OTL logfile created on: 01-02-2013 12:20:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Przemek\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16438) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd-MM-yyyy 4,00 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 53,22% Memory free 8,00 Gb Paging File | 5,86 Gb Available in Paging File | 73,28% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 50,07 Gb Total Space | 23,18 Gb Free Space | 46,29% Space Free | Partition Type: NTFS Drive D: | 10,65 Gb Total Space | 2,50 Gb Free Space | 23,50% Space Free | Partition Type: NTFS Drive E: | 154,98 Gb Total Space | 75,53 Gb Free Space | 48,73% Space Free | Partition Type: NTFS Drive F: | 250,04 Gb Total Space | 115,72 Gb Free Space | 46,28% Space Free | Partition Type: NTFS Computer Name: CALIBER | User Name: Przemek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-02-01 12:12:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Przemek\Desktop\OTL.exe PRC - [2013-01-29 20:58:15 | 003,565,432 | ---- | M] (Tonec Inc.) -- D:\Różne Programy\Internet Download Manager\IDMan.exe PRC - [2013-01-18 23:02:10 | 000,917,400 | ---- | M] (Mozilla Corporation) -- D:\Przegladarki internetowe\Mozilla Firefox 15\firefox.exe PRC - [2013-01-18 22:53:50 | 000,071,168 | ---- | M] (Mike Edward Moras (e-sushi™) — www.e-sushi.net) -- C:\Program Files (x86)\MiniBin\minibin.exe PRC - [2013-01-18 16:51:36 | 002,053,088 | ---- | M] (Hagel Technologies Ltd.) -- D:\Różne Programy\DU Meter\DUMeterSvc.exe PRC - [2012-10-24 19:23:27 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) -- D:\Antywirus\Kaspersky Internet Security 2012\avp.exe PRC - [2012-08-22 14:46:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-05-30 13:44:30 | 002,023,424 | ---- | M] (Crystal Rich Ltd) -- D:\Różne Programy\USB Safely Remove\USBSafelyRemove.exe PRC - [2011-12-30 15:39:54 | 000,142,336 | ---- | M] (Four13 Designs) -- D:\Różne Programy\Network Activity Indicator\NetworkIndicator.exe PRC - [2010-11-20 15:58:08 | 001,894,912 | ---- | M] (Steamcore.se) -- D:\Różne Programy\Screamer Radio\screamer.exe PRC - [2010-10-12 12:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe PRC - [2009-05-14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe PRC - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- D:\Różne Programy\RocketDock\RocketDock.exe PRC - [2006-12-19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-01-18 23:02:10 | 003,022,232 | ---- | M] () -- D:\Przegladarki internetowe\Mozilla Firefox 15\mozjs.dll MOD - [2013-01-09 11:36:24 | 013,198,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\12f94ec43a0160ab9ddd755b0e1be881\System.Windows.Forms.ni.dll MOD - [2013-01-09 11:35:38 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8ba0620535aa28d509b9397500b7d530\System.Drawing.ni.dll MOD - [2013-01-09 11:35:17 | 000,980,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\197761bb3230bf9d4f540305dcf6717c\System.Configuration.ni.dll MOD - [2013-01-09 11:35:16 | 005,618,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6d9da56c9f607615b55d6742d8427d\System.Xml.ni.dll MOD - [2013-01-09 11:35:09 | 009,093,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\c182d7a0bd88caf2cddccb7491a5fa6e\System.ni.dll MOD - [2013-01-09 11:35:01 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll MOD - [2011-07-01 11:06:44 | 000,002,560 | ---- | M] () -- D:\Różne Programy\USB Safely Remove\USBSafelyRemove.dll MOD - [2011-04-24 22:13:30 | 007,008,656 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\qtgui4.dll MOD - [2011-04-24 22:13:28 | 000,192,912 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\qtsql4.dll MOD - [2011-04-24 22:13:26 | 001,270,160 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\qtscript4.dll MOD - [2011-04-24 22:13:26 | 000,758,160 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\qtnetwork4.dll MOD - [2011-04-24 22:13:24 | 002,118,032 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\qtcore4.dll MOD - [2011-04-24 22:13:24 | 002,089,360 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\qtdeclarative4.dll MOD - [2011-04-20 18:56:28 | 000,025,088 | ---- | M] () -- D:\Antywirus\Kaspersky Internet Security 2012\imageformats\qgif4.dll MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- D:\Różne Programy\RocketDock\RocketDock.dll MOD - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- D:\Różne Programy\RocketDock\RocketDock.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-11-29 12:56:56 | 000,230,408 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe -- (NitroDriverReadSpool8) SRV:[b]64bit:[/b] - [2012-10-18 13:41:29 | 000,168,448 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04) SRV:[b]64bit:[/b] - [2012-10-18 13:41:29 | 000,131,072 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04) SRV:[b]64bit:[/b] - [2012-10-01 08:22:52 | 000,359,224 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV:[b]64bit:[/b] - [2012-09-19 12:10:54 | 000,037,216 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:[b]64bit:[/b] - [2011-06-13 22:21:14 | 000,343,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013-01-18 16:51:36 | 002,053,088 | ---- | M] (Hagel Technologies Ltd.) [Auto | Running] -- D:\Różne Programy\DU Meter\DUMeterSvc.exe -- (DUMeterSvc) SRV - [2013-01-08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-10-24 19:23:27 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- D:\Antywirus\Kaspersky Internet Security 2012\avp.exe -- (AVP) SRV - [2012-09-19 12:10:54 | 000,029,536 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2012-08-25 02:59:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-22 14:46:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-05-29 02:25:50 | 001,473,920 | ---- | M] (Crystal Rich Ltd) [Auto | Running] -- D:\Różne Programy\USB Safely Remove\USBSRService.exe -- (USBSafelyRemoveService) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-07-13 01:07:48 | 000,021,096 | ---- | M] (The Within Network, LLC) [Disabled | Stopped] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-05-14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2006-12-19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe -- (EpsonBidirectionalService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-12-03 15:07:48 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2012-11-22 01:43:14 | 000,165,112 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP) DRV:[b]64bit:[/b] - [2012-10-24 19:23:25 | 000,637,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:[b]64bit:[/b] - [2012-09-18 10:32:32 | 000,075,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2012-09-18 10:32:32 | 000,061,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2012-08-29 18:46:14 | 000,028,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dfx11_1x64.sys -- (DFX11_1) DRV:[b]64bit:[/b] - [2012-08-16 19:27:22 | 000,028,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dfx11_0x64.sys -- (DFX11_0) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-07-29 12:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:[b]64bit:[/b] - [2011-07-29 12:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-03-10 17:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:[b]64bit:[/b] - [2011-03-04 12:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2) DRV:[b]64bit:[/b] - [2011-03-04 12:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1) DRV:[b]64bit:[/b] - [2010-11-21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2009-11-02 19:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2007-04-23 18:12:44 | 000,739,760 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BisonCam.sys -- (Cam5603D) DRV - [2012-10-29 11:14:02 | 000,020,528 | ---- | M] (Hagel Technologies Ltd.) [Kernel | On_Demand | Running] -- D:\Różne Programy\DU Meter\DUMetr64.sys -- (DUMeterDrv) DRV - [2011-07-29 12:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2011-07-29 12:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-13 01:07:46 | 000,025,448 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\uxpatch.sys -- (uxpatch) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1498260635-3374273933-1032241141-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-1498260635-3374273933-1032241141-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/ IE - HKU\S-1-5-21-1498260635-3374273933-1032241141-1001\..\SearchScopes,DefaultScope = {634159AC-E4B1-418B-891F-327CFDD3A355} IE - HKU\S-1-5-21-1498260635-3374273933-1032241141-1001\..\SearchScopes\{634159AC-E4B1-418B-891F-327CFDD3A355}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms} IE - HKU\S-1-5-21-1498260635-3374273933-1032241141-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "chrome://fvd.speeddial/content/fvd_about_blank.html" FF - prefs.js..extensions.enabledAddons: ck%40everygain.com:1.4.9.2 FF - prefs.js..extensions.enabledAddons: doudehou%40gmail.com:0.3.5 FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3 FF - prefs.js..extensions.enabledAddons: NoiaScrollbars%40ArisT2_Noia4dev:1.0.8 FF - prefs.js..extensions.enabledAddons: %7B7443739c-bff6-4af0-aea5-7ed29006966c%7D:1.0.3 FF - prefs.js..extensions.enabledAddons: %7Bcdd09450-7280-11de-8a39-0800200c9a66%7D:0.82 FF - prefs.js..extensions.enabledAddons: fabtab%40captaincaveman.nl:1.4.7 FF - prefs.js..extensions.enabledAddons: tabscope%40xuldev.org:1.1.7 FF - prefs.js..extensions.enabledAddons: %7B2E481B23-66AC-313F-D6A8-A81DDDF26249%7D:1.1.20120731 FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.0.4 FF - prefs.js..extensions.enabledAddons: pavel.sherbakov%40gmail.com:4.1.6 FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.34 FF - prefs.js..extensions.enabledAddons: custombuttons%40xsms.org:0.0.5.5 FF - prefs.js..extensions.enabledAddons: %7BF8A55C97-3DB6-4961-A81D-0DE0080E53CB%7D:0.9.6 FF - prefs.js..extensions.enabledAddons: %7B69d0119c-32f1-4766-82d7-617f04d5643b%7D:1.18 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: F:\Inne\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: D:\Antywirus\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-10-24 19:23:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: D:\Antywirus\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012-10-24 19:23:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: D:\Antywirus\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012-10-24 19:23:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2012-11-17 10:30:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: D:\Przegladarki internetowe\Mozilla Firefox 15\components [2013-01-18 23:02:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: D:\Przegladarki internetowe\Mozilla Firefox 15\plugins [2013-01-18 23:02:07 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Przemek\AppData\Roaming\IDM\idmmzcc5 [2013-01-14 09:48:25 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: D:\Przegladarki internetowe\Mozilla Firefox 15\components [2013-01-18 23:02:10 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: D:\Przegladarki internetowe\Mozilla Firefox 15\plugins [2013-01-18 23:02:07 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Przemek\AppData\Roaming\IDM\idmmzcc5 [2013-01-14 09:48:25 | 000,000,000 | ---D | M] [2012-08-27 18:34:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\Extensions [2013-01-26 13:07:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\qqhwlmc6.default\extensions [2012-10-22 11:48:27 | 000,000,000 | ---D | M] (ViewMarks) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\qqhwlmc6.default\extensions\{7443739c-bff6-4af0-aea5-7ed29006966c} [2013-01-09 22:41:03 | 000,000,000 | ---D | M] (Custom Buttons) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\qqhwlmc6.default\extensions\custombuttons@xsms.org [2012-08-28 22:32:47 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\qqhwlmc6.default\extensions\DeviceDetection@logitech.com [2012-09-23 21:54:03 | 000,000,000 | ---D | M] (StatusbarEx) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\qqhwlmc6.default\extensions\doudehou@gmail.com [2012-10-02 10:41:36 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\qqhwlmc6.default\extensions\foxmarks@kei.com [2013-01-09 22:34:06 | 000,000,000 | ---D | M] (IDM CC) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\qqhwlmc6.default\extensions\mozilla_cc@internetdownloadmanager.com [2013-01-08 21:47:57 | 000,000,000 | ---D | M] ("FVD Speed Dial with Full Online Sync") -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\qqhwlmc6.default\extensions\pavel.sherbakov@gmail.com [2012-09-04 22:27:03 | 000,003,403 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\aero-window-title@benjamin.smedbergs.us.xpi [2012-11-07 22:36:26 | 000,760,137 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\aeroimproved@rsjtdrjgfuzkfg.com.xpi [2012-11-02 11:39:18 | 000,151,473 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\ck@everygain.com.xpi [2012-10-31 17:30:56 | 000,060,554 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\color@largrizzly.xpi [2012-11-26 19:28:47 | 000,052,190 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\fabtab@captaincaveman.nl.xpi [2012-10-08 20:52:49 | 000,013,684 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\ff4uifix@nikolakocic.com.xpi [2012-11-27 20:23:49 | 000,115,490 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\jid0-i4ZVx3bmoi7bHyZtr2yOoKnI94o@jetpack.xpi [2013-01-25 13:07:37 | 000,726,825 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\jid1-uabu5A9hduqzCw@jetpack.xpi [2012-10-31 17:31:02 | 001,020,101 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\macfox3@jasiekmarc.cba.pl.xpi [2012-09-23 21:55:17 | 000,009,171 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\maskingagent@basa.nl.xpi [2012-10-03 16:22:23 | 000,096,816 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\NoiaScrollbars@ArisT2_Noia4dev.xpi [2012-12-02 13:12:34 | 000,159,639 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\notreal.ccoptions@environmentalchemistry.com.xpi [2012-08-27 19:03:29 | 000,330,316 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\personas@christopher.beard.xpi [2012-09-23 21:55:08 | 000,012,413 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\suspendbackgroundtabs@adblockplus.org.xpi [2012-11-27 20:24:12 | 000,002,112 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\tabbutton@firefox.xpi [2012-11-21 13:29:02 | 000,033,157 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\tabprogressbar@piro.sakura.ne.jp.xpi [2012-11-27 12:32:33 | 000,057,698 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\tabscope@xuldev.org.xpi [2012-11-01 17:30:53 | 000,065,701 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\winstripe@largrizzly.xpi [2012-12-18 14:41:54 | 001,019,750 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\{2E481B23-66AC-313F-D6A8-A81DDDF26249}.xpi [2012-11-27 20:26:40 | 000,020,500 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\{4d4f5a49-4c4c-4100-f000-4e4557544142}.xpi [2012-12-13 22:21:21 | 000,006,119 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\{4E7BBE5E-ADD5-40d6-8860-6AB4E4B761B1}.xpi [2013-01-08 21:47:46 | 000,845,489 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\{69d0119c-32f1-4766-82d7-617f04d5643b}.xpi [2012-08-27 20:20:20 | 000,011,460 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\{6f37ee73-a448-40a3-bcce-40e562fea9ef}.xpi [2013-01-08 21:18:36 | 001,010,693 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\{aa26583b-4c35-4729-913e-156956078824}.xpi [2012-10-11 18:12:21 | 000,247,142 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\{bcba2942-0c80-4c18-9d69-8e74049b2ca4}.xpi [2012-08-27 20:38:13 | 000,253,381 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\{cdd09450-7280-11de-8a39-0800200c9a66}.xpi [2012-09-22 21:35:49 | 000,115,263 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}.xpi [2013-01-06 20:14:51 | 000,713,793 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-01-15 11:49:34 | 000,118,969 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2012-10-17 20:22:30 | 001,010,367 | ---- | M] () (No name found) -- C:\Users\Przemek\AppData\Roaming\mozilla\firefox\profiles\qqhwlmc6.default\extensions\{fd2f951f-77ea-4938-9493-0c892c027a13}.xpi [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://google.pl/ CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\Application\22.0.1229.26\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\Application\25.0.1364.45\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\Application\25.0.1364.45\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Przemek\AppData\Local\Google\Chrome\Application\25.0.1364.45\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Java(TM) Platform SE 7 U6 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.60.24 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Google Update (Enabled) = C:\Users\Przemek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: Google Translate = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\ CHR - Extension: Pogoda (rozszerzenie) = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.7_0\ CHR - Extension: The Latest Versions of Google Chrome\u2122 = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bibclkcoilbnbnppanidhimphmfbjaab\6.1.3_0\ CHR - Extension: Tab Position Customizer = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cldflinjcjehpjddjkohganfpjlnbpem\2.8.2_0\ CHR - Extension: Logitech SetPoint = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.51.8_0\ CHR - Extension: PanicButton = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0\ CHR - Extension: Chrome Voice Control = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fboiibgbjljogjkebjcfhggbiponmpkk\4.2.8_0\ CHR - Extension: Click&Clean = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.0.1_0\ CHR - Extension: Gradient = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipehkhefmnpkdbcpgbononhiohcabocp\1.0_0\ CHR - Extension: Przycisk Ustrzel to! dla Allegro i eBay = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhaoojkpcgaobmnnphdpdokcgdiibblh\0.1.8_0\ CHR - Extension: IDM Integration = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.14.4_0\ CHR - Extension: Speed Dial 2 = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\1.6.1.3_0\ CHR - Extension: Clear History = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhibcmkdgpfagejobeajjlidmoddmicp\1.4_0\ CHR - Extension: FVD Speed Dial - 3D Wall, Sync, New Tab Page = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa\3.1.5_0\ CHR - Extension: FastestChrome - Browse Faster = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\7.0.3_0\ CHR - Extension: Print = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiefodmmloajakmcfnpnjpkldellhlj\1.1_0\ CHR - Extension: Klawiatura wirtualna (od Google) = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\0.9.8.8_0\ CHR - Extension: History Trends = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nangghhladpnhlllolmdbdgeggionole\1.4_0\ CHR - Extension: Color Icons for Gmail = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioomoieildjihcajfoobhhiecjkmfn\0.8.9_0\ CHR - Extension: Click&Clean App = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\ CHR - Extension: Przegl\u0105darka QuickLinks = C:\Users\Przemek\AppData\Local\Google\Chrome\User Data\Default\Extensions\plpjogfhobhpdcmcblieglnoooccfcmm\1.5_0\ O1 HOSTS File: ([2012-08-27 16:01:40 | 000,000,864 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Różne Programy\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Antywirus\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\Inne\Microsoft Office Professional Plus 2013\Office15\URLREDIR.DLL (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Antywirus\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Różne Programy\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Antywirus\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Antywirus\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [Network Activity Indicator] D:\Różne Programy\Network Activity Indicator\NetworkIndicator.exe (Four13 Designs) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [USB Safely Remove] D:\Różne Programy\USB Safely Remove\USBSafelyRemove.exe (Crystal Rich Ltd) O4 - HKLM..\Run: [AVP] D:\Antywirus\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [MiniBin] C:\Program Files (x86)\MiniBin\MiniBin.exe (Mike Edward Moras (e-sushi™) — www.e-sushi.net) O4 - HKU\@2..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1498260635-3374273933-1032241141-1001..\Run: [3RVX] D:\Różne Programy\3RVX\3RVX.exe (matt.malensek.net) O4 - HKU\S-1-5-21-1498260635-3374273933-1032241141-1001..\Run: [DAEMON Tools Lite] D:\Różne Programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1498260635-3374273933-1032241141-1001..\Run: [DU Meter] D:\Różne Programy\DU Meter\DUMeter.exe (Hagel Technologies Ltd.) O4 - HKU\S-1-5-21-1498260635-3374273933-1032241141-1001..\Run: [IDMan] D:\Różne Programy\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKU\S-1-5-21-1498260635-3374273933-1032241141-1001..\Run: [RocketDock] D:\Różne Programy\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-1498260635-3374273933-1032241141-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\@2..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-1498260635-3374273933-1032241141-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0 O8:[b]64bit:[/b] - Extra context menu item: Add to Anti-Banner - D:\Antywirus\Kaspersky Internet Security 2012\ie_banner_deny.htm () O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - F:\Inne\Microsoft Office Professional Plus 2013\Office15\EXCEL.EXE (Microsoft Corporation) O8:[b]64bit:[/b] - Extra context menu item: Ściągnij przez IDM - D:\Różne Programy\Internet Download Manager\IEExt.htm () O8:[b]64bit:[/b] - Extra context menu item: Ściągnij wszystkie linki przez IDM - D:\Różne Programy\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Add to Anti-Banner - D:\Antywirus\Kaspersky Internet Security 2012\ie_banner_deny.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - F:\Inne\Microsoft Office Professional Plus 2013\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Ściągnij przez IDM - D:\Różne Programy\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - D:\Różne Programy\Internet Download Manager\IEGetAll.htm () O9:[b]64bit:[/b] - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - D:\Antywirus\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO) O9:[b]64bit:[/b] - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Antywirus\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - D:\Antywirus\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Antywirus\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A6DF0A2-59C3-492F-854E-8D486DC36EA6}: DhcpNameServer = 192.168.0.1 O18:[b]64bit:[/b] - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - F:\Inne\Microsoft Office Professional Plus 2013\Office15\MSOSB.DLL (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO) O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O20:[b]64bit:[/b] - Winlogon\Notify\WB: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-1498260635-3374273933-1032241141-1001\...com [@ = comfile] -- Reg Error: Key error. File not found O37 - HKU\S-1-5-21-1498260635-3374273933-1032241141-1001\...exe [@ = exefile] -- Reg Error: Key error. File not found O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-02-01 12:12:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Przemek\Desktop\OTL.exe [2013-02-01 12:12:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013-02-01 12:05:23 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013-02-01 12:05:23 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013-02-01 12:05:23 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013-02-01 12:05:03 | 000,000,000 | --SD | C] -- C:\ComboFix [2013-02-01 12:04:19 | 000,000,000 | ---D | C] -- C:\Qoobox [2013-02-01 12:03:32 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013-01-30 