OTL logfile created on: 9/1/2012 6:05:23 PM - Run 1 OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Ja\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1.86 Gb Total Physical Memory | 0.62 Gb Available Physical Memory | 33.53% Memory free 3.71 Gb Paging File | 1.78 Gb Available in Paging File | 47.85% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 450.66 Gb Total Space | 227.33 Gb Free Space | 50.44% Space Free | Partition Type: NTFS Computer Name: JA-KOMPUTER | User Name: Ja | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/09/01 18:04:07 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Ja\Downloads\OTL.exe PRC - [2012/08/09 00:15:13 | 001,549,312 | ---- | M] (AIMP DevTeam) -- C:\Program Files (x86)\AIMP3\AIMP3.exe PRC - [2012/06/26 13:10:30 | 001,516,632 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe PRC - [2012/06/11 11:33:26 | 000,724,376 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe PRC - [2012/06/11 11:33:06 | 000,126,872 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2012/05/24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Ja\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2011/10/08 22:43:16 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe PRC - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2011/05/26 08:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe PRC - [2011/04/24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe PRC - [2011/04/22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe PRC - [2011/03/22 05:04:08 | 000,353,872 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2011/03/22 05:04:08 | 000,334,416 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2011/03/22 05:04:06 | 001,095,248 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2011/03/21 04:19:10 | 000,416,848 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe PRC - [2011/01/13 12:27:26 | 001,751,656 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe PRC - [2011/01/13 03:00:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010/12/20 12:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010/12/20 12:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010/05/21 01:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe PRC - [2010/03/11 23:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2010/01/30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe PRC - [2009/12/23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012/08/09 00:15:17 | 001,198,080 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Modules\aimp_libvorbis.dll MOD - [2012/08/09 00:15:17 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\PandemicAnalogMeter.dll MOD - [2012/08/09 00:15:16 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\OptimFROG.dll MOD - [2012/08/09 00:15:16 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\aimp_lastfm.dll MOD - [2012/08/09 00:15:16 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Aorta.svp MOD - [2012/08/09 00:15:14 | 000,443,904 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Sqlite3.dll MOD - [2012/06/26 13:11:10 | 000,345,688 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll MOD - [2012/06/26 13:11:08 | 000,282,200 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll MOD - [2012/06/26 13:11:02 | 008,197,208 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll MOD - [2012/06/26 13:11:00 | 002,302,040 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll MOD - [2012/06/26 13:10:58 | 000,202,328 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll MOD - [2012/06/26 13:10:58 | 000,027,736 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll MOD - [2006/05/21 20:32:40 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Punkie.svp MOD - [2006/05/21 20:32:28 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\CosmicNebulae.svp MOD - [2006/05/21 20:32:28 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\CosmicBelt.svp MOD - [2003/12/12 11:57:38 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\NovembersFire.svp MOD - [2003/12/12 07:06:54 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\SpectraGrid.svp MOD - [2002/12/17 15:13:44 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\PX.SVP MOD - [2002/12/17 11:36:38 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Nad 1.01.svp MOD - [2002/12/14 02:04:18 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Chaos Wave 0.0.3.svp MOD - [2002/12/14 02:04:18 | 000,060,676 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Faited 1.01.svp MOD - [2002/10/03 12:36:46 | 000,057,588 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\cwave.svp MOD - [2002/10/03 12:10:56 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Jazz 1.1.svp MOD - [2002/10/03 12:10:56 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Pixel Ballet .25.svp MOD - [2002/10/03 12:10:56 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Pixel Glissade 2.0.svp MOD - [2002/09/25 20:29:52 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Miffo.svp MOD - [2002/09/25 17:07:36 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Xoo 1.0.svp MOD - [2002/09/25 06:18:26 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Starwave 1.0.svp MOD - [2002/09/22 12:17:18 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\corona.svp MOD - [2002/09/08 16:02:38 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\spacething.svp MOD - [2002/09/08 