OTL logfile created on: 2013-01-22 18:07:28 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcin\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 5,98 Gb Total Physical Memory | 3,97 Gb Available Physical Memory | 66,37% Memory free 11,97 Gb Paging File | 9,87 Gb Available in Paging File | 82,46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 73,83 Gb Total Space | 22,01 Gb Free Space | 29,81% Space Free | Partition Type: NTFS Drive D: | 837,68 Gb Total Space | 132,57 Gb Free Space | 15,83% Space Free | Partition Type: NTFS Drive E: | 931,51 Gb Total Space | 314,94 Gb Free Space | 33,81% Space Free | Partition Type: NTFS Drive F: | 640,37 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: MARCIN-KOMPUTER | User Name: Marcin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-01-22 18:06:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marcin\Downloads\OTL.exe PRC - [2013-01-20 23:07:39 | 000,255,992 | ---- | M] (Microsoft Corporation) -- C:\Users\Marcin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe PRC - [2013-01-12 18:40:24 | 001,355,264 | ---- | M] () -- C:\Program Files (x86)\KatMouse\KatMouse.exe PRC - [2012-12-29 00:02:24 | 028,539,392 | ---- | M] (Dropbox, Inc.) -- C:\Users\Marcin\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012-11-17 18:28:10 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Marcin\Downloads\utorrent.exe PRC - [2012-11-15 22:19:44 | 005,979,648 | ---- | M] ( ) -- C:\Program Files (x86)\ChomikBox\chomikbox.exe PRC - [2012-10-24 14:07:34 | 017,255,936 | ---- | M] (Clementine) -- C:\Program Files (x86)\Clementine\clementine.exe PRC - [2012-10-24 14:07:34 | 000,899,072 | ---- | M] () -- C:\Program Files (x86)\Clementine\clementine-tagreader.exe PRC - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-04-04 06:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010-11-16 14:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DataCardService\DCSHelper.exe PRC - [2010-10-05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010-10-05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-01-13 21:30:06 | 001,620,480 | ---- | M] () -- C:\Program Files (x86)\KatMouse\KatMouseH.dll MOD - [2013-01-12 18:40:24 | 001,355,264 | ---- | M] () -- C:\Program Files (x86)\KatMouse\KatMouse.exe MOD - [2013-01-12 18:40:22 | 000,362,496 | ---- | M] () -- C:\Program Files (x86)\KatMouse\KatMouseS.dll MOD - [2012-10-24 14:07:34 | 000,899,072 | ---- | M] () -- C:\Program Files (x86)\Clementine\clementine-tagreader.exe MOD - [2012-10-08 11:17:30 | 000,705,536 | ---- | M] () -- C:\Program Files (x86)\Clementine\libqjson.dll MOD - [2012-10-08 11:17:30 | 000,480,256 | ---- | M] () -- C:\Program Files (x86)\Clementine\libgcrypt-11.dll MOD - [2012-10-08 11:17:30 | 000,346,112 | ---- | M] () -- C:\Program Files (x86)\Clementine\liblastfm.dll MOD - [2012-10-08 11:17:30 | 000,285,184 | ---- | M] () -- C:\Program Files (x86)\Clementine\liborc-0.4-0.dll MOD - [2012-10-08 11:17:30 | 000,206,848 | ---- | M] () -- C:\Program Files (x86)\Clementine\libprotobuf-lite-7.dll MOD - [2012-10-08 11:17:30 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\Clementine\gstreamer-plugins\libgstcoreelements.dll MOD - [2012-10-08 11:17:30 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Clementine\libgstcontroller-0.10-0.dll MOD - [2012-10-08 11:17:30 | 000,116,736 | ---- | M] () -- C:\Program Files (x86)\Clementine\libgstaudio-0.10-0.dll MOD - [2012-10-08 11:17:30 | 000,095,232 | ---- | M] () -- C:\Program Files (x86)\Clementine\libgsttag-0.10-0.dll MOD - [2012-10-08 11:17:30 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Clementine\gstreamer-plugins\libgstdecodebin2.dll MOD - [2012-10-08 11:17:30 | 000,089,600 | ---- | M] () -- C:\Program Files (x86)\Clementine\libimobiledevice-1.dll MOD - [2012-10-08 11:17:30 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Clementine\gstreamer-plugins\libgstdirectsoundsink.dll MOD - [2012-10-08 11:17:30 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\Clementine\gstreamer-plugins\libgstaudioconvert.dll MOD - [2012-10-08 11:17:30 | 000,071,168 | ---- | M] () -- C:\Program Files (x86)\Clementine\gstreamer-plugins\libgstflac.dll MOD - [2012-10-08 11:17:30 | 000,065,024 | ---- | M] () -- C:\Program Files (x86)\Clementine\gstreamer-plugins\libgsttypefindfunctions.dll MOD - [2012-10-08 11:17:30 | 000,063,488 | ---- | M] () -- C:\Program Files (x86)\Clementine\libplist.dll MOD - [2012-10-08 11:17:30 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Clementine\gstreamer-plugins\libgstaudioresample.dll MOD - [2012-10-08 11:17:30 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\Clementine\libgstinterfaces-0.10-0.dll MOD - [2012-10-08 11:17:30 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\Clementine\libgstpbutils-0.10-0.dll MOD - [2012-10-08 11:17:30 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Clementine\libgstapp-0.10-0.dll MOD - [2012-10-08 11:17:30 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\Clementine\libgstcdda-0.10-0.dll MOD - [2012-10-08 11:17:30 | 000,029,696 | ---- | M] () -- C:\Program Files (x86)\Clementine\gstreamer-plugins\libgsttcp.dll MOD - [2012-10-08 11:17:30 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\Clementine\gstreamer-plugins\libgstequalizer.dll MOD - [2012-10-08 11:17:30 