OTL logfile created on: 2012-08-25 12:59:41 - Run 1 OTL by OldTimer - Version 3.2.10.0 Folder = F:\prog-instalki\LOGI KOMPA 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 6,00 Gb Total Physical Memory | 5,00 Gb Available Physical Memory | 75,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): c:\pagefile.sys 2048 2048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 111,79 Gb Total Space | 45,11 Gb Free Space | 40,35% Space Free | Partition Type: NTFS Drive D: | 811,32 Gb Total Space | 282,13 Gb Free Space | 34,77% Space Free | Partition Type: NTFS Drive E: | 232,88 Gb Total Space | 177,99 Gb Free Space | 76,43% Space Free | Partition Type: NTFS Drive F: | 585,94 Gb Total Space | 159,00 Gb Free Space | 27,14% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive X: | 76,69 Gb Total Space | 63,13 Gb Free Space | 82,32% Space Free | Partition Type: NTFS Computer Name: TDSXXX Current User Name: tds Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-19 07:49:29 | 001,456,705 | RHS- | M] (ic#code) -- C:\Windows\BitLockerDiscoveryVolumeContents\svcchost.exe PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-07-24 04:17:18 | 000,097,152 | ---- | M] (Maxthon International ltd.) -- C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe PRC - [2012-07-16 12:15:40 | 010,354,176 | ---- | M] (Creative Team S.A.) -- C:\Program Files (x86)\AQQ\AQQ.exe PRC - [2012-06-29 21:41:52 | 000,553,800 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe PRC - [2012-06-29 04:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-06-28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-06-24 19:07:35 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2012-04-17 16:19:32 | 002,614,080 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe PRC - [2012-03-07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET NOD32 Antivirus\x86\ekrn.exe PRC - [2011-11-17 05:00:06 | 002,221,712 | ---- | M] (AdFender, Inc.) -- C:\Program Files (x86)\AdFender\AdFender.exe PRC - [2011-09-16 06:21:32 | 000,432,952 | ---- | M] (QFX Software Corporation) -- C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe PRC - [2010-12-24 10:03:47 | 000,575,488 | ---- | M] (OldTimer Tools) -- F:\prog-instalki\LOGI KOMPA\OTL.exe PRC - [2009-12-21 08:00:50 | 000,081,920 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe PRC - [2001-06-10 18:28:02 | 000,246,272 | ---- | M] () -- C:\Program Files (x86)\Wallpaper Changer\WallPaper.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2012-04-21 05:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll MOD - [2010-12-24 10:03:47 | 000,575,488 | ---- | M] (OldTimer Tools) -- F:\prog-instalki\LOGI KOMPA\OTL.exe MOD - [2010-11-21 04:24:33 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll MOD - [2010-11-21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2010-11-21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-02-14 02:53:56 | 000,210,432 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files\UltraMon\RTSUltraMonHookX32.dll MOD - [2010-02-14 02:52:06 | 000,325,120 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files\UltraMon\UltraMonResButtons.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA) SRV:[b]64bit:[/b] - [2012-03-07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2011-09-27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV:[b]64bit:[/b] - [2010-11-21 04:25:07 | 000,214,528 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService) SRV:[b]64bit:[/b] - [2010-11-21 04:24:41 | 000,692,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\cscsvc.dll -- (CscService) SRV:[b]64bit:[/b] - [2010-03-25 10:41:00 | 051,456,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV:[b]64bit:[/b] - [2010-01-09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64) SRV:[b]64bit:[/b] - [2009-07-14 02:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-06-29 04:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-06-28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-06-24 19:07:35 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012-06-07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010-03-18 17:23:04 | 000,044,376 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state) SRV - [2010-03-18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdvgkmd.sys -- (VGPU) DRV:[b]64bit:[/b] - File not found [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2012-06-03 12:47:04 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2012-03-14 