03:39:16 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Aorta 1.1.svp MOD - [2001/11/08 21:35:54 | 000,108,544 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\vov-sa172.svp MOD - [2001/07/18 19:18:24 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Rabbit Hole 1.1.svp MOD - [2001/02/03 23:11:32 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Rainbow Reaction 1.01.svp MOD - [2000/04/19 16:39:28 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Light Magick.svp MOD - [2000/03/29 04:42:50 | 000,079,360 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Spectrum_R.svp MOD - [1999/12/09 08:33:30 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\FunkEasy.svp MOD - [1999/09/10 03:54:52 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\PeakFreq.svp MOD - [1999/08/10 12:27:08 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Pws VU Meter 1.2.svp MOD - [1999/07/29 12:57:10 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Spectral Trip 1.0.svp [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012/02/29 03:19:40 | 001,890,568 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent) SRV:[b]64bit:[/b] - [2012/02/29 03:19:30 | 003,291,912 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe -- (PDEngine) SRV:[b]64bit:[/b] - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2011/05/10 23:01:08 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV:[b]64bit:[/b] - [2011/04/22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service) SRV:[b]64bit:[/b] - [2010/12/17 07:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg) SRV:[b]64bit:[/b] - [2010/09/23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/08/15 12:19:41 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/06/11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011/10/08 22:43:16 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2011/08/23 00:12:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/06/28 00:00:02 | 001,113,784 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2011/05/26 08:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2011/04/24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2011/03/22 05:04:08 | 000,353,872 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2011/01/13 12:27:26 | 001,751,656 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2011/01/13 03:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010/12/20 12:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/12/20 12:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/06/02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010/05/21 01:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/11 23:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2010/01/30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2009/12/23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012/06/11 11:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:[b]64bit:[/b] - [2012/04/03 14:19:10 | 000,147,248 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012/02/28 11:25:54 | 000,081,424 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFSFilter) DRV:[b]64bit:[/b] - [2012/01/17 17:12:28 | 000,140,816 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DefragFs.sys -- (DefragFS) DRV:[b]64bit:[/b] - [2012/01/09 17:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:[b]64bit:[/b] - [2012/01/09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:[b]64bit:[/b] - [2012/01/09 17:28:20 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64) DRV:[b]64bit:[/b] - [2012/01/09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:[b]64bit:[/b] - [2012/01/09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:[b]64bit:[/b] - [2012/01/09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:[b]64bit:[/b] - [2011/12/10 23:10:21 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2011/10/18 20:06:01 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:[b]64bit:[/b] - [2011/10/18 20:06:01 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:[b]64bit:[/b] - [2011/10/08 22:43:17 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp) DRV:[b]64bit:[/b] - [2011/10/08 22:43:13 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273) DRV:[b]64bit:[/b] - [2011/10/08 22:43:12 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:[b]64bit:[/b] - [2011/10/08 22:43:06 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:[b]64bit:[/b] - [2011/09/09 12:10:19 | 000,046,112 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd) DRV:[b]64bit:[/b] - [2011/08/09 14:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2011/08/04 09:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:[b]64bit:[/b] - [2011/08/04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2011/08/04 09:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:[b]64bit:[/b] - [2011/08/04 09:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF) DRV:[b]64bit:[/b] - [2011/07/14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/07/14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011/03/26 10:19:48 | 012,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2011/03/10 06:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:[b]64bit:[/b] - [2011/03/10 06:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:[b]64bit:[/b] - [2011/03/01 16:33:16 | 004,720,704 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2011/02/17 13:25:02 | 