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Clementine\gstreamer-plugins\libgstvolume.dll MOD - [2012-10-08 11:17:30 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Clementine\libusbmuxd.dll MOD - [2012-10-08 11:17:30 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Clementine\libogg-0.dll MOD - [2012-10-08 11:17:30 | 000,007,182 | ---- | M] () -- C:\Program Files (x86)\Clementine\mingwm10.dll MOD - [2012-10-08 11:17:28 | 001,648,640 | ---- | M] () -- C:\Program Files (x86)\Clementine\libtag.dll MOD - [2012-10-08 11:17:28 | 001,068,558 | ---- | M] () -- C:\Program Files (x86)\Clementine\libxml2-2.dll MOD - [2012-10-08 11:17:28 | 000,898,560 | ---- | M] () -- C:\Program Files (x86)\Clementine\libfftw3-3.dll MOD - [2012-10-08 11:17:28 | 000,675,840 | ---- | M] () -- C:\Program Files (x86)\Clementine\libgstreamer-0.10-0.dll MOD - [2012-10-08 11:17:28 | 000,524,288 | ---- | M] () -- C:\Program Files (x86)\Clementine\libgnutls-26.dll MOD - [2012-10-08 11:17:28 | 000,314,368 | ---- | M] () -- C:\Program Files (x86)\Clementine\libFLAC.dll MOD - [2012-10-08 11:17:28 | 000,303,104 | ---- | M] () -- C:\Program Files (x86)\Clementine\glew32.dll MOD - [2012-10-08 11:17:28 | 000,219,648 | ---- | M] () -- C:\Program Files (x86)\Clementine\libgstbase-0.10-0.dll MOD - [2012-10-08 11:17:28 | 000,180,238 | ---- | M] () -- C:\Program Files (x86)\Clementine\libpng14-14.dll MOD - [2012-10-08 11:17:28 | 000,122,368 | ---- | M] () -- C:\Program Files (x86)\Clementine\libcdio-12.dll MOD - [2012-10-08 11:17:28 | 000,100,352 | ---- | M] () -- C:\Program Files (x86)\Clementine\zlib1.dll MOD - [2012-10-08 11:17:28 | 000,055,808 | ---- | M] () -- C:\Program Files (x86)\Clementine\libtasn1-3.dll MOD - [2012-10-08 11:17:28 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Clementine\libgpg-error-0.dll MOD - [2012-10-08 11:17:28 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Clementine\libgcc_s_dw2-1.dll MOD - [2012-10-08 11:17:28 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Clementine\liborc-test-0.4-0.dll MOD - [2012-02-22 16:25:06 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\tsplugins\integration\chomikbox_win7.tsp MOD - [2011-12-02 14:15:16 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgstcontroller-0.10.dll MOD - [2011-12-02 14:15:16 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgstpbutils-0.10.dll MOD - [2011-12-02 14:15:16 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgstinterfaces-0.10.dll MOD - [2011-12-02 14:15:14 | 001,520,128 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libvorbisenc-2.dll MOD - [2011-12-02 14:15:14 | 000,718,336 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgnutls-26.dll MOD - [2011-12-02 14:15:14 | 000,699,392 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgstreamer-0.10.dll MOD - [2011-12-02 14:15:14 | 000,604,160 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgcrypt-11.dll MOD - [2011-12-02 14:15:14 | 000,331,264 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libFLAC-8.dll MOD - [2011-12-02 14:15:14 | 000,162,304 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libvorbis-0.dll MOD - [2011-12-02 14:15:14 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgsttag-0.10.dll MOD - [2011-12-02 14:15:14 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\avutil-lgpl-50.dll MOD - [2011-12-02 14:15:14 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgstaudio-0.10.dll MOD - [2011-12-02 14:15:14 | 000,070,656 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgstrtp-0.10.dll MOD - [2011-12-02 14:15:14 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libbz2.dll MOD - [2011-12-02 14:15:14 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgstapp-0.10.dll MOD - [2011-12-02 14:15:14 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgpg-error-0.dll MOD - [2011-12-02 14:15:14 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libogg-0.dll MOD - [2011-12-02 14:15:06 | 000,228,864 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstdirectsound.dll MOD - [2011-12-02 14:15:06 | 000,212,992 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstcoreelements.dll MOD - [2011-12-02 14:15:06 | 000,197,632 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstplaybin.dll MOD - [2011-12-02 14:15:06 | 000,180,736 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstffmpeg-lgpl.dll MOD - [2011-12-02 14:15:06 | 000,151,040 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegdemux.dll MOD - [2011-12-02 14:15:06 | 000,149,504 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstqtdemux.dll MOD - [2011-12-02 14:15:06 | 000,132,608 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstogg.dll MOD - [2011-12-02 14:15:06 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstqtmux.dll MOD - [2011-12-02 14:15:06 | 000,095,232 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstasf.dll MOD - [2011-12-02 14:15:06 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstdecodebin2.dll MOD - [2011-12-02 14:15:06 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstaudioconvert.dll MOD - [2011-12-02 14:15:06 | 000,077,312 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libtasn1-3.dll MOD - [2011-12-02 14:15:06 | 000,069,120 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstflac.dll MOD - [2011-12-02 