08:40:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr) DRV:[b]64bit:[/b] - [2012-03-14 08:40:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2012-03-14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2012-02-15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2011-11-02 18:17:26 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-11-02 18:17:26 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-09-14 14:58:46 | 000,274,616 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler) DRV:[b]64bit:[/b] - [2011-09-02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2011-09-02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2011-08-02 16:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl) DRV:[b]64bit:[/b] - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-05-02 11:41:22 | 000,040,744 | ---- | M] (Dawicontrol GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DC600e.sys -- (DC600e) DRV:[b]64bit:[/b] - [2011-05-02 11:41:14 | 000,049,752 | ---- | M] (Dawicontrol GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DC324e.sys -- (DC324e) DRV:[b]64bit:[/b] - [2011-05-02 11:41:06 | 000,040,344 | ---- | M] (Dawicontrol GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DC300e.sys -- (DC300e) DRV:[b]64bit:[/b] - [2011-05-02 11:40:56 | 000,048,328 | ---- | M] (Dawicontrol GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DC3410.sys -- (DC3410) DRV:[b]64bit:[/b] - [2011-05-02 11:40:50 | 000,048,360 | ---- | M] (Dawicontrol GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DC4300.sys -- (DC4300) DRV:[b]64bit:[/b] - [2011-05-02 11:40:42 | 000,048,136 | ---- | M] (Dawicontrol GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DC154.sys -- (DC154) DRV:[b]64bit:[/b] - [2011-05-02 11:40:32 | 000,039,832 | ---- | M] (Dawicontrol GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DC150.sys -- (DC150) DRV:[b]64bit:[/b] - [2011-05-02 11:40:20 | 000,039,320 | ---- | M] (Dawicontrol GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DC133.sys -- (DC133) DRV:[b]64bit:[/b] - [2011-03-07 10:01:46 | 000,313,136 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx) DRV:[b]64bit:[/b] - [2011-03-04 12:46:10 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:[b]64bit:[/b] - [2011-03-04 12:46:10 | 000,032,896 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:[b]64bit:[/b] - [2011-03-02 17:58:58 | 000,036,448 | ---- | M] (Asmedia Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64) DRV:[b]64bit:[/b] - [2011-02-14 07:08:24 | 000,024,880 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons) DRV:[b]64bit:[/b] - [2011-02-14 07:08:22 | 000,310,064 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx) DRV:[b]64bit:[/b] - [2011-02-09 14:26:50 | 000,026,712 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\johci.sys -- (johci) DRV:[b]64bit:[/b] - [2010-12-02 18:23:46 | 000,161,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viamrx64.sys -- (viamrx64) DRV:[b]64bit:[/b] - [2010-11-25 12:27:40 | 000,120,408 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:[b]64bit:[/b] - [2010-11-21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010-11-21 04:24:41 | 000,514,560 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC) DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,199,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,046,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,034,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2010-11-06 08:45:46 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2010-10-26 17:42:24 | 000,181,040 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mv61xx.sys -- (mv61xx) DRV:[b]64bit:[/b] - [2010-09-23 16:48:52 | 000,264,272 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ahcix64.sys -- (ahcix64) DRV:[b]64bit:[/b] - [2010-06-15 01:09:18 | 000,465,488 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MegaSR1.sys -- (MegaSR1) DRV:[b]64bit:[/b] - [2010-02-11 13:01:20 | 000,026,776 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\xfiltx64.sys -- (xfiltx64) DRV:[b]64bit:[/b] - [2010-02-11 13:00:22 | 000,015,000 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\videX64.sys -- (videX64) DRV:[b]64bit:[/b] - [2009-12-31 18:37:56 | 000,168,032 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rr2522.sys -- (rr2522) DRV:[b]64bit:[/b] - [2009-12-31 18:23:58 | 000,162,400 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rr2340.sys -- (rr2340) DRV:[b]64bit:[/b] - [2009-12-30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt) DRV:[b]64bit:[/b] - [2009-12-21 14:56:12 | 000,155,232 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rr62x.sys -- (rr62x) DRV:[b]64bit:[/b] - [2009-11-09 03:24:12 | 000,052,768 | ---- | M] (ARECA Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arcm_a64.sys -- (arcm_a64) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-07 23:56:56 | 000,226,616 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s) DRV:[b]64bit:[/b] - [2009-06-12 11:28:24 | 000,170,528 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\2310_00.sys -- (2310_00) DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-25 17:56:54 | 000,017,440 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hptiop.sys -- (hptiop) DRV:[b]64bit:[/b] - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2009-02-09 10:25:04 | 000,333,864 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Si3531.sys -- (Si3531) DRV:[b]64bit:[/b] - [2008-05-15 22:23:21 | 000,028,208 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:[b]64bit:[/b] - [2008-05-05 17:49:08 | 000,152,096 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rr232x.sys -- (rr232x) DRV:[b]64bit:[/b] - [2007-11-13 15:47:18 | 000,080,424 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PnP680.sys -- (Pnp680) DRV:[b]64bit:[/b] - [2007-11-01 14:21:14 | 000,152,096 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hptmv6.sys -- (hptmv6) DRV:[b]64bit:[/b] - [2007-11-01 14:20:10 | 000,153,632 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rr2210.sys -- (rr2210) DRV:[b]64bit:[/b] - [2007-11-01 14:19:44 | 000,159,264 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rr174x.sys -- (rr174x) DRV:[b]64bit:[/b] - [2007-11-01 14:19:04 | 000,124,448 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rr172x.sys -- (rr172x) DRV:[b]64bit:[/b] - [2007-10-03 15:51:00 | 000,022,056 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiWinAcc.sys -- (SiFilter) DRV:[b]64bit:[/b] - [2007-10-03 15:50:52 | 000,017,448 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiRemFil.sys -- (SiRemFil) DRV:[b]64bit:[/b] - [2007-10-03 15:50:26 | 000,090,664 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3132.sys -- (SI3132) DRV:[b]64bit:[/b] - [2007-06-13 01:55:56 | 001,272,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17) DRV:[b]64bit:[/b] - [2007-04-11 15:02:42 | 000,163,632 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3114r.sys -- (SI3114r) DRV:[b]64bit:[/b] - [2007-02-01 16:53:08 | 000,164,656 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3112r.sys -- (SI3112r) DRV:[b]64bit:[/b] - [2006-11-10 11:48:48 | 000,099,120 | ---- | M] (Silicon Image, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3114.sys -- (SI3114) DRV:[b]64bit:[/b] - [2006-11-02 16:25:04 | 000,113,456 | ---- | M] (Silicon Image, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3124.sys -- (SI3124) DRV:[b]64bit:[/b] - [2006-09-20 11:38:28 | 000,334,640 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Si3124r5.sys -- (Si3124r5) DRV:[b]64bit:[/b] - [2006-09-18 14:26:04 | 000,093,472 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hptmv.sys -- (hptmv) DRV - [2012-06-29 21:41:52 | 000,015,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\EVGA Precision X\RTCore64.sys -- (RTCore64) DRV - [2008-11-14 02:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl IE - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-2337871059-3691734657-1116950341-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-06-03 20:49:30 | 000,000,000 | ---D | M] [2012-06-03 15:14:43 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\mozilla\Firefox\extensions [2012-06-03 15:14:43 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\tds\AppData\Roaming\mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET NOD32 Antivirus\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe (QFX Software Corporation) O4 - HKLM..\Run: [Microsoft Windows Service Host!] C:\Windows\explorer.exe (Microsoft Corporation) O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.) O4 - HKLM..\Run: [Wallpaper] File not found O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000..\Run: [AQQ] C:\PROGRA~2\AQQ\AQQ.exe (Creative Team S.A.) O4 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000..\Run: [WallPaper] C:\Pliki programów (x86)\Wallpaper Changer\WallPaper.exe File not found O4 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1004..