001,419,824 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2011/01/13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2011/01/12 10:10:44 | 000,333,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:[b]64bit:[/b] - [2011/01/10 05:27:40 | 001,577,600 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:[b]64bit:[/b] - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/11/21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2010/11/20 15:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm) DRV:[b]64bit:[/b] - [2010/11/20 15:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:[b]64bit:[/b] - [2010/11/20 13:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:[b]64bit:[/b] - [2010/11/20 13:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr) DRV:[b]64bit:[/b] - [2010/10/20 16:57:30 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:[b]64bit:[/b] - [2010/10/19 10:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2010/10/14 19:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2010/07/29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb) DRV:[b]64bit:[/b] - [2010/07/01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV:[b]64bit:[/b] - [2009/11/19 15:06:43 | 000,158,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039unic.sys -- (s1039unic) DRV:[b]64bit:[/b] - [2009/11/19 15:06:43 | 000,137,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039obex.sys -- (s1039obex) DRV:[b]64bit:[/b] - [2009/11/19 15:06:43 | 000,034,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039nd5.sys -- (s1039nd5) DRV:[b]64bit:[/b] - [2009/11/19 15:06:41 | 000,141,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mgmt.sys -- (s1039mgmt) DRV:[b]64bit:[/b] - [2009/11/19 15:06:40 | 000,161,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdm.sys -- (s1039mdm) DRV:[b]64bit:[/b] - [2009/11/19 15:06:39 | 000,019,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdfl.sys -- (s1039mdfl) DRV:[b]64bit:[/b] - [2009/11/19 15:06:38 | 000,127,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039bus.sys -- (s1039bus) DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2006/08/29 16:56:20 | 000,032,377 | ---- | M] (B-phreaks) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\prodigy.sys -- (PRODIGY) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3883506892-4135024082-84057669-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com IE - HKU\S-1-5-21-3883506892-4135024082-84057669-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.babylon.com/?babsrc=HP_ss&mntrId=86e87787000000000000ccaf7801297f IE - HKU\S-1-5-21-3883506892-4135024082-84057669-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-3883506892-4135024082-84057669-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch&babsrc=SP_ss&mntrId=86e87787000000000000ccaf7801297f IE - HKU\S-1-5-21-3883506892-4135024082-84057669-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3883506892-4135024082-84057669-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012/04/15 19:47:12 | 000,000,000 | ---D | M] 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 12.0\extensions\\Components: C:\PROGRAM FILES\WATERFOX\COMPONENTS [2012/07/28 21:33:45 | 000,000,000 | ---D | M] 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 12.0\extensions\\Plugins: C:\PROGRAM FILES\WATERFOX\PLUGINS FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}: C:\Program Files\Acer ProShield\FFExt20 FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/04/15 19:47:12 | 000,000,000 | ---D | M] [2012/05/27 11:26:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\Extensions [2012/09/01 17:38:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\Firefox\Profiles\obbzrixx.default\extensions [2012/05/27 19:41:54 | 000,000,000 | ---D | M] (Polski slownik poprawnej pisowni) -- C:\Users\Ja\AppData\Roaming\mozilla\Firefox\Profiles\obbzrixx.default\extensions\pl@dictionaries.addons.mozilla.org [2012/09/01 17:38:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\Firefox\Profiles\obbzrixx.default\extensions\staged [2012/05/27 10:57:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011/10/17 18:25:31 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\mozilla firefox\extensions\quickstores@quickstores.de [2012/08/11 06:54:13 | 000,340,132 | ---- | M] () (No name found) -- C:\USERS\JA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OBBZRIXX.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI [2012/08/30 10:28:32 | 000,527,328 | ---- | M] () (No name found) -- C:\USERS\JA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OBBZRIXX.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI [2012/07/13 13:28:14 | 000,709,293 | ---- | M] () (No name found) -- C:\USERS\JA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OBBZRIXX.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI [2012/08/24 20:10:49 | 000,270,021 | ---- | M] () (No name found) -- C:\USERS\JA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OBBZRIXX.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI [2012/07/28 15:59:28 | 000,299,646 | ---- | M] () (No name found) -- C:\USERS\JA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OBBZRIXX.DEFAULT\EXTENSIONS\LANGPACK-PL@FIREFOX.MOZILLA.ORG.XPI [2012/03/01 10:34:49 | 000,002,298 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml O1 HOSTS File: ([2012/07/16 23:56:25 | 000,000,881 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 176.9.9.227 mpcforum.pl O1 - Hosts: 176.9.9.227 www.mpcforum.pl O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3883506892-4135024082-84057669-1000..