14:15:06 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstasfmux.dll MOD - [2011-12-02 14:15:06 | 000,061,952 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgsttypefindfunctions.dll MOD - [2011-12-02 14:15:06 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegstream.dll MOD - [2011-12-02 14:15:06 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstvorbis.dll MOD - [2011-12-02 14:15:06 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstaudioresample.dll MOD - [2011-12-02 14:15:06 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstwavpack.dll MOD - [2011-12-02 14:15:06 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegaudioparse.dll MOD - [2011-12-02 14:15:06 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstwavparse.dll MOD - [2011-12-02 14:15:06 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegtsmux.dll MOD - [2011-12-02 14:15:06 | 000,038,400 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstaiff.dll MOD - [2011-12-02 14:15:06 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstrawparse.dll MOD - [2011-12-02 14:15:06 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstinterleave.dll MOD - [2011-12-02 14:15:06 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstreplaygain.dll MOD - [2011-12-02 14:15:06 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstvolume.dll MOD - [2011-12-02 14:15:06 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstdecodebin.dll MOD - [2011-12-02 14:15:06 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstid3demux.dll MOD - [2011-12-02 14:15:06 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstreal.dll MOD - [2011-12-02 14:15:06 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegpsmux.dll MOD - [2011-12-02 14:15:06 | 000,029,184 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstautodetect.dll MOD - [2011-12-02 14:15:06 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstequalizer.dll MOD - [2011-12-02 14:15:06 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstneonhttpsrc.dll MOD - [2011-12-02 14:15:06 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstcdxaparse.dll MOD - [2011-12-02 14:15:06 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgsttta.dll MOD - [2011-12-02 14:15:06 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstaudiorate.dll MOD - [2011-12-02 14:15:06 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstwasapi.dll MOD - [2011-12-02 14:15:06 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstlevel.dll MOD - [2011-12-02 14:15:06 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstauparse.dll MOD - [2011-12-02 14:15:06 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstalaw.dll MOD - [2011-12-02 14:15:06 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstspeed.dll MOD - [2011-12-02 14:15:06 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstwaveformsink.dll MOD - [2011-12-02 14:15:06 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgsticydemux.dll MOD - [2011-12-02 14:15:06 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstwaveenc.dll MOD - [2011-12-02 14:15:06 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstapetag.dll MOD - [2011-12-02 14:15:06 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstnetsim.dll MOD - [2011-12-02 14:15:06 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstacmmp3dec.dll MOD - [2011-12-02 14:15:06 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgststereo.dll MOD - [2011-12-02 14:15:06 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstcoreindexers.dll MOD - [2011-12-02 14:15:06 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\gplugins\libgstapp.dll MOD - [2011-12-02 14:14:40 | 000,881,664 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\avformat-lgpl-52.dll MOD - [2011-12-02 14:14:40 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libexpat-1.dll MOD - [2011-12-02 14:14:40 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\z.dll MOD - [2011-12-02 14:14:32 | 005,038,592 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\avcodec-lgpl-52.dll MOD - [2011-12-02 14:14:32 | 001,396,736 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libxml2-2.dll MOD - [2011-12-02 14:14:32 | 000,563,712 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\liborc-0.4-0.dll MOD - [2011-12-02 14:14:32 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgstbase-0.10.dll MOD - [2011-12-02 14:14:32 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libwavpack-1.dll MOD - [2011-12-02 14:14:32 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libneon-27.dll MOD - [2011-12-02 14:14:32 | 000,070,144 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgstrtsp-0.10.dll MOD - [2011-12-02 14:14:32 | 000,041,984 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgstriff-0.10.dll MOD - [2011-12-02 14:14:32 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgstvideo-0.10.dll MOD - [2011-12-02 14:14:32 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\libgstsdp-0.10.dll MOD - [2011-12-02 14:14:32 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\avcore-lgpl-0.dll MOD - [2011-07-29 14:59:46 | 002,293,248 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\QtCore4.dll MOD - [2011-03-30 10:49:10 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\imageformats\qico4.dll MOD - [2011-03-30 10:49:02 | 000,284,672 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\imageformats\qtiff4.dll MOD - [2011-03-30 10:48:38 | 000,220,672 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\imageformats\qmng4.dll MOD - [2011-03-30 10:48:22 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\imageformats\qgif4.dll MOD - [2011-03-30 10:48:14 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\imageformats\qjpeg4.dll MOD - [2011-03-30 07:16:34 | 008,173,568 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\QtGui4.dll MOD - [2011-03-30 06:59:26 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\QtNetwork4.dll MOD - [2011-03-30 06:57:58 | 000,339,968 | ---- | M] () -- C:\Program Files (x86)\ChomikBox\QtXml4.