2011-01-06 18:14:16 | 000,000,000 | ---D | M] (wmlbrowser) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7} [2010-12-14 19:07:11 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2011-01-06 18:14:16 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1} [2012-08-19 09:56:06 | 000,000,000 | ---D | M] ("Default Theme Engine - Personas Interactive") -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\btpersonas@brandthunder.com [2010-03-14 16:15:34 | 000,000,000 | ---D | M] (FIFA Online Web Launcher) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\eafo3fflauncher@ea.com [2012-07-13 07:51:06 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\ffxtlbr@babylon.com [2012-08-02 21:11:41 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\ffxtlbr@incredibar.com [2012-05-21 19:39:38 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\foxyproxy@eric.h.jung [2012-08-02 21:12:37 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\plugin@yontoo.com [2012-04-05 08:53:07 | 000,000,000 | ---D | M] (Screen Capture Elite) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\screencaptureelite@plugin [2011-02-06 16:13:08 | 000,000,000 | ---D | M] ("SeeToo Addon") -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\seetooaddon@seetoo.com [2010-08-06 08:22:44 | 000,000,000 | ---D | M] ("WhyDoWork.com AdSense Monitor") -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\wdwadsensemonitor@whydowork.com [2011-03-05 19:41:27 | 000,000,000 | ---D | M] (Keep Tube Downloader) -- C:\Users\Dawid Szewczyk\AppData\Roaming\mozilla\Firefox\Profiles\2atmvvey.default\extensions\webmaster@keep-tube.com [2012-06-19 18:18:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-06-19 18:18:11 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2011-04-05 19:20:03 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2012-05-13 13:06:57 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010-02-11 19:37:06 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2002-09-16 18:32:04 | 000,138,752 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npImagine.dll [2009-12-18 02:31:54 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2011-09-23 03:36:11 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-08-09 10:08:54 | 000,003,749 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012-07-12 19:53:50 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2011-09-23 03:36:11 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-09-23 03:36:11 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-09-23 03:36:11 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-09-23 03:36:11 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-09-23 03:36:11 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.penguins.pl/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, CHR - homepage: http://www.penguins.pl/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Webpage Screenshot Chrome Plugin (Enabled) = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoobijidemjaoohgggnlhkodhgnnlpob\8.8_0\plugin/np.dll CHR - plugin: Screen Capture Plugin (Enabled) = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoobijidemjaoohgggnlhkodhgnnlpob\8.8_0\plugin/npcapture.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.2.0.7165_0\npSkypeChromePlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll CHR - plugin: Microsoft\\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll CHR - plugin: Imagine Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npImagine.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll CHR - plugin: Unity Player (Enabled) = C:\Users\Dawid Szewczyk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Dawid Szewczyk\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Media Go Detector (Enabled) = c:\Program Files\Sony\Media Go\npmediago.dll CHR - Extension: YouTube = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Screenshot stron www - Webpage Screenshot = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\5.5.3_0\ CHR - Extension: Szukaj w Google = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Web Assistant = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.458_0\ CHR - Extension: Yet another flags = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmchcmgddbhmbkakammmklpoonoiiomk\0.9.7_0\ CHR - Extension: Country Flags = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\keifkkbjefbkgedeolmccljagcmphldp\1.1_0\ CHR - Extension: Gmail = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ CHR - Extension: Radio = C:\Users\Dawid Szewczyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaapjbgohfgkalmmjpakodbpomahebn\2.5_0\ O1 HOSTS File: ([2012-07-29 10:03:02 | 000,000,922 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll (G Data Software AG) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (Pageshots for Internet Explorer PRO) - {28CF50DA-4A17-4442-BBF9-D916BFDE072C} - C:\ProgramData\PageshotsPro\pageshots_x86.dll File not found O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll () O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Expressivo) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll (IVO Software Sp. z o.o.