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe (Creative Team S.A.) O4 - HKU\S-1-5-21-3883506892-4135024082-84057669-1000..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Ja\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\S-1-5-21-3883506892-4135024082-84057669-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O8:[b]64bit:[/b] - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:[b]64bit:[/b] - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:[b]64bit:[/b] - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:[b]64bit:[/b] - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 192.168.0.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35B00C7B-2C0F-48F9-875F-7E6E834AEC0D}: DhcpNameServer = 8.8.8.8 192.168.0.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35B00C7B-2C0F-48F9-875F-7E6E834AEC0D}: NameServer = 8.8.8.8,8.8.4.4 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/04/21 10:24:56 | 000,000,000 | ---D | M] - C:\automapa -- [ NTFS ] O33 - MountPoints2\{200094c5-fa77-11e0-8164-e89a8f5140e8}\Shell - "" = AutoRun O33 - MountPoints2\{200094c5-fa77-11e0-8164-e89a8f5140e8}\Shell\AutoRun\command - "" = E:\Startme.exe O33 - MountPoints2\{a937257d-2373-11e1-a342-e89a8f5140e8}\Shell - "" = AutoRun O33 - MountPoints2\{a937257d-2373-11e1-a342-e89a8f5140e8}\Shell\AutoRun\command - "" = E:\Autorun.exe O34 - HKLM BootExecute: (PDBoot.exe) O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/09/01 17:41:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Network Stumbler [2012/08/26 18:29:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Raxco [2012/08/26 18:29:54 | 000,000,000 | ---D | C] -- C:\Program Files\Raxco [2012/08/26 18:29:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Raxco [2012/08/26 18:28:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raxco [2012/08/18 11:31:19 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Omnius for SE [2012/08/18 11:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Omnius for SE [2012/08/18 11:30:22 | 000,000,000 | ---D | C] -- C:\Omnius_for_SE [2012/08/15 18:00:49 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/08/15 18:00:49 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/08/15 18:00:48 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/08/15 18:00:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/08/15 18:00:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/08/15 18:00:47 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/08/15 18:00:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/08/15 18:00:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/08/15 18:00:46 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/08/15 18:00:46 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/08/15 18:00:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/08/15 18:00:45 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/08/15 18:00:45 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/08/15 13:11:08 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2012/08/15 13:11:05 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012/08/15 13:11:04 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2012/08/15 13:11:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2012/08/15 13:11:04 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012/08/15 13:11:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012/08/15 13:11:03 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012/08/15 13:11:01 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012/08/13 20:35:31 | 000,000,000 | ---D | C] -- C:\VA-Progressive_Sampler_01-AEPS01-WEB-2011-TraX [2012/08/13 10:05:16 | 000,000,000 | ---D | C] -- C:\lp-flac [2012/08/11 21:55:43 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\Maxthon3 [2012/08/11 21:55:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Maxthon3 [2012/08/10 16:42:04 | 000,000,000 | ---D | C] -- C:\zdjecia_8gb [2012/08/10 16:41:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music NFO Builder [2012/08/10 16:41:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Music NFO Builder [2012/08/10 16:19:04 | 000,000,000 | ---D | C] -- C:\swiatlamiasta-instrumentale [2012/08/10 15:56:47 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\EAC [2012/08/10 15:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy [2012/08/10 15:56:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Exact Audio Copy [2012/08/09 14:53:35 | 000,000,000 | ---D | C] -- C:\grammatik [2012/08/05 15:15:15 | 000,000,000 | ---D | C] -- C:\maxthon_portable_3.4.2.3000 [2012/08/02 20:57:16 | 000,000,000 | ---D | C] -- C:\Barell [10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/09/01 18:18:04 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/09/01 14:48:08 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/09/01 14:48:08 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/09/01 12:10:55 | 000,001,930 | -H-- | M] () -- C:\Windows\tasks\{603380FE-28B7-4EFA-A9B9-A94C1D46A6EA}.job [2012/09/01 12:10:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/08/30 12:49:06 | 003,312,492 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012/08/30 12:49:06 | 001,070,620 