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-09-12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:[b]64bit:[/b] - [2012-09-12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013-01-11 19:28:39 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-01-09 10:20:08 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-11-09 12:21:16 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-04-04 06:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010-11-16 14:38:16 | 000,339,456 | ---- | M] () [Auto | Running] -- C:\ProgramData\DataCardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2010-10-05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010-10-05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-12-19 14:47:20 | 000,132,008 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:[b]64bit:[/b] - [2012-11-17 17:38:51 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2012-11-17 17:24:04 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:[b]64bit:[/b] - [2012-08-30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b]64bit:[/b] - [2012-07-03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-05-31 11:11:36 | 000,415,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb) DRV:[b]64bit:[/b] - [2011-05-03 09:42:40 | 000,222,464 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-01-30 12:19:34 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-10-19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2010-09-03 06:59:26 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-07-27 03:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-02-17 18:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:[b]64bit:[/b] - [2007-02-16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2013-01-22 17:57:34 | 000,035,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{69D90075-F8C4-4E0B-A9A1-4EF63A8D3020}\MpKslcd04bb73.sys -- (MpKslcd04bb73) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2007-02-16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-392529022-3990558679-2951379953-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/ IE - HKU\S-1-5-21-392529022-3990558679-2951379953-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-392529022-3990558679-2951379953-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-392529022-3990558679-2951379953-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: uss-button%40uploadscreenshot.com:1.9.1 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-11 19:28:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-25 20:32:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcin\AppData\Roaming\mozilla\Extensions [2013-01-11 18:36:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcin\AppData\Roaming\mozilla\Firefox\Profiles\1yrajac5.default\extensions [2013-01-11 18:36:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Marcin\AppData\Roaming\mozilla\Firefox\Profiles\1yrajac5.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-01-01 12:14:16 | 000,021,356 | ---- | M] () (No name found) -- C:\Users\Marcin\AppData\Roaming\mozilla\firefox\profiles\1yrajac5.default\extensions\uss-button@uploadscreenshot.com.xpi [2013-01-11 19:28:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013-01-20 19:48:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\extensions [2013-01-20 19:48:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013-01-11 19:28:39 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-11-20 09:04:07 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-11-20 09:04:08 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-11-20 09:04:08 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-11-20 09:04:07 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-11-20 09:04:07 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-11-20 09:04:07 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://search.bearshare.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://search.bearshare.