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (BHO) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll (G Data Software AG) O3 - HKLM\..\Toolbar: (Expressivo) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll (IVO Software Sp. z o.o.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Dawid Szewczyk\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKCU..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Facebook Update] C:\Users\Dawid Szewczyk\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [GG] C:\Users\Dawid Szewczyk\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.5.1) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36BDDE9C-EAE9-41CE-A14B-4A66373FF9E6}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36BDDE9C-EAE9-41CE-A14B-4A66373FF9E6}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4380DEC3-7AE9-4188-BD34-B4E5C2C8D2C9}: DhcpNameServer = 7.254.254.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3D16411-3E67-4B78-8197-30877EBB2546}: DhcpNameServer = 192.168.42.129 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-03-20 17:42:25 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2002-08-22 17:10:18 | 000,036,864 | R--- | M] () - H:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [2010-12-06 17:20:02 | 000,000,092 | R--- | M] () - H:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{b08cf3cb-0ca6-11df-b75b-001a4d52242a}\Shell - "" = AutoRun O33 - MountPoints2\{b08cf3cb-0ca6-11df-b75b-001a4d52242a}\Shell\AutoRun\command - "" = H:\Gazeta.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-10 11:32:15 | 000,000,000 | ---D | C] -- C:\Users\Dawid Szewczyk\.android [2012-08-10 11:30:51 | 000,000,000 | ---D | C] -- C:\Users\Dawid Szewczyk\AppData\Local\Android [2012-08-09 10:11:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search [2012-08-09 09:41:01 | 000,000,000 | -H-D | C] -- C:\$AVG [2012-08-09 09:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012 [2012-08-09 09:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2012-08-09 09:38:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012-08-09 09:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2012-08-02 21:12:36 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo [2012-08-02 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2012-08-02 21:11:53 | 000,000,000 | ---D | C] -- C:\Program Files\Perion [2012-08-02 21:11:41 | 000,000,000 | ---D | C] -- C:\Program Files\Incredibar.com [2012-08-02 21:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant [2012-07-26 14:01:00 | 000,000,000 | ---D | C] -- C:\Users\Dawid Szewczyk\Desktop\Convergence [2012-07-26 13:42:48 | 000,000,000 | ---D | C] -- C:\Users\Dawid Szewczyk\Desktop\colorbold_wp [2012-07-25 11:11:58 | 000,000,000 | ---D | C] -- C:\Users\Dawid Szewczyk\Desktop\Group Name Indicator 1.1.0 (IP.Board 3.2 & 3.3) [2012-07-24 13:32:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RonyaSoft [2012-07-24 13:32:50 | 000,000,000 | ---D | C] -- C:\Program Files\RonyaSoft [2012-07-24 13:32:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\RonyaSoft [2012-07-23 10:01:02 | 000,000,000 | ---D | C] -- C:\Users\Dawid Szewczyk\Desktop\site under construction [2012-07-23 08:43:35 | 000,000,000 | ---D | C] -- C:\Users\Dawid Szewczyk\AppData\Roaming\.minecraft [2012-07-21 13:49:15 | 000,000,000 | ---D | C] -- C:\Users\Dawid Szewczyk\Desktop\skrypt [2012-07-20 11:56:23 | 000,000,000 | ---D | C] -- C:\Users\Dawid Szewczyk\Desktop\(M32) Auto Welcome Members v2.1.1 [2010-06-02 06:22:02 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-08-19 10:36:10 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4030016867-3632113632-3663108403-1000UA.job [2012-08-19 10:36:04 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-08-19 10:09:14 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-19 10:09:14 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-19 10:04:11 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-08-19 10:04:06 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-08-19 10:04:05 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-08-19 09:57:26 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-08-19 09:57:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-08-19 09:57:12 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys [2012-08-18 17:32:43 | 000,072,215 | ---- | M] () -- C:\Users\Dawid Szewczyk\Desktop\1183.jpeg [2012-08-12 11:30:20 | 000,060,707 | ---- | M] () -- C:\Users\Dawid Szewczyk\Desktop\NHL-13-Cover-Athlete-Vote.jpg [2012-08-10 19:11:42 | 000,325,015 | ---- | M] () -- C:\Users\Dawid Szewczyk\Desktop\DSCF3027.JPG [2012-08-10 09:56:39 | 000,000,193 | ---- | M] () -- C:\Users\Dawid Szewczyk\Desktop\Source SDK Base 2007.url [2012-08-08 19:00:32 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job [2012-08-08 18:27:10 