21:50:32 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Malwarebytes [2013-01-30 21:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013-01-30 21:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013-01-30 21:50:10 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013-01-29 21:16:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Stardock [2013-01-29 20:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM [2013-01-29 14:02:46 | 001,865,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2013-01-29 13:03:10 | 000,165,112 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys [2013-01-26 13:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013-01-26 13:42:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013-01-26 13:42:10 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013-01-21 10:40:28 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013-01-21 10:40:28 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013-01-21 10:40:28 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013-01-20 22:37:37 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\HTML Executable [2013-01-20 20:47:29 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Mp3 Audio Editor [2013-01-20 20:47:17 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mp3 Audio Editor [2013-01-20 20:47:10 | 001,212,416 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioInformation2.dll [2013-01-20 20:47:10 | 000,602,112 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioTransform2.dll [2013-01-20 20:47:10 | 000,479,232 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioVisualization2.dll [2013-01-20 20:47:10 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioRecord2.dll [2013-01-20 20:47:10 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioPlayer2.dll [2013-01-20 20:47:10 | 000,417,792 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTTextToAudio2.dll [2013-01-20 20:47:10 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\NCTWMAFile2.dll [2013-01-20 20:47:09 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\NCTAudioFile2.dll [2013-01-20 20:47:09 | 000,880,640 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioEditor2.dll [2013-01-20 20:47:09 | 000,835,584 | ---- | C] (NCT) -- C:\Windows\SysWow64\NCTAudioCDGrabber2.dll [2013-01-20 20:47:09 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll [2013-01-09 12:32:52 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft [2013-01-09 12:32:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013-01-09 12:32:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server [2013-01-09 12:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 [2013-01-09 12:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server [2013-01-09 11:23:49 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013-01-09 11:23:49 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013-01-09 11:23:47 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013-01-09 11:23:47 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013-01-08 21:31:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE [2013-01-08 21:26:09 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013-01-08 21:26:09 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013-01-08 21:26:09 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013-01-08 21:26:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013-01-08 21:26:08 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013-01-08 21:26:08 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013-01-08 21:26:08 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013-01-08 21:26:08 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013-01-08 21:26:08 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013-01-08 21:26:08 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013-01-08 21:26:08 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013-01-08 21:26:08 | 000,718,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013-01-08 21:26:08 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013-01-08 21:26:08 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013-01-08 21:26:08 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013-01-08 21:26:08 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013-01-08 21:26:08 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013-01-08 21:26:08 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013-01-08 21:26:08 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013-01-08 21:26:08 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013-01-08 21:26:08 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013-01-08 21:26:08 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013-01-08 21:26:08 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013-01-08 21:26:08 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013-01-08 21:26:08 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013-01-08 21:26:08 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013-01-08 21:26:08 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013-01-08 21:26:08 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013-01-08 21:26:08 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013-01-08 21:26:08 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013-01-08 21:26:08 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013-01-08 21:26:08 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013-01-08 21:26:08 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013-01-08 21:26:08 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013-01-08 21:26:08 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013-01-08 21:26:08 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013-01-08 21:26:08 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013-01-08 21:26:08 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013-01-08 21:26:08 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013-01-08 21:26:08 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013-01-08 