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012/08/30 12:49:05 | 001,561,538 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/08/30 12:49:05 | 000,995,718 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/08/30 12:49:05 | 000,006,256 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/08/26 19:05:28 | 000,000,020 | ---- | M] () -- C:\Windows\SysNative\PDBootState [2012/08/26 18:30:03 | 000,002,031 | ---- | M] () -- C:\Users\Public\Desktop\PerfectDisk 12.5.lnk [2012/08/26 09:43:15 | 000,372,584 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/08/19 01:17:00 | 085,432,778 | ---- | M] () -- C:\PC Pro 04.2011.pdf [2012/08/18 11:27:40 | 068,412,747 | ---- | M] () -- C:\Omnius_for_SE.zip [2012/08/16 13:48:03 | 013,428,888 | ---- | M] () -- C:\Users\Ja\Desktop\Bassjackers Mush, Mush (Original Mix) www.maxelectro.pl.mp3 [2012/08/16 13:45:12 | 013,428,888 | ---- | M] () -- C:\Users\Ja\Desktop\Bassjackers Mush, Mush (Original Mix).mp3 [2012/08/15 12:19:40 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/08/15 12:19:40 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/08/13 19:05:23 | 000,000,391 | ---- | M] () -- C:\Users\Ja\AppData\Roaming\burnaware.ini [2012/08/11 21:55:46 | 000,001,090 | ---- | M] () -- C:\Users\Ja\Desktop\Maxthon 3.lnk [2012/08/11 15:50:00 | 000,602,975 | ---- | M] () -- C:\Users\Ja\Desktop\psycho_lol.mp3 [2012/08/10 23:32:17 | 000,039,999 | ---- | M] () -- C:\Users\Ja\Desktop\wall11.jpg [2012/08/10 17:17:35 | 000,008,473 | ---- | M] () -- C:\Users\Ja\.recently-used.xbel [2012/08/10 15:56:24 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\Exact Audio Copy.lnk [2012/08/10 00:54:01 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk [2012/08/08 00:00:55 | 000,000,837 | ---- | M] () -- C:\Users\Ja\Desktop\hl — skrót.lnk [2012/08/08 00:00:54 | 000,001,403 | ---- | M] () -- C:\Users\Ja\Desktop\Quake III 1366 x 768.lnk [2012/08/05 15:12:31 | 021,548,498 | ---- | M] () -- C:\maxthon_portable_3.4.2.3000.7z [10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/09/01 17:41:48 | 000,001,090 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Stumbler.lnk [2012/08/26 18:37:13 | 000,000,020 | ---- | C] () -- C:\Windows\SysNative\PDBootState [2012/08/26 18:30:03 | 000,002,031 | ---- | C] () -- C:\Users\Public\Desktop\PerfectDisk 12.5.lnk [2012/08/26 18:30:03 | 000,002,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerfectDisk 12.5.lnk [2012/08/26 09:42:46 | 000,372,584 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/08/19 01:08:26 | 085,432,778 | ---- | C] () -- C:\PC Pro 04.2011.pdf [2012/08/18 11:22:17 | 068,412,747 | ---- | C] () -- C:\Omnius_for_SE.zip [2012/08/16 13:47:11 | 013,428,888 | ---- | C] () -- C:\Users\Ja\Desktop\Bassjackers Mush, Mush (Original Mix) www.maxelectro.pl.mp3 [2012/08/16 13:44:17 | 013,428,888 | ---- | C] () -- C:\Users\Ja\Desktop\Bassjackers Mush, Mush (Original Mix).mp3 [2012/08/11 21:55:46 | 000,001,090 | ---- | C] () -- C:\Users\Ja\Desktop\Maxthon 3.lnk [2012/08/11 15:49:48 | 000,602,975 | ---- | C] () -- C:\Users\Ja\Desktop\psycho_lol.mp3 [2012/08/10 23:32:17 | 000,039,999 | ---- | C] () -- C:\Users\Ja\Desktop\wall11.jpg [2012/08/10 17:17:35 | 000,008,473 | ---- | C] () -- C:\Users\Ja\.recently-used.xbel [2012/08/10 15:56:24 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\Exact Audio Copy.lnk [2012/08/05 15:11:01 | 021,548,498 | ---- | C] () -- C:\maxthon_portable_3.4.2.3000.7z [2012/07/03 14:58:52 | 000,000,067 | ---- | C] () -- C:\Windows\lz_scm.ini [2012/05/10 15:23:47 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012/05/10 15:23:47 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012/04/25 12:35:45 | 000,000,600 | ---- | C] () -- C:\Users\Ja\AppData\Roaming\PUTTY.RND [2012/04/24 21:09:22 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll [2012/04/22 19:48:15 | 000,000,600 | ---- | C] () -- C:\Users\Ja\AppData\Local\PUTTY.RND [2012/03/23 20:35:40 | 000,000,600 | ---- | C] () -- C:\Users\Ja\AppData\Roaming\winscp.rnd [2012/03/07 19:42:23 | 000,000,391 | ---- | C] () -- C:\Users\Ja\AppData\Roaming\burnaware.ini [2012/03/01 00:29:03 | 000,000,964 | ---- | C] () -- C:\Windows\SOFPLAT.ini [2012/01/15 23:04:57 | 000,000,097 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc [2011/12/14 05:55:24 | 000,081,920 | ---- | C] () -- C:\Windows\qlprism-uninstall.exe [2011/11/03 22:54:37 | 000,003,149 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat [2011/10/21 16:59:38 | 000,003,024 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp CLI Encoder.dat [2011/10/15 22:36:01 | 000,000,926 | ---- | C] () -- C:\Windows\CDRipper.ini [2011/10/13 18:45:14 | 000,003,190 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat [2011/10/08 23:56:22 | 000,001,086 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp AIFF Codec.dat [2011/10/08 23:55:57 | 000,003,232 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Codec.dat [2011/10/08 23:55:00 | 000,003,024 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp FLAC Codec.dat [2011/10/08 23:49:10 | 000,013,082 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat [2011/10/08 23:49:05 | 000,421,552 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe [2011/10/08 23:49:05 | 000,017,950 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat [2011/10/02 19:38:37 | 000,000,000 | ---- | C] () -- C:\Users\Ja\Microsoft [2011/09/25 10:52:48 