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4030016867-3632113632-3663108403-1000UA.job [2012-08-08 14:35:00 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4030016867-3632113632-3663108403-1000Core.job [2012-08-08 09:26:01 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4030016867-3632113632-3663108403-1000Core.job [2012-08-07 20:46:23 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2012-08-06 13:51:14 | 000,151,052 | ---- | M] () -- C:\Users\Dawid Szewczyk\Desktop\4.jpg [2012-08-06 13:51:03 | 001,090,794 | ---- | M] () -- C:\Users\Dawid Szewczyk\Desktop\ciekawostki.psd [2012-08-06 10:58:17 | 305,335,211 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012-08-05 16:58:58 | 000,206,085 | ---- | M] () -- C:\Users\Dawid Szewczyk\Desktop\zapowiedz.jpg [2012-08-05 16:56:33 | 000,016,017 | ---- | M] () -- C:\Users\Dawid Szewczyk\Desktop\200px-Columbus_BlueJackets_svg.png [2012-08-04 19:14:52 | 000,737,730 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-08-04 19:14:52 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-08-04 19:14:52 | 000,154,418 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-08-04 19:14:52 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-08-02 21:11:46 | 000,000,684 | ---- | M] () -- C:\user.js [2012-07-31 19:48:28 | 000,020,219 | ---- | M] () -- C:\Users\Dawid Szewczyk\Desktop\599926_10151299675428765_1864657398_n.jpg [2012-07-27 16:35:01 | 000,000,600 | ---- | M] () -- C:\Users\Dawid Szewczyk\AppData\Local\PUTTY.RND [2012-07-26 17:16:23 | 000,000,132 | ---- | M] () -- C:\Users\Dawid Szewczyk\AppData\Roaming\Preferencje Adobe CS5 dla formatu GIF [2012-07-26 15:33:51 | 000,000,132 | ---- | M] () -- C:\Users\Dawid Szewczyk\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG [2012-07-26 13:19:57 | 000,064,573 | ---- | M] () -- C:\Users\Dawid Szewczyk\Desktop\20120725_Sutter_Visit_011_slide.jpg [2012-07-25 13:42:26 | 000,006,144 | ---- | M] () -- C:\Users\Dawid Szewczyk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-25 07:42:37 | 004,016,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-07-21 18:27:30 | 189,018,296 | ---- | M] () -- C:\Users\Dawid Szewczyk\Desktop\Pittsburgh Penguins 2011-2012 Promo_(1080p).mp4 [2012-07-21 13:49:43 | 000,067,440 | ---- | M] () -- C:\Users\Dawid Szewczyk\Desktop\skrypt.rar [2012-07-20 14:00:41 | 000,154,835 | ---- | M] () -- C:\Users\Dawid Szewczyk\Desktop\3.jpg [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-18 17:32:54 | 000,072,215 | ---- | C] () -- C:\Users\Dawid Szewczyk\Desktop\1183.jpeg [2012-08-12 11:30:28 | 000,060,707 | ---- | C] () -- C:\Users\Dawid Szewczyk\Desktop\NHL-13-Cover-Athlete-Vote.jpg [2012-08-10 19:11:52 | 000,325,015 | ---- | C] () -- C:\Users\Dawid Szewczyk\Desktop\DSCF3027.JPG [2012-08-10 09:56:39 | 000,000,193 | ---- | C] () -- C:\Users\Dawid Szewczyk\Desktop\Source SDK Base 2007.url [2012-08-06 13:50:07 | 000,151,052 | ---- | C] () -- C:\Users\Dawid Szewczyk\Desktop\4.jpg [2012-08-05 16:58:46 | 000,206,085 | ---- | C] () -- C:\Users\Dawid Szewczyk\Desktop\zapowiedz.jpg [2012-08-05 16:56:42 | 000,016,017 | ---- | C] () -- C:\Users\Dawid Szewczyk\Desktop\200px-Columbus_BlueJackets_svg.png [2012-07-31 19:48:43 | 000,020,219 | ---- | C] () -- C:\Users\Dawid Szewczyk\Desktop\599926_10151299675428765_1864657398_n.jpg [2012-07-26 13:20:07 | 000,064,573 | ---- | C] () -- C:\Users\Dawid Szewczyk\Desktop\20120725_Sutter_Visit_011_slide.jpg [2012-07-21 17:49:58 | 189,018,296 | ---- | C] () -- C:\Users\Dawid Szewczyk\Desktop\Pittsburgh Penguins 2011-2012 Promo_(1080p).mp4 [2012-07-21 13:49:43 | 000,067,440 | ---- | C] () -- C:\Users\Dawid Szewczyk\Desktop\skrypt.rar [2012-07-20 14:00:39 | 000,154,835 | ---- | C] () -- C:\Users\Dawid Szewczyk\Desktop\3.jpg [2012-06-22 13:42:59 | 000,461,368 | ---- | C] () -- C:\Windows\System32\pwNative.exe [2012-06-22 13:42:58 | 000,016,456 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys [2012-06-22 13:42:26 | 000,011,088 | ---- | C] () -- C:\Windows\System32\pwdspio.sys [2012-06-20 13:51:31 | 000,721,786 | ---- | C] () -- C:\Windows\System32\sig.bin [2012-05-19 11:35:45 | 000,017,408 | ---- | C] () -- C:\Users\Dawid Szewczyk\AppData\Local\WebpageIcons.db [2012-05-18 17:29:54 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012-01-29 14:24:44 | 000,000,156 | ---- | C] () -- C:\Users\Dawid Szewczyk\.Xauthority [2011-11-08 19:08:38 | 000,508,224 | ---- | C] () -- C:\Windows\System32\ICCProfiles.dll [2011-08-25 11:07:22 | 000,000,132 | ---- | C] () -- C:\Users\Dawid Szewczyk\AppData\Roaming\Preferencje Adobe CS5 dla formatu Targa [2011-07-27 13:46:58 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe [2011-06-06 15:01:33 | 000,000,238 | ---- | C] () -- C:\Windows\iepreview.ini [2011-05-26 12:46:36 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-05-26 12:45:14 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-04-14 20:07:33 | 000,000,030 | ---- | C] () -- C:\Windows\TextSpy.ini [2011-04-12 20:52:30 | 000,000,137 | ---- | C] () -- C:\Windows\disney.ini [2011-04-05 