OTL logfile created on: 2012-10-06 18:59:07 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Downloads\!OTL 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,99 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 52,35% Memory free 7,98 Gb Paging File | 5,86 Gb Available in Paging File | 73,37% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1396,98 Gb Total Space | 1075,83 Gb Free Space | 77,01% Space Free | Partition Type: NTFS Drive D: | 149,05 Gb Total Space | 67,79 Gb Free Space | 45,48% Space Free | Partition Type: NTFS Drive E: | 931,51 Gb Total Space | 553,52 Gb Free Space | 59,42% Space Free | Partition Type: NTFS Computer Name: PAWEL | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-10-06 18:58:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\!OTL\OTL.exe PRC - [2012-09-07 13:57:29 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-08-10 18:59:52 | 004,440,896 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\user\AppData\Local\Akamai\netsession_win.exe PRC - [2012-06-01 18:01:54 | 004,407,296 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe PRC - [2012-06-01 18:01:44 | 000,720,896 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files (x86)\Cobian Backup 11\Cobian.exe PRC - [2011-06-13 11:01:08 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011-02-18 08:18:50 | 000,245,760 | ---- | M] () -- C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe PRC - [2010-07-27 18:33:18 | 001,167,360 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe PRC - [2010-04-16 16:10:58 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe PRC - [2010-02-04 04:45:59 | 000,131,752 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark 4900 Series\ezprint.exe PRC - [2010-02-04 04:45:51 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrmon.exe PRC - [2009-12-22 16:23:00 | 002,647,040 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe PRC - [2006-12-14 16:04:04 | 000,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\java.exe PRC - [2006-11-03 12:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe PRC - [2006-10-23 02:40:00 | 000,046,200 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe PRC - [2003-09-29 07:30:08 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-09-07 13:57:29 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2010-02-04 04:45:51 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrmon.exe MOD - [2010-02-04 04:29:57 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrcaps.dll MOD - [2010-02-04 04:29:49 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrscw.dll MOD - [2010-02-04 04:29:48 | 001,036,288 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrDRS.dll MOD - [2010-02-04 04:28:45 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\iptk.dll MOD - [2010-02-04 04:19:37 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrdatr.dll MOD - [2010-02-04 04:19:33 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrcnv4.dll MOD - [2009-12-22 16:23:00 | 002,647,040 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe MOD - [2009-12-18 17:23:58 | 000,194,560 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Win32Share.dll MOD - [2009-06-09 07:27:58 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Resource.dll MOD - [2008-03-17 04:52:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark 4900 Series\lxdrptp.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-10-04 10:16:38 | 000,200,768 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\AppStats\MfeASUM.exe -- (MfeASUM) SRV:[b]64bit:[/b] - [2012-09-12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:[b]64bit:[/b] - [2012-09-12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:[b]64bit:[/b] - [2012-08-06 12:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:[b]64bit:[/b] - [2012-04-06 04:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-10-16 11:01:09 | 001,039,360 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdrcoms.exe -- (lxdr_device) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012-09-21 12:39:19 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-09-07 13:57:29 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-09-07 01:02:26 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll -- (Akamai) SRV - [2012-08-27 01:26:21 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-07-13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-06-15 12:26:32 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe -- (McAfee SiteAdvisor Service) SRV - [2012-05-25 09:32:50 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe -- (cbVSCService11) SRV - [2011-06-13 11:01:08 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011-02-18 08:18:50 | 000,245,760 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe -- (UsbClientService) SRV - [2010-04-16 16:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe -- (Realtek11nSU) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-10-16 11:00:52 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdrcoms.exe -- (lxdr_device) SRV - [2009-08-07 17:39:21 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007-04-27 14:32:16 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3) SRV - [2003-09-29 07:30:08 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe -- (AMDRAIDXpert) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-10-04 10:16:38 | 000,031,408 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Program Files\McAfee\AppStats\MfeASKM.sys -- (MfeASKM) DRV:[b]64bit:[/b] - [2012-08-30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b]64bit:[/b] - [2012-05-15 21:02:38 | 000,017,280 | ---- | M] (Scott) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBDrv_AMD64.sys -- (usbUDisc) DRV:[b]64bit:[/b] - [2012-05-14 08:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2012-04-06 07:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2012-04-06 07:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2012-04-06 03:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2012-03-05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1) DRV:[b]64bit:[/b] - [2012-03-05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-06-10 14:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-05-16 18:35:14 | 000,156,912 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:[b]64bit:[/b] - [2011-03-24 01:43:42 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2011-03-24 01:43:41 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-02-18 08:20:34 | 000,056,160 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\busenum.sys -- (busenum) DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-08-12 00:52:53 | 000,502,256 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2010-07-01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc) DRV:[b]64bit:[/b] - [2010-06-19 