21:26:08 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013-01-08 21:26:08 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013-01-08 21:26:08 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013-01-08 21:26:08 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013-01-08 21:26:08 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013-01-08 21:26:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013-01-08 21:26:08 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013-01-08 21:26:08 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013-01-08 21:26:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013-01-08 21:26:08 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013-01-08 21:26:08 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013-01-08 21:26:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013-01-08 21:26:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013-01-08 21:26:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013-01-08 21:26:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013-01-08 21:26:08 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013-01-08 21:26:08 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013-01-08 21:26:08 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013-01-08 21:26:08 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013-01-08 21:26:07 | 003,966,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013-01-08 21:26:07 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013-01-08 21:26:07 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013-01-08 21:26:07 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013-01-08 21:26:07 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013-01-08 21:26:07 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013-01-08 21:26:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013-01-08 21:26:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013-01-08 21:26:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013-01-08 21:24:42 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013-01-08 21:24:42 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013-01-08 21:24:42 | 002,434,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013-01-08 21:24:42 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013-01-08 21:24:42 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013-01-08 21:24:42 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013-01-08 21:24:42 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013-01-08 21:24:42 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013-01-08 21:24:42 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013-01-08 21:24:42 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013-01-08 21:24:42 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013-01-08 21:24:42 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013-01-08 21:24:42 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013-01-08 21:24:42 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013-01-08 21:24:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013-01-08 21:24:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013-01-08 21:24:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013-01-08 21:24:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013-01-08 21:24:42 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013-01-08 21:24:42 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013-01-08 21:24:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013-01-08 21:24:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013-01-08 21:24:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013-01-08 21:24:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013-01-08 21:24:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013-01-08 21:24:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013-01-08 21:24:42 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013-01-08 21:24:42 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013-01-08 21:24:41 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013-01-08 21:24:41 | 001,643,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013-01-08 21:24:41 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013-01-08 21:24:41 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013-01-08 21:24:41 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013-01-08 21:24:41 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013-01-08 21:24:41 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013-01-08 21:24:41 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013-01-08 21:24:41 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013-01-08 21:24:41 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013-01-08 21:24:41 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013-01-08 21:24:41 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013-01-08 21:24:41 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013-01-06 19:02:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC TuneUp Tools [2013-01-05 21:49:33 | 000,029,536 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2013-01-05 21:49:31 | 000,037,216 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2013-01-05 14:42:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log [2013-01-05 14:34:13 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HTC Home [2013-01-05 14:28:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC Home [2013-01-03 16:39:31 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Local\Stealth_Software [2013-01-03 16:31:10 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Local\matt.malensek.net [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-02-01 12:12:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Przemek\Desktop\OTL.exe [2013-02-01 11:56:30 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-02-01 11:56:30 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-02-01 11:45:48 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2013-02-01 