19:24:04 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2011-04-03 18:59:30 | 000,000,185 | ---- | C] () -- C:\Windows\mdm.ini [2011-04-03 18:58:54 | 000,000,535 | ---- | C] () -- C:\Windows\ODBCINST.INI [2011-04-03 18:58:54 | 000,000,288 | ---- | C] () -- C:\Windows\ODBC.INI [2011-03-26 12:56:18 | 000,000,132 | ---- | C] () -- C:\Users\Dawid Szewczyk\AppData\Roaming\Preferencje Adobe CS5 dla formatu GIF [2011-03-08 18:09:30 | 000,000,122 | ---- | C] () -- C:\Users\Dawid Szewczyk\helpexplore.conf [2011-02-19 14:09:58 | 000,004,916 | ---- | C] () -- C:\ProgramData\ojobkspa.ako [2011-02-19 13:34:45 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe [2011-02-10 17:50:43 | 000,006,144 | ---- | C] () -- C:\Users\Dawid Szewczyk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-02 16:28:21 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2011-01-02 13:46:59 | 000,000,132 | ---- | C] () -- C:\Users\Dawid Szewczyk\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG [2010-12-18 10:44:38 | 000,113,816 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2010-12-14 19:01:38 | 001,415,907 | ---- | C] () -- C:\Windows\System32\Wb025.dat [2010-12-14 19:01:38 | 001,321,472 | ---- | C] () -- C:\Windows\System32\SYSWB6.exe [2010-12-14 19:01:38 | 001,252,635 | ---- | C] () -- C:\Windows\System32\Wb015.dat [2010-12-14 19:01:38 | 000,766,976 | ---- | C] () -- C:\Windows\System32\Winkb6.exe [2010-12-14 19:01:38 | 000,640,000 | ---- | C] () -- C:\Windows\System32\WeUninstall.exe [2010-12-14 19:01:38 | 000,097,481 | ---- | C] () -- C:\Windows\System32\Wb035.dat [2010-12-14 19:01:38 | 000,064,890 | ---- | C] () -- C:\Windows\System32\Wb100.dat [2010-12-14 19:01:38 | 000,012,583 | ---- | C] () -- C:\Windows\System32\WbWords.dat [2010-12-14 19:01:38 | 000,001,426 | ---- | C] () -- C:\Windows\System32\Wbconf.dat [2010-12-14 19:01:38 | 000,001,023 | ---- | C] () -- C:\Windows\System32\WBUS.dat [2010-12-14 19:01:38 | 000,000,267 | ---- | C] () -- C:\Windows\System32\wbUsUBlk.Dat [2010-12-14 19:01:38 | 000,000,227 | ---- | C] () -- C:\Windows\System32\WBLog.dat [2010-12-14 19:01:38 | 000,000,098 | ---- | C] () -- C:\Windows\System32\wbUsBlk.Dat [2010-12-14 19:01:38 | 000,000,052 | ---- | C] () -- C:\Windows\System32\nwt.sys [2010-12-01 15:10:39 | 000,000,169 | ---- | C] () -- C:\Windows\adidsl.ini [2010-12-01 15:10:39 | 000,000,021 | ---- | C] () -- C:\Windows\Fast800.ini [2010-12-01 15:10:23 | 000,253,008 | ---- | C] () -- C:\Windows\adirasx64.exe [2010-12-01 15:10:23 | 000,194,128 | ---- | C] () -- C:\Windows\adiras.exe [2010-12-01 15:10:19 | 000,127,456 | ---- | C] () -- C:\Windows\System32\IPDETECT.EXE [2010-12-01 15:10:15 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9P2.BIN [2010-12-01 15:10:15 | 000,024,576 | ---- | C] () -- C:\Windows\enddisk32.exe [2010-12-01 15:10:14 | 000,152,308 | ---- | C] () -- C:\Windows\System32\drivers\L1E4I2.BIN [2010-12-01 15:10:14 | 000,152,306 | ---- | C] () -- C:\Windows\System32\drivers\L1E4I1.BIN [2010-12-01 15:10:14 | 000,152,306 | ---- | C] () -- C:\Windows\System32\drivers\L1E4I0.BIN [2010-12-01 15:10:14 | 000,152,146 | ---- | C] () -- C:\Windows\System32\drivers\L1E4P2.BIN [2010-12-01 15:10:14 | 000,152,145 | ---- | C] () -- C:\Windows\System32\drivers\L1E4P1.BIN [2010-12-01 15:10:14 | 000,152,145 | ---- | C] () -- C:\Windows\System32\drivers\L1E4P0.BIN [2010-12-01 15:10:14 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9P1.BIN [2010-12-01 15:10:14 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9P0.BIN [2010-12-01 15:10:14 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9I2.BIN [2010-12-01 15:10:14 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9I1.BIN [2010-12-01 15:10:14 | 000,152,126 | ---- | C] () -- C:\Windows\System32\drivers\L1E9I0.BIN [2010-12-01 15:10:14 | 000,152,036 | ---- | C] () -- C:\Windows\System32\drivers\L1E4D2.BIN [2010-12-01 15:10:14 | 000,152,034 | ---- | C] () -- C:\Windows\System32\drivers\L1E4D0.BIN [2010-12-01 15:10:14 | 000,046,892 | ---- | C] () -- C:\Windows\System32\ADADIX16.DLL [2010-12-01 15:10:13 | 000,152,034 | ---- | C] () -- C:\Windows\System32\drivers\L1E4D1.BIN [2010-12-01 15:10:13 | 000,022,395 | ---- | C] () -- C:\Windows\System32\drivers\fpga.bin [2010-06-02 06:22:54 | 001,412,902 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab [2010-06-02 06:22:54 | 001,127,217 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab [2010-06-02 06:22:54 | 000,273,960 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab [2010-06-02 06:22:54 | 000,272,611 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab [2010-06-02 06:22:54 | 000,182,361 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab [2010-06-02 06:22:54 | 000,138,017 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab [2010-06-02 06:22:54 | 000,086,037 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab [2010-06-02 06:22:54 | 000,045,359 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab [2010-06-02 06:22:52 | 001,906,878 