08:36:04 | 000,017,920 | ---- | M] (Siliten) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\InputFilter_FlexDef2b.sys -- (InputFilter_Hid_FlexDef2b) DRV:[b]64bit:[/b] - [2010-06-08 13:50:06 | 000,692,768 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtl8192su.sys -- (RTL8192su) DRV:[b]64bit:[/b] - [2010-02-18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:[b]64bit:[/b] - [2009-12-18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:[b]64bit:[/b] - [2009-09-21 04:18:30 | 000,349,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cxpolar64.sys -- (CXPOLARIS) DRV:[b]64bit:[/b] - [2009-08-09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:[b]64bit:[/b] - [2009-07-17 09:37:06 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-12 15:53:12 | 000,020,480 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FlashUSB_x64.sys -- (FlashUSB) DRV:[b]64bit:[/b] - [2009-04-30 00:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV:[b]64bit:[/b] - [2009-04-23 14:25:46 | 000,044,544 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\cxcir64.sys -- (CXIR) DRV:[b]64bit:[/b] - [2009-03-27 01:23:54 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132) DRV:[b]64bit:[/b] - [2008-12-26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) DRV:[b]64bit:[/b] - [2008-08-06 10:26:08 | 000,174,592 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169) DRV:[b]64bit:[/b] - [2008-04-28 15:25:06 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) DRV:[b]64bit:[/b] - [2008-02-22 18:54:00 | 000,019,496 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GearAspiWDM) DRV:[b]64bit:[/b] - [2008-01-09 13:28:20 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:[b]64bit:[/b] - [2007-12-19 09:44:44 | 000,209,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s) DRV:[b]64bit:[/b] - [2006-12-05 12:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-05-12 15:53:12 | 000,020,480 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\FlashUsb_x64.sys -- (FlashUSB) DRV - [2004-10-26 11:22:50 | 000,002,410 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local; IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local; IE - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 29 82 93 AE 87 2A CA 01 [binary data] IE - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_pl&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={FBEED918-814A-4B52-867B-65B4125AFC29}&mid=107e10ed0bef47d6b352d1502037a03c-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pl&ds=AVG&pr=pr&d=2012-08-31 18:04:05&v=12.2.0.5&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\..\SearchScopes\{DEBA3A7B-7AEA-4BEA-A31F-26E53537C43B}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} IE - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421; [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: firegestures@xuldev.org:1.6.16 FF - prefs.js..extensions.enabledAddons: pagerank-client@koeniglich.ch:1.2 FF - prefs.js..extensions.enabledAddons: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.10 FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15 FF - prefs.js..extensions.enabledAddons: personas@christopher.beard:1.6.2 FF - prefs.js..extensions.enabledAddons: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.9.5.1 FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8 FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.6.1 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4 FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1 FF - prefs.js..extensions.enabledItems: pagerank@shopaddon.com:0.9.7 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2 FF - prefs.js..extensions.enabledItems: savecomplete@perlprogrammer.com:1.0.1 FF - prefs.js..extensions.enabledItems: {317B5128-0B0B-49b2-B2DB-1E7560E16C74}:2.7.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll File not found FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012-10-04 10:21:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-10-03 18:58:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-10-05 16:55:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-10-05 16:55:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012-10-05 16:55:21 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-10-03 18:58:24 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-10-05 16:55:21 | 000,000,000 | ---D | M] [2009-12-09 17:07:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions [2009-12-09 17:07:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012-09-27 08:34:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\cghs72yl.default\extensions [2012-08-23 00:09:35 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\cghs72yl.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2011-12-30 00:56:47 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\cghs72yl.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2011-03-12 23:13:22 | 000,000,000 | ---D | M] (Personas) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\cghs72yl.default\extensions\personas@christopher.beard [2012-09-01 00:37:51 | 001,625,368 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cghs72yl.default\extensions\firebug@software.joehewitt.com.xpi [2011-08-18 19:27:53 | 000,014,961 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cghs72yl.default\extensions\firefox@red-cog.com.xpi [2012-04-03 20:22:34 | 000,140,964 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cghs72yl.default\extensions\firegestures@xuldev.org.xpi [2011-09-02 09:35:18 | 000,067,270 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cghs72yl.default\extensions\ienetrenderer-nico@nc.xpi [2011-12-21 01:49:33 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cghs72yl.default\extensions\IplextoALL@ALLPlayer.org.xpi [2011-10-17 00:36:16 | 000,007,927 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cghs72yl.default\extensions\pagerank-client@koeniglich.ch.xpi [2011-06-17 15:36:09 | 000,167,626 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cghs72yl.default\extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}.xpi [2012-07-25 19:33:55 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cghs72yl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-29 20:49:32 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cghs72yl.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2012-09-13 01:49:05 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cghs72yl.