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - Startup: C:\Users\tds\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2012-06-03 12:52:33 | 000,000,000 | -H-D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-21-2337871059-3691734657-1116950341-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8:[b]64bit:[/b] - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\tds\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\tds\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation) O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0) O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0) O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100 O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{04be7340-bd02-11e1-b422-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{04be7340-bd02-11e1-b422-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Launcher.exe -- File not found O33 - MountPoints2\{38455dc3-ad6d-11e1-8d28-00242139113a}\Shell - "" = AutoRun O33 - MountPoints2\{38455dc3-ad6d-11e1-8d28-00242139113a}\Shell\AutoRun\command - "" = S:\DPFMate.exe -- File not found O33 - MountPoints2\{75144e7c-ad71-11e1-9150-00242139113a}\Shell - "" = AutoRun O33 - MountPoints2\{75144e7c-ad71-11e1-9150-00242139113a}\Shell\AutoRun\command - "" = O:\setup.exe -- File not found O33 - MountPoints2\{98b62a00-d235-11e1-99ba-00242139113a}\Shell - "" = AutoRun O33 - MountPoints2\{98b62a00-d235-11e1-99ba-00242139113a}\Shell\AutoRun\command - "" = S:\DPFMate.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-25 12:59:56 | 000,450,622 | ---- | C] (GMER) -- C:\Windows\gmer.dll [2012-08-24 19:24:38 | 000,000,000 | ---D | C] -- C:\Users\tds\AppData\Roaming\HD Tune Pro [2012-08-24 19:24:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune Pro [2012-08-20 18:25:23 | 000,000,000 | ---D | C] -- C:\Users\tds\AppData\Roaming\FreeStone Group [2012-08-20 18:25:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Video Card Stability Test [2012-08-20 18:12:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2012-08-20 18:12:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EVGA Precision X [2012-08-20 17:52:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z [2012-08-20 16:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012-08-20 16:32:07 | 003,266,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2012-08-20 16:32:07 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2012-08-20 16:32:06 | 006,193,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2012-08-20 16:32:06 | 002,557,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2012-08-20 16:32:06 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2012-08-20 16:31:58 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012-08-20 16:31:58 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012-08-20 16:31:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012-08-20 16:30:10 | 026,226,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012-08-20 16:30:10 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012-08-20 16:30:10 | 019,828,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012-08-20 16:30:10 | 018,228,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012-08-20 16:30:10 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012-08-20 16:30:10 | 015,290,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2012-08-20 16:30:10 | 014,806,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2012-08-20 16:30:10 | 012,388,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2012-08-20 16:30:10 | 009,164,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012-08-20 16:30:10 | 007,699,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012-08-20 16:30:10 | 002,744,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012-08-20 16:30:10 | 002,723,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2012-08-20 16:30:10 | 002,573,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012-08-20 16:30:10 | 002,422,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2012-08-20 16:30:10 | 002,216,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012-08-20 16:30:10 | 001,865,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012-08-20 16:30:10 | 001,758,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2012-08-20 16:30:10 | 001,472,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll [2012-08-19 08:16:49 | 000,000,000 | ---D | C] -- C:\Users\tds\AppData\Roaming\NVIDIA [2012-08-19 08:00:11 | 000,000,000 | ---D | C] -- C:\Users\tds\AppData\Local\Activision [2012-08-19 07:51:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\no [2012-08-17 18:12:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools [2012-08-17 18:09:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools [2012-08-17 18:09:10 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2012-08-17 18:09:09 | 000,000,000 | ---D | C] -- C:\Users\tds\AppData\Roaming\TestApp [2012-08-17 18:09:09 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2012-08-17 16:12:57 | 000,000,000 | ---D | C] -- C:\Users\tds\AppData\Local\VirtualStore [2012-08-17 16:03:10 | 000,000,000 | ---D | C] -- C:\Users\tds\AppData\Roaming\Malwarebytes [2012-08-17 16:02:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012-08-17 16:02:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-08-17 15:53:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GridinSoft Trojan Killer [2012-08-17 15:02:30 | 000,000,000 | ---D | C] -- C:\ProgramData\xycajabucrlquci [2012-08-15 17:43:24 | 000,000,000 | ---D | C] -- C:\Users\tds\AppData\Local\Darksiders2 [2012-08-04 11:17:39 | 000,000,000 | ---D | C] -- C:\Users\tds\Documents\Inversion Saves [2012-07-28 17:31:40 | 000,000,000 | ---D | C] -- C:\Windows\UbiSoft [2012-07-28 16:43:59 | 000,000,000 | ---D | C] -- C:\Users\tds\Documents\Activision [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-08-25 13:00:14 | 002,621,440 | -H-- | M] () -- C:\Users\tds\ntuser.dat [2012-08-25 13:00:03 | 000,000,249 | ---- | M] () -- C:\Windows\gmer.ini [2012-08-25 12:59:56 | 000,450,622 | ---- | M] (GMER) -- C:\Windows\gmer.dll [2012-08-25 12:59:56 | 000,042,081 | ---- | M] (GMER) -- C:\Windows\SysWow64\drivers\gmer.sys [2012-08-25 12:54:22 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-25 12:54:22 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-25 12:51:25 | 001,671,464 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-08-25 12:51:25 | 000,741,116 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-08-25 12:51:25 | 000,654,880 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-08-25 12:51:25 | 000,155,712 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-08-25 12:51:25 | 000,121,752 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-08-25 12:47:39 | 000,004,104 | ---- | M] () -- C:\Windows\SysNative\notepad.ini [2012-08-25 12:47:11 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-08-25 12:47:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-08-25 12:46:18 | 001,392,985 | -H-- | M] () -- C:\Users\tds\AppData\Local\IconCache.db [2012-08-25 12:46:02 | 000,000,168 | ---- | M] () -- C:\Users\tds\defogger_reenable [2012-08-24 19:24:32 | 000,001,037 | ---- | M] () -- C:\Users\tds\Desktop\HD Tune Pro.lnk [2012-08-24 18:25:14 | 000,417,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-08-20 18:25:22 | 000,002,195 | ---- | M] () -- C:\Users\tds\Desktop\Video Card Stability Test.lnk [2012-08-20 18:12:15 | 000,001,092 | ---- | M] () -- C:\Users\tds\Desktop\EVGA Precision X.lnk [2012-08-19 12:42:47 | 000,000,841 | ---- | M] () -- C:\Users\Public\Desktop\Babel Rising.lnk [2012-08-19 07:58:08 | 000,000,795 | ---- | M] () -- C:\Users\tds\Desktop\The Amazing Spider-Man.lnk [2012-08-18 18:20:44 | 000,001,094 | ---- | M] () -- C:\Users\tds\Desktop\Maxthon 3.lnk [2012-08-17 19:15:01 | 000,524,288 | -HS- | M] () -- C:\Users\tds\ntuser.dat{5a387d04-e87e-11e1-8a68-00242139113a}.TMContainer00000000000000000002.regtrans-ms [2012-08-17 19:15:01 | 000,524,288 | -HS- | M] () -- C:\Users\tds\ntuser.dat{5a387d04-e87e-11e1-8a68-00242139113a}.TMContainer00000000000000000001.regtrans-ms [2012-08-17 19:15:01 | 000,065,536 | -HS- | M] () -- C:\Users\tds\ntuser.dat{5a387d04-e87e-11e1-8a68-00242139113a}.TM.blf [2012-08-17 15:02:30 | 000,000,051 | ---- | M] () -- C:\ProgramData\uqmhsjjjkymzhjm [2012-08-14 22:32:08 | 000,007,598 | ---- | M] () -- C:\Users\tds\AppData\Local\Resmon.ResmonCfg [2012-08-09 19:33:02 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-08-09 19:33:02 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-08-04 11:17:20 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Inversion.