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab [2010-06-02 06:22:52 | 001,550,796 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab [2010-06-02 06:22:52 | 000,965,421 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab [2010-06-02 06:22:52 | 000,121,794 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab [2010-06-02 06:22:52 | 000,092,684 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab [2010-06-02 06:22:52 | 000,054,522 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab [2010-06-02 06:22:52 | 000,021,851 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab [2010-06-02 06:22:50 | 000,994,154 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab [2010-06-02 06:22:50 | 000,196,762 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab [2010-06-02 06:22:50 | 000,148,264 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab [2010-06-02 06:22:50 | 000,046,144 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab [2010-06-02 06:22:50 | 000,018,496 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab [2010-06-02 06:22:48 | 001,802,058 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab [2010-06-02 06:22:48 | 001,709,360 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab [2010-06-02 06:22:48 | 000,864,600 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab [2010-06-02 06:22:48 | 000,803,884 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab [2010-06-02 06:22:48 | 000,273,018 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x86.cab [2010-06-02 06:22:46 | 000,275,044 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x64.cab [2010-06-02 06:22:46 | 000,121,506 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x64.cab [2010-06-02 06:22:46 | 000,092,740 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x86.cab [2010-06-02 06:22:38 | 000,054,600 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x64.cab [2010-06-02 06:22:38 | 000,021,298 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x86.cab [2010-06-02 06:22:36 | 001,973,702 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x64.cab [2010-06-02 06:22:36 | 001,612,446 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x86.cab [2010-06-02 06:22:36 | 001,067,160 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x64.cab [2010-06-02 06:22:36 | 001,040,745 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x86.cab [2010-06-02 06:22:36 | 000,251,194 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab [2010-06-02 06:22:36 | 000,226,250 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab [2010-06-02 06:22:36 | 000,122,336 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab [2010-06-02 06:22:36 | 000,093,734 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab [2010-06-02 06:22:34 | 001,769,862 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab [2010-06-02 06:22:34 | 001,443,282 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab [2010-06-02 06:22:34 | 000,818,260 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab [2010-06-02 06:22:34 | 000,055,058 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab [2010-06-02 06:22:34 | 000,021,867 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab [2010-06-02 06:22:32 | 000,937,246 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x64.cab [2010-06-02 06:22:32 | 000,844,884 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab [2010-06-02 06:22:32 | 000,768,036 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x86.cab [2010-06-02 06:22:32 | 000,278,060 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x86.cab [2010-06-02 06:22:32 | 000,277,338 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x64.cab [2010-06-02 06:22:32 | 000,124,596 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x64.cab [2010-06-02 06:22:32 | 000,093,686 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x86.cab [2010-06-02 06:22:30 | 000,762,188 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x86.cab [2010-06-02 06:22:30 | 000,235,955 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x64.cab [2010-06-02 06:22:30 | 000,197,283 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x86.cab [2010-06-02 06:22:30 | 000,138,205 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x64.cab [2010-06-02 06:22:30 | 000,109,445 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x86.cab [2010-06-02 06:22:28 | 000,944,460 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x64.cab [2010-06-02 06:22:28 | 000,931,471 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x86.cab [2010-06-02 06:22:28 | 000,752,783 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x64.cab [2010-06-02 06:22:20 | 000,269,024 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab [2010-06-02 06:22:18 | 001,792,608 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab [2010-06-02 06:22:18 | 001,463,878 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab [2010-06-02 06:22:18 | 000,867,828 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab [2010-06-02 06:22:18 | 000,849,919 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab [2010-06-02 06:22:18 | 000,269,628 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab [2010-06-02 06:22:18 | 000,152,909 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab [2010-06-02 06:22:18 | 000,121,054 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab [2010-06-02 06:22:18 | 000,093,128 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab [2010-06-02 06:22:18 | 000,055,154 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab [2010-06-02 06:22:18 | 000,021,905 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab [2010-06-02 06:22:16 | 001,607,774 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab [2010-06-02 06:22:16 | 001,607,286 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab [2010-06-02 06:22:16 | 001,064,925 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab [2010-06-02 06:22:16 | 000,699,044 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab [2010-06-02 06:22:16 | 000,698,472 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab [2010-06-02 06:22:16 | 000,197,122 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab [2010-06-02 06:22:16 | 000,180,785 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab [2010-06-02 06:22:16 | 000,133,671 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab [2010-06-02 06:22:14 | 001,336,002 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab [2010-06-02 06:22:14 | 000,277,191 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x86.cab [2010-06-02 06:22:14 | 000,276,960 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x64.cab [2010-06-02 06:22:14 | 000,122,446 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x64.cab [2010-06-02 06:22:14 | 000,093,180 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x86.cab [2010-06-02 06:22:12 | 000,194,675 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab [2010-06-02 06:22:12 | 000,147,983 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab [2010-06-02 06:22:12 | 000,054,678 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x64.cab [2010-06-02 06:22:12 | 000,020,713 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x86.cab [2010-06-02 06:22:10 | 000,178,359 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab [2010-06-02 06:22:10 | 000,132,409 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab [2010-06-02 06:22:04 | 001,084,720 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab [2010-06-02 06:22:02 | 001,801,048 | ---- | C] () -- C:\Program Files\dsetup32.dll [2010-06-02 06:22:02 | 001,574,376 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab [2010-06-02 06:22:02 | 001,362,796 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab [2010-06-02 06:22:02 | 001,247,499 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab [2010-06-02 06:22:02 | 001,013,225 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab [2010-06-02 06:22:02 | 000,537,432 | ---- | C] () -- C:\Program Files\DXSETUP.exe [2010-06-02 06:22:02 | 000,192,475 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab [2010-06-02 06:22:02 | 000,145,599 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab [2010-06-02 06:22:02 | 000,094,011 | ---- | C] () -- C:\Program Files\dxupdate.cab [2010-06-02 06:22:02 | 000,042,410 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab [2010-06-02 06:22:00 | 001,571,154 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab [2010-06-02 06:22:00 | 001,357,976 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab [2010-06-02 06:22:00 | 001,079,456 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab [2010-06-02 06:22:00 | 000,273,264 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x64.cab [2010-06-02 06:22:00 | 000,272,642 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x86.cab [2010-06-02 06:22:00 | 000,212,807 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab [2010-06-02 06:22:00 | 000,191,720 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab [2010-06-02 06:22:00 | 000,122,408 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x64.cab [2010-06-02 06:22:00 | 000,093,106 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x86.cab [2010-06-02 06:21:58 | 000,930,116 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x64.cab [2010-06-02 06:21:58 | 000,728,456 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x86.cab [2010-06-02 06:21:58 | 000,232,635 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x64.cab [2010-06-02 06:21:58 | 000,192,131 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x86.cab [2010-06-02 06:21:58 | 000,136,301 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x64.cab [2010-06-02 06:21:58 | 000,105,044 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x86.cab [2010-06-02 06:21:56 | 003,319,740 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x86.cab [2010-06-02 06:21:56 | 003,112,111 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x64.cab [2010-06-02 06:21:56 | 000,900,598 