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2008-01-24 11:30:48 | 000,001,878 | ---- | M] () -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cghs72yl.default\searchplugins\aolsearch.xml [2012-10-03 18:58:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-10-03 18:58:24 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-10-03 18:58:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-10-03 18:58:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-10-04 10:21:59 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR [2012-09-07 13:57:29 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010-08-24 11:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2012-08-25 05:42:39 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-08-31 18:04:00 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012-08-25 05:42:39 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-08-25 05:42:39 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-08-25 05:42:39 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-08-25 05:42:39 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-08-25 05:42:39 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: about:blank CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, CHR - homepage: http://www.chromefans.org/ CHR - homepage: http://www.chromefans.org/ CHR - homepage: about:blank CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Mixesoft Click&Clean Plug-In (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin/npccch32.dll CHR - plugin: Bitdefender QuickScan (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin/npqscan.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: BitCometAgent (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: HTML Validator = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgndfbhngibokieehnjhbjkkhbfmhojo\1.3.3_0\ CHR - Extension: Szukaj w Google = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: HTML Validation = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\epoepjgkmfbjagiemjadbjdbappjdgjo\0.4_0\ CHR - Extension: Click&Clean = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\ CHR - Extension: AdBlock = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.43_0\ CHR - Extension: Andrew@ChromeFans = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn\4.7.9_0\ CHR - Extension: Downloads = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb\1_1\ CHR - Extension: Andrew@ChromeFans = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jollpecbpialleljionejgkdgjfgamma\1.1_0\ CHR - Extension: Smooth Gestures = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld\0.15.4.12_0\ CHR - Extension: Chrome Downloads = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhaaapflafeapcmgbphlmealldkomfbe\1.21_0\ CHR - Extension: Sprawdzanie poczty Google = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.3.1_0\ CHR - Extension: Przegl\u0105darka dokument\u00F3w PDF/PowerPoint (od Google) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.9_0\ CHR - Extension: SEO for Chrome = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj\0.9.5_0\ CHR - Extension: Browser Button for AdBlock = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\picdndbpdnapajibahnnogkjofaeooof\0.0.13_0\ CHR - Extension: Gmail = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2011-03-30 00:51:21 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll (McAfee, Inc.) O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\..\Toolbar\WebBrowser: (Lexmark Pasek narzędzi) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 4900 Series\ezprint.exe (Lexmark International Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [lxdrmon.exe] C:\Program Files (x86)\Lexmark 4900 Series\lxdrmon.exe () O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation) O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Adobe_ID0EZEHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~3.EXE (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QT Lite\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-2130650989-848459207-2900068595-1000..\Run: [Akamai NetSession Interface] C:\Users\user\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-2130650989-848459207-2900068595-1000..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe (Creative Team S.A.) O4 - HKU\S-1-5-21-2130650989-848459207-2900068595-1000..\Run: [Cobian Backup 11] C:\Program Files (x86)\Cobian Backup 11\Cobian.exe (Luis Cobian, CobianSoft) O4 - HKU\S-1-5-21-2130650989-848459207-2900068595-1000..\Run: [OscarEditor] C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKU\S-1-5-21-2130650989-848459207-2900068595-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:[b]64bit:[/b] - Extra context menu item: Dołącz do istniejącego pliku PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Konwertuj do Adobe PDF - res://C:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found O8:[b]64bit:[/b] - Extra context menu item: Konwertuj miejsce docelowe łącza do Adobe PDF - res://C:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found O8:[b]64bit:[/b] - Extra context menu item: Konwertuj miejsce docelowe łącza do istniejącego pliku PDF - res://C:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found O8:[b]64bit:[/b] - Extra context menu item: Konwertuj wybrane łącza do Adobe PDF - res://C:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found O8:[b]64bit:[/b] - Extra context menu item: Konwertuj wybrane łącza do istniejącego pliku PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Konwertuj zaznaczenie do Adobe PDF - res://C:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found O8:[b]64bit:[/b] - Extra context menu item: Konwertuj zaznaczenie do istniejącego pliku PDF - res://C:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found O8 - Extra context menu item: Dołącz do istniejącego pliku PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Konwertuj do Adobe PDF - res://C:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found O8 - Extra context menu item: Konwertuj miejsce docelowe łącza do Adobe PDF - res://C:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found O8 - Extra context menu item: Konwertuj miejsce docelowe łącza do istniejącego pliku PDF - res://C:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found O8 - Extra context menu item: Konwertuj wybrane łącza do Adobe PDF - res://C:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found O8 - Extra context menu item: Konwertuj wybrane łącza do istniejącego pliku PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Konwertuj zaznaczenie do Adobe PDF - res://C:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found O8 - Extra context menu item: Konwertuj zaznaczenie do istniejącego pliku PDF - res://C:\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15B443F4-09A1-4899-A01B-0369AC960E9C}: DhcpNameServer = 192.168.2.200 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E056D351-0AD0-4BD3-BCA5-1660043501EB}: NameServer = 194.204.159.1,217.98.63.164 O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:[b]64bit:[/b] - Protocol\Filter\text/xml - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\user\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\user\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2012-03-02 