11:44:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-01-30 22:39:08 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1498260635-3374273933-1032241141-1001UA.job [2013-01-30 13:06:14 | 001,663,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-01-30 13:06:14 | 000,737,942 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-01-30 13:06:14 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-01-30 13:06:14 | 000,154,630 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-01-30 13:06:14 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-01-30 09:43:00 | 000,003,304 | ---- | M] () -- C:\bootsqm.dat [2013-01-29 21:49:56 | 000,454,824 | ---- | M] () -- C:\Windows\UTP.exe [2013-01-29 14:39:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1498260635-3374273933-1032241141-1001Core.job [2013-01-29 13:52:53 | 002,871,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [2013-01-29 13:52:10 | 002,854,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer_.exe.Back.3.26705861057484 [2013-01-26 19:26:40 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job [2013-01-23 11:54:54 | 000,000,171 | ---- | M] () -- C:\Windows\SysNative\IPSwitcher.xml [2013-01-20 13:00:24 | 000,009,051 | -H-- | M] () -- C:\Users\Przemek\Desktop\folder.jpg [2013-01-13 15:34:55 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-01-13 15:34:55 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-01-12 03:30:18 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013-01-12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013-01-12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013-01-09 12:34:25 | 000,273,376 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-01-09 11:39:08 | 001,638,614 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013-01-08 21:26:09 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013-01-08 21:26:09 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013-01-08 21:26:09 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013-01-08 21:26:09 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013-01-08 21:26:08 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013-01-08 21:26:08 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013-01-08 21:26:08 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013-01-08 21:26:08 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013-01-08 21:26:08 | 000,905,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013-01-08 21:26:08 | 000,854,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013-01-08 21:26:08 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013-01-08 21:26:08 | 000,718,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013-01-08 21:26:08 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013-01-08 21:26:08 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013-01-08 21:26:08 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013-01-08 21:26:08 | 000,593,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013-01-08 21:26:08 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013-01-08 21:26:08 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013-01-08 21:26:08 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013-01-08 21:26:08 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013-01-08 21:26:08 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013-01-08 21:26:08 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013-01-08 21:26:08 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013-01-08 21:26:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013-01-08 21:26:08 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013-01-08 21:26:08 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013-01-08 21:26:08 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013-01-08 21:26:08 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013-01-08 21:26:08 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013-01-08 21:26:08 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013-01-08 21:26:08 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013-01-08 21:26:08 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013-01-08 21:26:08 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013-01-08 21:26:08 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013-01-08 21:26:08 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013-01-08 21:26:08 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013-01-08 21:26:08 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013-01-08 21:26:08 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013-01-08 21:26:08 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013-01-08 21:26:08 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013-01-08 21:26:08 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013-01-08 21:26:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013-01-08 21:26:08 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013-01-08 21:26:08 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013-01-08 21:26:08 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013-01-08 21:26:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013-01-08 21:26:08 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013-01-08 21:26:08 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013-01-08 21:26:08 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013-01-08 21:26:08 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013-01-08 21:26:08 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013-01-08 21:26:08 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013-01-08 21:26:08 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013-01-08 21:26:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013-01-08 21:26:08 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013-01-08 21:26:08 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013-01-08 21:26:08 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013-01-08 21:26:08 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013-01-08 21:26:08 