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-25 12:46:02 | 000,000,168 | ---- | C] () -- C:\Users\tds\defogger_reenable [2012-08-24 19:24:32 | 000,001,037 | ---- | C] () -- C:\Users\tds\Desktop\HD Tune Pro.lnk [2012-08-20 18:25:22 | 000,002,195 | ---- | C] () -- C:\Users\tds\Desktop\Video Card Stability Test.lnk [2012-08-20 18:12:15 | 000,001,092 | ---- | C] () -- C:\Users\tds\Desktop\EVGA Precision X.lnk [2012-08-20 16:30:10 | 000,016,048 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2012-08-19 12:42:47 | 000,000,841 | ---- | C] () -- C:\Users\Public\Desktop\Babel Rising.lnk [2012-08-19 07:58:08 | 000,000,795 | ---- | C] () -- C:\Users\tds\Desktop\The Amazing Spider-Man.lnk [2012-08-18 18:20:44 | 000,001,094 | ---- | C] () -- C:\Users\tds\Desktop\Maxthon 3.lnk [2012-08-17 18:20:21 | 000,524,288 | -HS- | C] () -- C:\Users\tds\ntuser.dat{5a387d04-e87e-11e1-8a68-00242139113a}.TMContainer00000000000000000002.regtrans-ms [2012-08-17 18:20:21 | 000,524,288 | -HS- | C] () -- C:\Users\tds\ntuser.dat{5a387d04-e87e-11e1-8a68-00242139113a}.TMContainer00000000000000000001.regtrans-ms [2012-08-17 18:20:21 | 000,065,536 | -HS- | C] () -- C:\Users\tds\ntuser.dat{5a387d04-e87e-11e1-8a68-00242139113a}.TM.blf [2012-08-17 15:02:26 | 000,000,051 | ---- | C] () -- C:\ProgramData\uqmhsjjjkymzhjm [2012-08-04 11:17:20 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Inversion.lnk [2012-08-01 22:39:30 | 000,051,712 | ---- | C] () -- C:\Windows\SysWow64\coodest.dll [2012-06-17 10:23:55 | 000,000,600 | ---- | C] () -- C:\Users\tds\AppData\Roaming\winscp.rnd [2012-06-16 20:17:52 | 000,039,712 | ---- | C] () -- C:\Windows\SysWow64\ASL.dll [2012-06-10 22:14:36 | 000,007,598 | ---- | C] () -- C:\Users\tds\AppData\Local\Resmon.ResmonCfg [2012-06-03 14:35:15 | 000,003,560 | ---- | C] () -- C:\Windows\SysWow64\ludap17.ini [2012-06-03 14:35:15 | 000,000,078 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini [2012-06-03 14:35:07 | 000,108,544 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.dll [2012-06-03 14:35:07 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.dll [2012-06-03 11:23:16 | 001,637,758 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-10-08 09:49:46 | 000,003,636 | ---- | C] () -- C:\Windows\notepad.ini [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007-07-02 09:58:16 | 000,001,879 | ---- | C] () -- C:\Windows\P17EPLS.ini [2007-07-02 01:58:14 | 000,001,970 | ---- | C] () -- C:\Windows\P17EP.ini [2007-04-09 08:42:00 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\OemSpiE.dll [color=#E56717]========== LOP Check ==========[/color] [2012-06-17 14:23:57 | 000,000,000 | -HSD | M] -- C:\Users\tds\AppData\Roaming\.# [2012-08-19 11:28:47 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\AIMP3 [2012-06-10 11:15:21 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\aliasworlds [2012-06-05 19:12:31 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\Ashampoo [2012-06-23 08:14:21 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\DAEMON Tools Lite [2012-06-17 15:56:42 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\DiskAid [2012-06-09 17:06:49 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\DVDVideoSoft [2012-06-09 17:05:19 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\DVDVideoSoftIEHelpers [2012-08-20 18:25:23 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\FreeStone Group [2012-08-24 20:54:25 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\HD Tune Pro [2012-06-03 12:42:14 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\Leadertech [2012-06-03 13:28:46 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\Maxthon3 [2012-06-03 14:56:50 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\Mirillis [2012-08-17 18:19:34 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\NapiProjekt [2012-06-10 16:19:34 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\PunkBuster [2012-06-03 20:18:45 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\QFX Software [2012-06-10 10:35:20 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\Radialpoint [2012-08-17 18:09:09 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\TestApp [2012-06-24 19:02:33 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\Ubisoft [2012-08-25 12:47:36 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\uTorrent [2012-06-10 10:34:21 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\Virgin Media [2012-06-09 22:16:43 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\VS Revo Group [2012-06-23 08:35:15 | 000,000,000 | ---D | M] -- C:\Users\tds\AppData\Roaming\Warner Bros. Interactive Entertainment [2012-08-21 05:48:46 | 000,032,520 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report >