20:42:47 | 000,162,908 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 180 Days ==========[/color] [2012-10-06 10:51:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client [2012-10-06 10:51:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2012-10-06 00:20:15 | 000,000,000 | ---D | C] -- C:\Users\user\DoctorWeb [2012-10-05 16:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012-10-05 16:54:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2012-10-05 16:38:57 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging [2012-10-04 10:16:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee [2012-10-04 00:03:22 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012-10-04 00:03:17 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012-10-03 17:08:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Exterminate It! [2012-10-03 16:47:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee [2012-10-03 16:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com [2012-10-03 16:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee [2012-10-03 16:47:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee [2012-10-03 16:35:45 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012-10-03 15:33:33 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Deployment [2012-10-03 00:19:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sunrise Seven [2012-10-02 16:50:43 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012-10-02 16:18:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support [2012-10-02 15:49:06 | 000,000,000 | -HSD | C] -- C:\Users\user\Desktop\%APPDATA% [2012-10-02 14:42:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix [2012-10-02 14:42:12 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Citrix [2012-10-01 15:59:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint [2012-10-01 15:59:16 | 000,000,000 | ---D | C] -- C:\WINSSLog [2012-09-30 22:49:48 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\as rock bios [2012-09-30 22:46:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire [2012-09-30 22:46:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FinalWire [2012-09-29 19:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2012-09-29 17:05:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\FreshDiagnose [2012-09-29 16:56:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreshDevices [2012-09-29 16:56:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreshDevices [2012-09-27 17:34:46 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Avg2013 [2012-09-27 17:17:48 | 000,016,200 | ---- | C] (McAfee, Inc.) -- C:\Windows\stinger.sys [2012-09-27 17:17:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger [2012-09-27 12:50:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012-09-27 10:02:13 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\MFAData [2012-09-27 02:10:25 | 000,000,000 | ---D | C] -- C:\mfe [2012-09-26 09:33:47 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [2012-09-25 23:22:13 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\Subtitle Edit [2012-09-23 17:51:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Uninstaller Tool(Comodo Forums) [2012-09-23 01:50:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-09-23 01:50:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-09-23 01:50:07 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-09-23 01:50:07 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-09-23 01:50:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-09-23 01:50:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-09-23 01:50:07 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012-09-23 01:50:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012-09-23 01:50:06 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012-09-23 01:50:06 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-09-23 01:50:06 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-09-23 01:50:04 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012-09-23 01:50:03 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012-09-23 01:50:03 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012-09-23 01:50:03 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012-09-21 12:39:10 | 009,573,296 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012-09-14 00:05:33 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\zdjecia do telefonow [2012-09-11 23:36:28 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2012-09-11 23:36:27 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2012-09-11 23:36:26 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2012-09-11 23:36:26 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2012-09-11 10:53:18 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\markan [2012-09-07 15:58:12 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\sam sam [2012-09-07 13:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012-09-07 01:27:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\TuneUp Software [2012-09-04 23:41:08 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012-09-04 23:41:08 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012-09-02 16:28:21 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\stopwirusom [2012-08-30 00:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012-08-30 00:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012-08-30 00:37:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-08-27 09:19:12 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Borok [2012-08-27 09:14:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory [2012-08-27 09:10:48 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\Motorola [2012-08-24 13:41:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bandizip [2012-08-24 13:41:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Bandizip [2012-08-19 12:23:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Malwarebytes [2012-08-19 12:23:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-08-19 12:23:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012-08-19 11:35:16 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\ECRSC [2012-08-19 11:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ESTsoft [2012-08-19 11:35:07 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\ESTsoft [2012-08-19 11:35:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESTsoft [2012-08-17 01:05:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\CheckPoint [2012-08-17 01:04:01 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2012-08-15 17:08:13 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2012-08-15 17:08:07 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012-08-15 17:08:07 