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - Extension: Dysk Google = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Nokia Drop = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddgankdgamemlpbbfnbdphddncdcmkhf\1.4.1.5_0\ CHR - Extension: Word Search = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\ CHR - Extension: Word Search = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\~ CHR - Extension: Stylish = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.0_0\ CHR - Extension: Chain Reaction = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa\1.2_0\ CHR - Extension: AdBlock = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.55_0\ CHR - Extension: FlashBlock = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0\ CHR - Extension: Slinky Klasyczny = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfjhlpgahgkpncekpdkgfoeppikldble\19.7_0\ CHR - Extension: Cargo Bridge = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn\1.5.7_0\ CHR - Extension: Zegar = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjocghlclkpgheifflemilcnblodjohg\1.16_0\ CHR - Extension: Better History = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb\1.9.37_0\ CHR - Extension: Gmail = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013-01-11 19:33:01 | 000,001,014 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 applian.securesites.com O1 - Hosts: 64.191.102.135 karachan.org O1 - Hosts: 64.191.102.135 www.karachan.org O1 - Hosts: 80.82.78.6 pornolab.net O1 - Hosts: 80.82.78.6 static.pornolab.net O1 - Hosts: 80.82.78.6 bt.pornolab.net O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-392529022-3990558679-2951379953-1000..\Run: [ChomikBox] C:\Program Files (x86)\ChomikBox\chomikbox.exe ( ) O4 - HKU\S-1-5-21-392529022-3990558679-2951379953-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-392529022-3990558679-2951379953-1000..\Run: [SkyDrive] C:\Users\Marcin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-392529022-3990558679-2951379953-1000..\Run: [uTorrent] C:\Users\Marcin\Downloads\utorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-21-392529022-3990558679-2951379953-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-392529022-3990558679-2951379953-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Marcin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KatMouse.lnk = C:\Program Files (x86)\KatMouse\KatMouse.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-392529022-3990558679-2951379953-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.9.2) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.9.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 82.160.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71F95CBE-3565-47BA-8B4C-D7C48E4B6B8A}: DhcpNameServer = 10.0.0.1 82.160.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A37E07AC-7D56-4298-B691-260D08203916}: NameServer = 193.41.112.14 193.41.112.18 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{0e1d3f45-3385-11e2-bd40-1c6f658fd8cd}\Shell - "" = AutoRun O33 - MountPoints2\{0e1d3f45-3385-11e2-bd40-1c6f658fd8cd}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{0e1d3f45-3385-11e2-bd40-1c6f658fd8cd}\Shell\install\command - "" = G:\setup-top_netinfo.EXE O33 - MountPoints2\{0e1d3f45-3385-11e2-bd40-1c6f658fd8cd}\Shell\readme\command - "" = notepad info.txt O33 - MountPoints2\{0e1d3f54-3385-11e2-bd40-1c6f658fd8cd}\Shell - "" = AutoRun O33 - MountPoints2\{0e1d3f54-3385-11e2-bd40-1c6f658fd8cd}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{0e1d3f54-3385-11e2-bd40-1c6f658fd8cd}\Shell\install\command - "" = G:\setup-top_netinfo.EXE O33 - MountPoints2\{0e1d3f54-3385-11e2-bd40-1c6f658fd8cd}\Shell\readme\command - "" = notepad info.txt O33 - MountPoints2\{493d17cb-30c4-11e2-9782-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{493d17cb-30c4-11e2-9782-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Run.exe O33 - MountPoints2\{ae155e9e-5acc-11e2-860e-1c6f658fd8cd}\Shell - "" = AutoRun O33 - MountPoints2\{ae155e9e-5acc-11e2-860e-1c6f658fd8cd}\Shell\AutoRun\command - "" = G:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-01-22 17:46:22 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Malwarebytes [2013-01-22 17:46:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013-01-22 17:46:03 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013-01-22 17:46:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013-01-22 16:45:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2013-01-22 12:07:49 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\CrashDumps [2013-01-20 23:07:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive [2013-01-20 23:07:42 | 000,000,000 | R--D | C] -- C:\Users\Marcin\SkyDrive [2013-01-20 23:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive [2013-01-18 15:47:46 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\EAC [2013-01-18 15:47:42 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\AccurateRip [2013-01-18 15:47:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy [2013-01-17 13:08:39 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\vlc [2013-01-15 18:24:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KatMouse [2013-01-14 20:24:56 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\TechSmith [2013-01-14 20:24:42 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\TechSmith [2013-01-14 20:24:33 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\Camtasia Studio [2013-01-14 20:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith [2013-01-14 20:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2013-01-14 20:23:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared [2013-01-14 20:23:14 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith [2013-01-14 20:23:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith [2013-01-14 19:28:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video to GIF