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2011/09/18 11:26:04 | 001,642,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/09/16 02:56:24 | 000,007,605 | ---- | C] () -- C:\Users\Ja\AppData\Local\Resmon.ResmonCfg [2011/07/26 06:09:28 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011/07/26 06:09:02 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011/07/26 06:09:01 | 000,214,760 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011/07/26 06:09:01 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011/07/26 06:09:00 | 013,355,008 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011/07/26 06:09:00 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2010/09/29 12:21:43 | 000,441,344 | ---- | C] ( ) -- C:\Windows\SetACL.exe [color=#E56717]========== LOP Check ==========[/color] [2012/08/22 17:54:03 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\.minecraft [2012/06/25 23:10:27 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\.mineshaftersquared [2012/07/02 23:55:23 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\AC3Filter [2011/10/08 22:47:39 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Acronis [2012/09/01 18:08:29 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\AIMP3 [2012/04/30 00:26:56 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Audacity [2012/03/01 10:34:48 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Babylon [2012/07/01 12:25:28 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\BESTplayer [2012/02/27 21:03:49 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\dBpoweramp [2012/09/01 12:11:38 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Dropbox [2012/05/22 18:14:12 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Dropbox Folder Sync [2012/06/29 01:11:10 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Druk Świadectw [2012/08/10 15:56:50 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\EAC [2012/04/15 19:48:15 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\ESET [2012/08/10 19:16:33 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\FileZilla [2012/08/10 01:44:11 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\foobar2000 [2011/09/16 14:48:38 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Foxit Software [2012/02/16 12:19:59 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\GG Tools [2011/11/10 19:41:04 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\GHISLER [2012/07/11 14:45:14 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\GrabPro [2012/08/10 17:17:35 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\gtk-2.0 [2012/06/27 22:56:54 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\HLSW [2012/03/15 00:15:54 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\iZotope [2012/08/11 21:55:50 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Maxthon3 [2012/01/15 22:57:29 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Mixed In Key LLC [2012/08/13 09:52:36 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Mp3tag [2011/10/31 14:14:12 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\MyPhoneExplorer [2012/06/29 13:25:32 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\NapiProjekt [2011/11/17 18:41:24 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\NetMedia Providers [2012/07/06 06:01:51 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Nokia [2012/06/22 23:28:31 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Notepad++ [2012/08/30 19:40:40 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Orbit [2012/07/06 06:01:55 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\PC Suite [2011/10/10 19:31:28 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\ProgSense [2011/11/17 18:41:24 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Publish Providers [2011/11/11 18:37:35 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\SoftGrid Client [2012/02/22 23:21:18 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Sony [2012/02/24 01:32:56 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Sony Creative Software Inc [2012/06/27 23:55:24 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\TeamViewer [2012/08/29 18:30:14 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\TeraCopy [2011/09/18 11:26:48 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\TP [2012/06/08 01:25:42 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\TS3Client [2012/03/16 17:34:10 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\ts3overlay [2012/08/26 11:03:51 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\uTorrent [2012/07/10 00:13:41 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\WallbaseBatchDownloader [2012/07/28 21:32:42 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Waterfox Limited [2011/11/05 18:43:30 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Windows Live Writer [2012/05/29 18:46:00 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\XnConvert [2012/08/04 11:07:38 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012/09/01 12:10:55 | 000,001,930 | -H-- | M] () -- C:\Windows\Tasks\{603380FE-28B7-4EFA-A9B9-A94C1D46A6EA}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2011/10/16 10:44:12 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?¨) -- C:\Windows\SysNative\꠰¨ [2011/10/16 10:44:12 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?¨) -- C:\Windows\SysNative\꠰¨ < End of report >