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2012-08-15 17:08:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2012-08-15 17:08:05 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012-08-15 17:08:05 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012-08-15 17:08:05 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012-08-15 17:08:00 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012-08-14 00:32:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\McAfee [2012-08-13 20:13:16 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft [2012-08-13 00:26:38 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2012-08-12 23:54:43 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012-08-12 23:54:43 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012-08-12 23:35:31 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2012-08-12 23:35:10 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\IObit [2012-08-12 23:34:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit [2012-08-09 17:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA [2012-08-06 20:51:18 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5 [2012-08-06 20:51:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5 [2012-08-06 20:51:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MKV2AC3 [2012-08-06 20:45:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5 [2012-07-27 22:47:24 | 000,075,776 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll [2012-07-27 22:47:16 | 000,065,024 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll [2012-07-27 22:47:10 | 000,063,488 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll [2012-07-27 22:47:06 | 000,056,320 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll [2012-07-27 22:46:56 | 016,464,896 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll [2012-07-27 22:46:06 | 013,013,504 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll [2012-07-24 20:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QT Lite [2012-07-24 20:33:25 | 000,180,224 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QTCF.dll [2012-07-24 20:33:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QT Lite [2012-07-22 21:48:40 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\SM Sosnica [2012-07-21 12:34:07 | 000,000,000 | ---D | C] -- C:\DS3 [2012-07-11 20:57:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012-07-11 20:57:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012-07-11 20:57:36 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012-07-11 20:57:33 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012-07-11 20:57:32 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012-06-25 23:24:52 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012-06-25 23:24:52 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012-06-25 23:24:52 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012-06-25 23:24:48 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012-06-25 23:24:48 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012-06-25 23:24:48 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012-06-25 23:24:45 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012-06-25 23:24:45 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012-06-25 16:04:24 | 001,394,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4.dll [2012-06-23 13:38:23 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll [2012-06-23 13:38:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012-06-22 00:57:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11 [2012-06-22 00:57:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cobian Backup 11 [2012-06-13 19:26:37 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012-06-13 19:26:37 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012-06-13 19:26:37 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012-06-13 19:26:33 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012-06-13 19:26:31 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012-06-13 19:26:30 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012-06-13 19:26:18 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012-06-13 19:26:12 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012-06-13 19:26:12 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012-06-13 09:25:50 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Macromedia [2012-05-15 21:02:38 | 000,017,280 | ---- | C] (Scott) -- C:\Windows\SysNative\drivers\USBDrv_AMD64.sys [2012-05-15 21:01:06 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\tracer ovo [2012-05-14 08:12:30 | 000,096,896 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\AtihdW76.sys [2012-05-13 22:45:50 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon [2012-05-13 22:45:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Maxthon3 [2012-05-13 22:45:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Maxthon3 [2012-05-11 19:02:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012-05-11 19:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012-05-11 19:02:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012-05-09 09:45:42 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012-05-08 11:44:17 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\croma [2012-05-06 14:25:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Easy CD-DA Extractor [2012-05-06 14:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy CD-DA Extractor 16 [2012-05-06 14:25:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Easy CD-DA Extractor [2012-05-06 14:25:38 | 000,000,000 | ---D | C] -- C:\Program Files\Easy CD-DA Extractor 16 [2012-05-02 12:17:12 | 001,070,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX [2012-05-02 00:18:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2012-05-01 23:42:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012-04-26 22:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012-04-26 22:19:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012-04-18 20:56:30 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx [2012-04-18 20:56:30 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts [2012-04-16 09:51:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-04-16 09:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012-04-14 15:49:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Rovio [2012-04-13 16:06:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2012-04-11 02:01:01 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012-04-11 02:01:01 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2012-04-11 02:01:01 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [color=#E56717]========== Files - Modified Within 180 Days ==========[/color] [2012-10-06 18:55:51 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-10-06 