Converter [2013-01-14 19:28:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Video to GIF Converter [2013-01-12 19:57:06 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\Eidos [2013-01-11 22:17:13 | 000,000,000 | ---D | C] -- C:\Users\Marcin\VirtualBox VMs [2013-01-11 22:17:02 | 000,000,000 | ---D | C] -- C:\Users\Marcin\.VirtualBox [2013-01-11 22:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox [2013-01-11 22:16:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2013-01-11 22:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2013-01-11 19:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013-01-10 22:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013-01-10 22:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2013-01-09 22:31:32 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\ChomikBox [2013-01-09 22:31:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl [2013-01-09 22:31:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ChomikBox [2013-01-09 19:44:30 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013-01-09 19:44:30 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013-01-09 19:44:29 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013-01-09 19:44:29 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013-01-09 19:44:29 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013-01-09 19:44:29 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013-01-09 19:44:29 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013-01-09 19:44:29 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013-01-09 19:44:29 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013-01-09 19:44:29 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013-01-09 19:44:29 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013-01-09 19:44:29 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013-01-09 19:44:29 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013-01-09 19:44:29 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013-01-09 19:44:29 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013-01-09 19:44:29 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013-01-09 19:44:29 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013-01-09 19:44:29 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013-01-09 19:44:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013-01-09 19:44:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013-01-09 19:44:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013-01-09 19:44:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013-01-09 19:44:29 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013-01-09 19:44:29 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013-01-09 19:44:28 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013-01-09 19:44:28 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013-01-09 19:44:28 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013-01-09 19:44:28 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013-01-09 19:44:28 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013-01-09 19:44:28 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013-01-09 19:44:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013-01-09 19:44:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013-01-09 19:31:57 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013-01-09 19:31:57 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013-01-09 19:28:52 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013-01-09 19:28:52 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013-01-09 19:25:03 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013-01-09 19:25:02 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013-01-09 19:25:02 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013-01-09 19:25:02 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013-01-09 19:25:02 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013-01-09 19:25:02 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013-01-09 19:25:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013-01-09 19:25:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013-01-09 19:25:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013-01-09 19:25:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013-01-09 19:25:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013-01-09 19:25:00 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013-01-09 19:25:00 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013-01-09 19:25:00 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013-01-09 19:25:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 19:25:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 19:25:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 19:25:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 19:25:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 19:25:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 19:25:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 19:25:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 19:25:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 19:25:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 19:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 19:24:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013-01-09 