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x86.cab [2010-06-02 06:21:46 | 000,919,044 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x64.cab [2010-06-02 06:21:46 | 000,271,412 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab [2010-06-02 06:21:46 | 000,271,038 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab [2010-06-02 06:21:44 | 001,794,084 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab [2010-06-02 06:21:44 | 001,464,672 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab [2010-06-02 06:21:44 | 000,849,167 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab [2010-06-02 06:21:44 | 000,198,096 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab [2010-06-02 06:21:44 | 000,153,012 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab [2010-06-02 06:21:44 | 000,121,772 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab [2010-06-02 06:21:44 | 000,092,996 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab [2010-06-02 06:21:42 | 001,800,160 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab [2010-06-02 06:21:42 | 001,708,152 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab [2010-06-02 06:21:42 | 000,867,612 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab [2010-06-02 06:21:42 | 000,852,286 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab [2010-06-02 06:21:42 | 000,796,867 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab [2010-06-02 06:21:40 | 001,350,542 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab [2010-06-02 06:21:40 | 001,077,644 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab [2010-06-02 06:21:40 | 000,182,903 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab [2010-06-02 06:21:40 | 000,137,235 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab [2010-06-02 06:21:40 | 000,087,142 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab [2010-06-02 06:21:40 | 000,053,302 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab [2010-06-02 06:21:40 | 000,046,058 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab [2010-06-02 06:21:38 | 001,606,039 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab [2010-06-02 06:21:38 | 000,195,766 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab [2010-06-02 06:21:38 | 000,151,225 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab [2010-06-02 06:21:38 | 000,096,817 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab [2010-06-02 06:21:36 | 001,607,358 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab [2010-06-02 06:21:36 | 000,698,612 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab [2010-06-02 06:21:36 | 000,695,865 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab [2010-06-02 06:21:34 | 000,046,010 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab [2010-06-02 06:21:20 | 000,087,101 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab [2010-06-02 06:21:18 | 004,162,630 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab [2010-06-02 06:21:18 | 000,916,430 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab [2010-06-02 06:21:18 | 000,179,133 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab [2010-06-02 06:21:18 | 000,133,103 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab [2010-06-02 06:21:16 | 001,397,830 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab [2010-06-02 06:21:16 | 001,347,354 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab [2010-06-02 06:21:16 | 001,115,221 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab [2010-06-02 06:21:16 | 001,078,962 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab [2010-03-14 16:18:24 | 000,139,152 | ---- | C] () -- C:\Users\Dawid Szewczyk\AppData\Roaming\PnkBstrK.sys [2010-02-22 16:54:49 | 000,000,272 | ---- | C] () -- C:\Users\Dawid Szewczyk\AppData\Roaming\burnaware.ini [2010-02-14 18:37:38 | 000,000,600 | ---- | C] () -- C:\Users\Dawid Szewczyk\AppData\Roaming\winscp.rnd [2010-02-14 10:08:25 | 000,000,600 | ---- | C] () -- C:\Users\Dawid Szewczyk\AppData\Local\PUTTY.RND [color=#E56717]========== LOP Check ==========[/color] [2012-07-23 08:43:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\.minecraft [2010-10-04 19:34:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\AceBIT [2011-01-29 18:25:07 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Artisteer [2012-03-22 16:33:47 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Avnex [2012-07-12 19:53:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Babylon [2012-07-12 19:54:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\BabylonToolbar [2010-02-27 16:05:40 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Bersirc [2012-05-18 17:26:59 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\BESTplayer [2010-12-19 11:03:27 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Booster [2010-03-27 12:18:43 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\com.adobe.ExMan [2010-06-30 13:02:32 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\com.polythink.ups.wda.03EBA0C726630DF115D9764F9B83F5185396D811.1 [2012-06-18 13:56:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\DAEMON Tools Lite [2010-11-01 19:21:34 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Dev-Cpp [2012-01-15 12:37:02 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Downloaded Installations [2010-12-24 16:00:00 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Easy Thumbnails [2010-11-24 17:51:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\eM Client [2012-03-31 16:50:50 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\EurekaLog [2011-06-18 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Expressivo [2012-08-09 10:51:29 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\FileZilla [2010-01-25 15:43:51 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\FlashFXP [2011-05-27 21:11:59 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\foobar2000 [2010-02-11 19:37:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Foxit [2011-11-09 20:51:53 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Gadu-Gadu 10 [2012-08-19 10:03:47 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\GG [2010-07-25 08:30:48 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Groove Games [2011-04-23 11:18:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\gtk-2.0 [2011-06-09 16:46:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Gzegzolka XP [2010-04-27 17:57:01 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\HLSW [2012-05-06 09:00:01 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\HTC [2011-12-03 09:55:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2010-05-02 11:38:08 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\ICQ [2011-04-12 20:26:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\InterTrust [2012-05-18 17:26:02 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\ipla [2010-01-29 09:27:08 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Leadertech [2011-12-14 19:45:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\LibreOffice [2012-05-07 13:08:04 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Maxthon3 [2011-02-06 14:47:57 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\mojosoft [2011-02-19 14:10:02 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\MOVAVI [2012-02-17 15:22:30 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Nitro PDF [2012-08-19 09:56:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Notepad++ [2010-04-02 08:38:04 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Noth2 [2010-01-25 16:08:55 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\OpenOffice.org [2010-08-10 16:56:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Opera [2011-12-03 09:58:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Outlook [2011-04-17 17:18:41 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Pamela [2010-12-14 13:09:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\PhotoFiltre [2011-05-31 15:28:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Publish Providers [2012-02-22 20:06:01 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Registry Mechanic [2011-05-04 14:41:25 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Sony [2010-01-27 13:38:37 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Sony Setup [2010-05-21 16:07:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Sports Interactive [2011-05-02 08:53:08 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Sprite Software [2011-02-07 18:54:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010-01-25 11:14:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Thunderbird [2010-03-04 16:17:23 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Tific [2011-12-30 20:07:04 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\TightVNC [2012-06-22 15:19:39 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\TS3Client [2011-03-17 19:28:46 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Tunngle [2011-01-04 22:01:16 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\Unity [2012-08-19 09:56:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\uTorrent [2012-02-27 16:09:00 | 000,000,000 | ---D | M] -- C:\Users\Dawid Szewczyk\AppData\Roaming\wargaming.net [2012-08-08 09:26:01 | 000,001,092 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4030016867-3632113632-3663108403-1000Core.job [2012-08-08 18:27:10 | 000,001,114 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4030016867-3632113632-3663108403-1000UA.job [2012-08-08 19:00:32 | 000,000,272 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job [2012-08-08 09:09:08 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 236 bytes -> C:\ProgramData\TEMP:9A870F8B @Alternate Data Stream - 164 bytes -> C:\Users\Dawid Szewczyk\Desktop\1.jpeg:3or4kl4x13tuuug3Byamue2s4b @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:05EE1EEF @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D1B5B4F1 @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:C8B8CEBD < End of report >