18:54:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-10-06 18:54:29 | 3214,835,712 | -HS- | M] () -- C:\hiberfil.sys [2012-10-06 18:39:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-10-06 18:12:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130650989-848459207-2900068595-1000UA.job [2012-10-06 18:11:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-10-06 16:22:23 | 000,019,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-10-06 16:22:23 | 000,019,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-10-06 16:20:22 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2012-10-06 16:20:19 | 000,697,896 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-10-06 16:20:19 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-10-06 16:20:19 | 000,135,006 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-10-06 16:20:19 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-10-06 10:51:24 | 001,575,706 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-10-06 01:12:09 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130650989-848459207-2900068595-1000Core.job [2012-10-06 00:02:06 | 000,101,249 | ---- | M] () -- C:\ProgramData\1349474418.bdinstall.bin [2012-10-05 17:24:29 | 001,549,932 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-10-05 16:40:49 | 000,237,858 | ---- | M] () -- C:\ProgramData\1349447644.bdinstall.bin [2012-10-05 16:38:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf [2012-10-04 00:03:13 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012-10-04 00:03:08 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012-10-04 00:03:07 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll [2012-10-04 00:03:07 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012-10-04 00:03:07 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012-10-04 00:03:07 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012-10-03 23:59:55 | 000,002,043 | ---- | M] () -- C:\Users\user\Desktop\JDownloader.lnk [2012-10-02 18:27:09 | 000,000,134 | ---- | M] () -- C:\Users\user\Desktop\Rozwiązywanie problemów z programem Internet Explorer.url [2012-10-01 09:30:00 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\Synology Data Replicator 3-PAWEL-user.job [2012-09-30 22:46:37 | 000,001,237 | ---- | M] () -- C:\Users\user\Desktop\AIDA64 Extreme Edition.lnk [2012-09-29 18:13:52 | 000,029,802 | ---- | M] () -- C:\Users\user\Documents\Kontakty_17615.xml [2012-09-29 18:08:30 | 000,016,200 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys [2012-09-29 16:56:04 | 000,001,188 | ---- | M] () -- C:\Users\user\Desktop\FreshDiagnose.lnk [2012-09-21 12:39:18 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-09-21 12:39:18 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-09-21 12:39:10 | 009,573,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012-09-19 20:20:42 | 000,059,768 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys [2012-09-19 16:49:13 | 000,068,762 | ---- | M] () -- C:\Users\user\Desktop\POTWIERDZENIE ZAMÓWIENIA nr 0178424770.pdf [2012-09-13 23:11:18 | 000,007,668 | ---- | M] () -- C:\Users\user\Desktop\kontakty.csv [2012-09-11 11:17:10 | 000,000,492 | ---- | M] () -- C:\Users\user\Desktop\IDispatch.reg [2012-09-07 01:42:49 | 000,007,586 | ---- | M] () -- C:\Users\user\AppData\Local\Resmon.ResmonCfg [2012-09-02 20:53:05 | 000,713,498 | ---- | M] () -- C:\Users\user\Desktop\stopwirusom.zip [2012-09-02 16:27:54 | 000,688,693 | ---- | M] () -- C:\Users\user\Desktop\wellcommerce_tech.zip [2012-08-31 14:36:29 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-08-30 23:10:34 | 000,005,409 | ---- | M] () -- C:\Users\user\Documents\loading.gif [2012-08-30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys [2012-08-27 09:14:39 | 000,001,204 | ---- | M] () -- C:\Users\user\Desktop\Format Factory.lnk [2012-08-26 23:16:12 | 000,001,248 | ---- | M] () -- C:\Users\user\AppData\Roaming\System Monitor II_Settings.ini [2012-08-24 13:41:44 | 000,001,144 | ---- | M] () -- C:\Users\user\Desktop\Bandizip.lnk [2012-08-24 13:24:57 | 001,131,835 | ---- | M] () -- C:\Users\user\Desktop\Sothink SWF to Video.zip [2012-08-24 13:09:47 | 000,002,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-08-24 12:31:32 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012-08-24 12:20:11 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-08-24 12:18:46 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-08-24 12:14:45 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012-08-24 12:14:34 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012-08-24 12:13:29 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012-08-24 12:11:57 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012-08-24 12:10:14 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-08-24 12:04:06 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-08-24 08:51:02 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-08-24 08:49:57 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-08-24 08:47:36 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012-08-24 08:47:26 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012-08-24 08:44:10 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-08-24 08:40:11 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-08-22 20:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2012-08-22 20:12:33 | 000,288,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2012-08-21 23:01:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [2012-08-21 09:32:57 | 000,004,356 | ---- | M] () -- C:\Users\user\Desktop\baner.zip [2012-08-16 09:24:14 | 003,044,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-08-13 14:31:30 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat [2012-08-12 23:54:43 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012-08-12 23:54:43 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012-08-09 14:55:02 | 000,086,822 | ---- | M] () -- C:\Users\user\Documents\FileZilla.xml [2012-08-08 11:16:05 | 000,124,552 | ---- | M] () -- C:\Users\user\Documents\bookmarks.html [2012-08-06 20:51:09 | 000,003,019 | ---- | M] () -- C:\Users\user\Desktop\MKV2AC3.lnk [2012-08-06 20:46:37 | 000,008,192 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-08-02 19:58:52 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2012-08-01 14:21:00 | 061,742,577 | ---- | M] () -- C:\Users\user\Documents\moldysz_www.cto [2012-07-27 22:47:40 | 000,187,392 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe [2012-07-27 22:47:24 | 000,075,776 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll [2012-07-27 22:47:16 | 000,065,024 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll [2012-07-27 22:47:10 | 000,063,488 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll [2012-07-27 22:47:06 | 000,056,320 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll [2012-07-27 22:46:56 | 016,464,896 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll [2012-07-27 22:46:06 | 013,013,504 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll [2012-07-26 22:18:22 | 014,687,740 | ---- | M] () -- C:\Users\user\Documents\facebook-new-fanpage-gui-free-psd.psd.zip [2012-07-05 00:16:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012-07-05 00:13:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012-07-04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012-07-04 22:26:03 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2012-06-25 16:04:24 | 001,394,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4.dll [2012-06-17 15:55:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-06-06 08:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012-06-06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012-06-03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012-06-03 00:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012-06-03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012-06-03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012-06-03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012-06-03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012-06-02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012-06-02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012-06-02 07:44:21 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012-05-15 22:31:37 | 000,459,366 | ---- | M] () -- C:\Users\user\Desktop\netgear-paragon.jpg [2012-05-15 21:02:38 | 000,017,280 | ---- | M] (Scott) -- C:\Windows\SysNative\drivers\USBDrv_AMD64.sys [2012-05-15 21:02:38 | 000,002,987 | ---- | M] () -- C:\Windows\SysNative\drivers\USBDrv.inf [2012-05-14 08:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\AtihdW76.sys [2012-05-14 07:26:34 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012-05-05 10:36:55 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2012-05-04 13:06:22 | 005,559,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012-05-04 12:03:53 | 003,968,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012-05-04 12:03:50 | 003,913,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012-05-02 12:17:12 | 001,070,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX [2012-04-26 07:41:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012-04-26 07:41:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012-04-26 07:34:27 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012-04-24 07:37:37 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012-04-24 07:37:36 | 001,462,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012-04-18 20:56:30 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx [2012-04-18 20:56:30 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts [5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-10-06 10:51:29 | 000,002,123 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2012-10-06 00:02:06 | 000,101,249 | ---- | C] () -- C:\ProgramData\1349474418.bdinstall.bin [2012-10-05 16:40:49 | 000,237,858 | ---- | C] () -- C:\ProgramData\1349447644.bdinstall.bin [2012-10-05 16:38:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf [2012-10-03 23:59:55 | 000,002,043 | ---- | C] () -- C:\Users\user\Desktop\JDownloader.lnk [2012-10-02 18:27:09 | 000,000,134 | ---- | C] () -- C:\Users\user\Desktop\Rozwiązywanie problemów z programem Internet Explorer.url [2012-09-30 22:46:37 | 000,001,237 | ---- | C] () -- C:\Users\user\Desktop\AIDA64 Extreme Edition.lnk [2012-09-29 18:13:51 | 000,029,802 | ---- | C] () -- C:\Users\user\Documents\Kontakty_17615.xml [2012-09-29 16:56:04 | 000,001,188 | ---- | C] () -- C:\Users\user\Desktop\FreshDiagnose.lnk [2012-09-19 16:49:08 | 000,068,762 | ---- | C] () -- C:\Users\user\Desktop\POTWIERDZENIE ZAMÓWIENIA nr 0178424770.pdf [2012-09-13 23:11:18 | 000,007,668 | ---- | C] () -- C:\Users\user\Desktop\kontakty.csv [2012-09-11 11:17:09 | 000,000,492 | ---- | C] () -- C:\Users\user\Desktop\IDispatch.reg [2012-09-02 20:47:36 | 000,713,498 | ---- | C] () -- C:\Users\user\Desktop\stopwirusom.zip [2012-09-02 16:27:53 | 000,688,693 | ---- | C] () -- C:\Users\user\Desktop\wellcommerce_tech.zip [2012-08-27 09:14:39 | 000,001,204 | ---- | C] () -- C:\Users\user\Desktop\Format Factory.lnk [2012-08-24 13:41:44 | 000,001,144 | ---- | C] () -- C:\Users\user\Desktop\Bandizip.lnk [2012-08-24 13:32:13 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-08-24 13:09:47 | 000,002,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-08-21 09:31:47 | 000,004,356 | ---- | C] () -- C:\Users\user\Desktop\baner.zip [2012-08-14 01:29:49 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif [2012-08-14 01:29:37 | 001,575,706 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-08-08 11:16:05 | 000,124,552 | ---- | C] () -- C:\Users\user\Documents\bookmarks.html [2012-08-06 20:50:53 | 000,003,019 | ---- | C] () -- C:\Users\user\Desktop\MKV2AC3.lnk [2012-08-01 14:20:06 | 061,742,577 | ---- | C] () -- C:\Users\user\Documents\moldysz_www.cto [2012-07-27 22:47:40 | 000,187,392 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe [2012-07-26 22:18:06 | 014,687,740 | ---- | C] () -- C:\Users\user\Documents\facebook-new-fanpage-gui-free-psd.psd.zip [2012-06-17 15:55:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-05-15 22:31:32 | 000,459,366 | ---- | C] () -- C:\Users\user\Desktop\netgear-paragon.jpg [2012-05-15 21:02:38 | 000,002,987 | ---- | C] () -- C:\Windows\SysNative\drivers\USBDrv.inf [2012-03-12 01:26:51 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012-03-09 06:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012-03-09 06:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012-01-31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2011-12-11 17:28:28 | 000,000,037 | ---- | C] () -- C:\Windows\SWFConverter.INI [2011-10-25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll [2011-09-19 00:06:11 | 000,000,352 | ---- | C] () -- C:\Users\user\AppData\Roaming\Network Meter_Settings.ini [2011-09-17 18:48:00 | 000,000,339 | ---- | C] () -- C:\Users\user\AppData\Roaming\Drives Meter_Settings.ini [2011-09-17 18:45:31 | 000,000,412 | ---- | C] () -- C:\Users\user\AppData\Roaming\All CPU Meter_Settings.ini [2011-09-13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011-09-09 13:21:40 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2011-08-11 00:11:44 | 000,008,736 | ---- | C] () -- C:\Users\user\AppData\Roaming\UserTile.png [2011-08-02 17:15:56 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\LXDRinst.dll [2011-08-02 17:15:55 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdrpmui.dll [2011-08-02 17:15:55 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdrinpa.dll [2011-08-02 17:15:55 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdriesc.dll [2011-08-02 17:15:55 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdrcomx.dll [2011-08-02 17:15:54 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdrserv.dll [2011-08-02 17:15:54 | 000,860,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdrusb1.dll [2011-08-02 17:15:54 | 000,761,856 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdrcomc.dll [2011-08-02 17:15:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdrhbn3.dll [2011-08-02 17:15:54 | 000,589,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdrcoms.exe [2011-08-02 17:15:54 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdrlmpm.dll [2011-08-02 17:15:54 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdrcomm.dll [2011-08-02 17:15:54 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdrcfg.exe [2011-08-02 17:15:54 | 000,323,584 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdrih.exe [2011-06-22 00:37:41 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2011-06-13 11:00:36 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011-05-23 23:24:42 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-12-19 18:44:24 | 000,000,438 | ---- | C] () -- C:\Users\user\AppData\Roaming\Ping Monitor_Settings.ini [2010-10-29 22:38:47 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2010-10-19 23:38:32 | 000,000,423 | ---- | C] () -- C:\Users\user\AppData\Roaming\Network Monitor II_Settings.ini [2010-10-19 23:37:14 | 000,000,289 | ---- | C] () -- C:\Users\user\AppData\Roaming\Drives Monitor_Settings.ini [2010-10-19 23:35:45 | 000,001,248 | ---- | C] () -- C:\Users\user\AppData\Roaming\System Monitor II_Settings.ini [2010-05-08 18:08:03 | 000,000,600 | ---- | C] () -- C:\Users\user\AppData\Local\PUTTY.RND [2009-12-21 00:08:29 | 000,008,192 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-09 21:59:18 | 000,007,586 | ---- | C] () -- C:\Users\user\AppData\Local\Resmon.ResmonCfg [2009-11-09 20:33:11 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009-11-09 19:43:24 | 005,505,024 | -HS- | C] () -- C:\Users\user\NTUSER.bak [2009-09-29 21:25:00 | 000,036,280 | ---- | C] () -- C:\Users\user\GamingC.mac [2009-08-25 21:18:51 | 000,000,885 | ---- | C] () -- C:\Users\user\AppData\Roaming\qnapi.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:55:00 | 000,000,227 | ---- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2009-12-30 02:30:23 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Thunderbird [2012-10-03 17:12:26 | 000,000,000 | ---D | M] -- C:\Users\test2\AppData\Roaming\Curiolab [2011-09-29 02:10:01 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\.wtw [2012-10-06 18:24:27 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AIMP3 [2011-07-02 01:09:26 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Ashampoo [2012-10-03 18:58:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Audacity [2011-01-01 20:28:08 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG10 [2011-10-28 15:26:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Avnex [2009-11-09 20:01:50 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\becker [2012-10-03 18:58:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Bioshock [2010-11-17 00:17:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\BitComet [2012-08-17 01:05:57 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\CheckPoint [2010-09-27 00:45:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Command & Conquer 3 Kane's Wrath [2009-11-09 20:01:50 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Command & Conquer 3 Tiberium Wars [2009-11-09 20:01:51 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Command & Conquer 3 Tiberium Wars Demo [2011-09-04 01:35:45 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\CrystalIdea Software [2011-07-22 12:33:40 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DAEMON Tools Lite [2011-07-22 12:33:40 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DAEMON Tools Pro [2012-10-06 18:44:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\EditPlus 3 [2009-11-12 23:21:48 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\eMule [2011-07-27 18:10:33 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ESET [2012-10-03 18:58:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\EssentialPIM [2012-10-03 18:58:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\EurekaLog [2012-10-06 18:24:27 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\FileZilla [2012-09-29 17:31:32 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\FreshDiagnose [2012-10-03 18:58:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GG [2012-08-12 23:38:37 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\IObit [2012-10-03 18:58:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ipla [2009-11-30 11:19:05 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Lexmark Productivity Studio [2010-03-24 00:37:06 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\LG Electronics [2011-11-17 17:10:26 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\MAGIX [2012-05-13 22:46:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Maxthon3 [2010-01-07 12:02:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Moyea [2012-10-03 18:58:56 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\NapiProjekt [2009-11-09 20:02:03 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Nokia [2011-11-15 02:41:00 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Opera [2009-11-09 20:02:04 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PC Suite [2011-05-02 13:50:53 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PDF Writer [2011-08-11 00:11:44 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PeerNetworking [2011-04-16 13:01:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\QuickScan [2012-04-14 15:49:48 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Rovio [2011-10-28 16:02:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Screaming Bee [2009-12-15 12:17:05 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Softland [2009-09-29 23:03:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\temp [2012-10-03 18:58:56 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Thunderbird [2012-09-07 01:27:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TuneUp Software [2012-10-03 18:58:57 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Uninstaller Tool(Comodo Forums) [2011-09-06 17:28:00 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\uTorrent [2011-08-02 16:40:08 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\wargaming.net [2011-03-29 01:08:04 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\XRay Engine [2012-05-13 01:05:21 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\YoWindow [color=#E56717]========== Purity Check ==========[/color] < End of report >