19:24:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013-01-09 19:24:59 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013-01-09 19:24:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 19:24:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013-01-09 19:24:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013-01-09 19:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013-01-09 19:24:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013-01-09 19:24:06 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013-01-06 12:00:51 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\fontconfig [2013-01-05 11:24:47 | 001,573,376 | ---- | C] (xy-VSFilter Team) -- C:\Windows\SysWow64\VSFilter.dll [2013-01-05 09:59:58 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\spek [2013-01-04 15:07:46 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache [2013-01-03 20:20:43 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\My Cheat Tables [2013-01-01 14:08:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio [2013-01-01 14:02:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serious Sam [2012-12-30 18:00:35 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Desktop\rtmp [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-01-22 18:00:21 | 000,015,824 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-01-22 18:00:20 | 000,015,824 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-01-22 17:58:40 | 001,662,580 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-01-22 17:58:40 | 000,737,754 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-01-22 17:58:40 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-01-22 17:58:40 | 000,154,418 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-01-22 17:58:40 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-01-22 17:52:41 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-01-22 17:52:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-01-22 17:52:25 | 523,886,591 | -HS- | M] () -- C:\hiberfil.sys [2013-01-22 17:18:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-01-22 16:37:14 | 003,624,240 | ---- | M] () -- C:\Users\Marcin\Crossfire_downloader.exe [2013-01-22 16:35:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-01-22 16:34:29 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI [2013-01-20 08:24:07 | 000,000,671 | ---- | M] () -- C:\Users\Marcin\.swfinfo [2013-01-19 21:25:58 | 000,080,144 | ---- | M] () -- C:\Users\Marcin\Desktop\XD.png [2013-01-18 23:31:12 | 000,005,632 | ---- | M] () -- C:\Users\Marcin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-01-18 15:47:39 | 000,000,716 | ---- | M] () -- C:\Users\Public\Desktop\Exact Audio Copy.lnk [2013-01-18 15:42:31 | 000,002,255 | ---- | M] () -- C:\Users\Marcin\Desktop\Google Chrome.lnk [2013-01-17 15:21:13 | 005,191,309 | ---- | M] () -- C:\Users\Marcin\Desktop\KimDotcom-MrPresident.mp3 [2013-01-16 18:58:56 | 002,374,768 | ---- | M] () -- C:\Users\Marcin\Desktop\materiały.zip [2013-01-16 00:08:21 | 000,001,103 | ---- | M] () -- C:\Users\Marcin\Desktop\JDownloader2.lnk [2013-01-15 18:24:36 | 000,001,043 | ---- | M] () -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KatMouse.lnk [2013-01-14 20:23:31 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 8.lnk [2013-01-14 19:28:50 | 000,001,215 | ---- | M] () -- C:\Users\Marcin\Desktop\Free Video to GIF Converter.lnk [2013-01-13 13:20:47 | 000,000,600 | ---- | M] () -- C:\Users\Marcin\AppData\Local\PUTTY.RND [2013-01-11 22:16:37 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2013-01-11 22:11:24 | 515,899,392 | ---- | M] () -- C:\Users\Marcin\Desktop\archlinux-2013.01.04-dual.iso [2013-01-10 03:23:44 | 000,283,096 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-01-10 03:06:32 | 001,637,782 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013-01-09 22:31:22 | 000,000,662 | ---- | M] () -- C:\Users\Public\Desktop\ChomikBox.lnk [2013-01-09 21:32:02 | 049,184,480 | ---- | M] () -- C:\Users\Marcin\Documents\ZingZillas 10.avi [2013-01-09 10:20:08 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-01-09 10:20:08 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-01-05 10:00:13 | 000,000,674 | ---- | M] () -- C:\Users\Marcin\Desktop\Spek.lnk [2013-01-04 21:55:04 | 000,039,393 | ---- | M] () -- C:\confirmation_280415077.pdf [2013-01-01 01:24:38 | 002,556,460 | ---- | M] () -- C:\Users\Marcin\Documents\Kacze OpowieĹ›ci - Odcinek 02 - Skarb Utracony - Stary dubbing.avi [2012-12-31 21:40:49 | 000,000,875 | ---- | M] () -- C:\Users\Marcin\Desktop\oggdropXPd.ini [2012-12-30 21:15:32 | 000,001,057 | ---- | M] () -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-12-30 13:26:18 | 006,727,680 | ---- | M] () -- C:\Users\Marcin\Documents\(007) Bumblelion and the Terrified Forest.avi [2012-12-29 19:50:17 | 000,001,336 | ---- | M] () -- C:\Users\Marcin\Desktop\JShotTray — skrót.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-01-22 16:36:19 | 003,624,240 | ---- | C] () -- C:\Users\Marcin\Crossfire_downloader.exe [2013-01-22 16:34:29 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2013-01-20 23:07:42 | 000,002,210 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk [2013-01-19 21:25:58 | 000,080,144 | ---- | C] () -- C:\Users\Marcin\Desktop\XD.png [2013-01-18 15:47:39 | 000,000,716 | ---- | C] () -- C:\Users\Public\Desktop\Exact Audio Copy.lnk [2013-01-17 15:20:32 | 005,191,309 | ---- | C] () -- C:\Users\Marcin\Desktop\KimDotcom-MrPresident.mp3 [2013-01-16 19:04:21 | 002,374,768 | ---- | C] () -- C:\Users\Marcin\Desktop\materiały.zip [2013-01-16 00:08:21 | 000,001,103 | ---- | C] () -- C:\Users\Marcin\Desktop\JDownloader2.lnk [2013-01-15 18:24:36 | 000,001,043 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KatMouse.lnk [2013-01-14 20:23:31 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 8.lnk [2013-01-14 19:28:50 | 000,001,215 | ---- | C] () -- C:\Users\Marcin\Desktop\Free Video to GIF Converter.lnk [2013-01-13 11:21:09 | 2923,760,640 | ---- | C] () -- C:\Users\Marcin\Desktop\TVN-13012013-0832.mts [2013-01-11 22:16:37 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2013-01-11 21:48:25 | 515,899,392 | ---- | C] () -- C:\Users\Marcin\Desktop\archlinux-2013.01.04-dual.iso [2013-01-10 22:01:27 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2013-01-09 22:31:22 | 000,000,662 | ---- | C] () -- C:\Users\Public\Desktop\ChomikBox.lnk [2013-01-09 22:17:22 | 024,837,164 | ---- | C] () -- C:\Users\Marcin\Desktop\04. Gdybym.wav [2013-01-09 21:32:02 | 049,184,480 | ---- | C] () -- C:\Users\Marcin\Documents\ZingZillas 10.avi [2013-01-05 10:00:13 | 000,000,674 | ---- | C] () -- C:\Users\Marcin\Desktop\Spek.lnk [2013-01-04 22:18:36 | 000,039,393 | ---- | C] () -- C:\confirmation_280415077.pdf [2013-01-01 01:24:38 | 002,556,460 | ---- | C] () -- C:\Users\Marcin\Documents\Kacze OpowieĹ›ci - Odcinek 02 - Skarb Utracony - Stary dubbing.avi [2012-12-30 18:02:59 | 000,000,671 | ---- | C] () -- C:\Users\Marcin\.swfinfo [2012-12-30 13:26:18 | 006,727,680 | ---- | C] () -- C:\Users\Marcin\Documents\(007) Bumblelion and the Terrified Forest.avi [2012-12-29 19:50:17 | 000,001,336 | ---- | C] () -- C:\Users\Marcin\Desktop\JShotTray — skrót.lnk [2012-12-12 20:31:53 | 000,010,627 | ---- | C] () -- C:\Users\Marcin\AppData\Local\soulseek-client - Kopia.dat [2012-12-12 20:25:57 | 000,010,627 | ---- | C] () -- C:\Users\Marcin\AppData\Local\soulseek-client.dat [2012-12-08 14:30:48 | 000,000,600 | ---- | C] () -- C:\Users\Marcin\AppData\Local\PUTTY.RND [2012-12-08 14:09:17 | 000,000,256 | ---- | C] () -- C:\Users\Marcin\.pulse-cookie [2012-12-08 14:09:17 | 000,000,016 | ---- | C] () -- C:\Users\Marcin\.esd_auth [2012-12-08 13:59:40 | 000,000,109 | ---- | C] () -- C:\Users\Marcin\.Xauthority [2012-12-08 12:10:44 | 000,005,632 | ---- | C] () -- C:\Users\Marcin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-11-24 13:01:37 | 000,000,047 | ---- | C] () -- C:\Windows\huffyuv.ini [2012-11-17 17:00:34 | 001,637,782 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-11-17 16:06:47 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2012-11-17 16:02:52 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2012-09-28 16:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll [2012-06-19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2012-12-07 17:55:25 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\.minecraft [2012-11-20 19:36:39 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\.wtw [2013-01-19 15:44:36 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Audacity [2012-11-25 10:11:46 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\avidemux [2012-12-19 15:21:21 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\BDREBUILDER [2012-12-17 16:49:01 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\CUE Tools [2012-12-17 16:47:41 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\CUERipper [2013-01-04 15:07:38 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\DAEMON Tools Lite [2012-11-25 18:53:46 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\dispcalGUI [2013-01-22 17:53:00 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Dropbox [2013-01-18 15:47:48 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\EAC [2012-11-30 21:29:33 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\FLV Extract [2012-12-05 15:51:36 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\IrfanView [2012-11-18 13:43:36 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\mkvtoolnix [2013-01-20 22:03:13 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Mp3tag [2012-11-17 16:29:06 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Opera [2013-01-20 23:39:31 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\spek [2012-12-01 10:17:22 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\SpiritON TV Software [2012-12-03 20:38:07 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\TeamViewer [2013-01-14 20:24:42 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\TechSmith [2012-11-20 17:14:06 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Toastware [2012-11-17 20:52:35 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\TrueCrypt [2013-01-22 18:02:48 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\uTorrent [2013-01-19 18:57:31 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\X-Chat 2 [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:3440EB47 @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:66633281 @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0888F409 @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C7D0F96D < End of report >