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013-01-08 21:26:08 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013-01-08 21:26:08 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013-01-08 21:26:07 | 003,966,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013-01-08 21:26:07 | 000,531,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013-01-08 21:26:07 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013-01-08 21:26:07 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013-01-08 21:26:07 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013-01-08 21:26:07 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013-01-08 21:26:07 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013-01-08 21:26:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013-01-08 21:26:07 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013-01-08 21:24:42 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013-01-08 21:24:42 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013-01-08 21:24:42 | 002,434,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013-01-08 21:24:42 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013-01-08 21:24:42 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013-01-08 21:24:42 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013-01-08 21:24:42 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013-01-08 21:24:42 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013-01-08 21:24:42 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013-01-08 21:24:42 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013-01-08 21:24:42 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013-01-08 21:24:42 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013-01-08 21:24:42 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013-01-08 21:24:42 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013-01-08 21:24:42 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013-01-08 21:24:42 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013-01-08 21:24:42 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013-01-08 21:24:42 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013-01-08 21:24:42 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013-01-08 21:24:42 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013-01-08 21:24:42 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013-01-08 21:24:42 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013-01-08 21:24:42 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013-01-08 21:24:42 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013-01-08 21:24:42 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013-01-08 21:24:42 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013-01-08 21:24:42 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013-01-08 21:24:42 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013-01-08 21:24:41 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013-01-08 21:24:41 | 001,643,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013-01-08 21:24:41 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013-01-08 21:24:41 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013-01-08 21:24:41 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013-01-08 21:24:41 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013-01-08 21:24:41 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013-01-08 21:24:41 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013-01-08 21:24:41 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013-01-08 21:24:41 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013-01-08 21:24:41 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013-01-08 21:24:41 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013-01-08 21:24:41 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013-01-06 19:02:48 | 000,000,000 | ---- | M] () -- C:\Windows\146286.dll [2013-01-06 19:02:44 | 000,000,013 | ---- | M] () -- C:\Windows\125213.dll [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-02-01 12:05:23 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013-02-01 12:05:23 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013-02-01 12:05:23 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013-02-01 12:05:23 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013-02-01 12:05:23 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013-02-01 11:57:09 | 000,000,703 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DFX.lnk [2013-01-30 09:43:00 | 000,003,304 | ---- | C] () -- C:\bootsqm.dat [2013-01-22 19:31:18 | 000,000,171 | ---- | C] () -- C:\Windows\SysNative\IPSwitcher.xml [2013-01-20 20:47:10 | 000,113,486 | ---- | C] () -- C:\Windows\SysWow64\NCTWMAProfiles.prx [2013-01-20 13:00:24 | 000,009,051 | -H-- | C] () -- C:\Users\Przemek\Desktop\folder.jpg [2013-01-08 21:26:08 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013-01-08 21:26:08 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013-01-06 19:02:48 | 000,000,000 | ---- | C] () -- C:\Windows\146286.dll [2013-01-06 19:02:44 | 000,000,013 | ---- | C] () -- C:\Windows\125213.dll [2013-01-03 16:30:44 | 000,000,615 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3RVX.lnk [2012-12-24 12:38:43 | 000,454,824 | ---- | C] () -- C:\Windows\UTP.exe [2012-12-22 21:55:32 | 000,035,599 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Perfmon.PerfmonCfg [2012-10-22 15:53:55 | 002,469,760 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe [2012-10-22 15:53:55 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe [2012-10-22 15:53:55 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2012-10-22 15:53:55 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2012-10-22 15:53:55 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2012-10-16 19:14:47 | 000,000,017 | ---- | C] () -- C:\Users\Przemek\AppData\Local\resmon.resmoncfg [2012-10-14 21:16:18 | 000,000,252 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\GPU MeterV2_Settings.ini [2012-09-19 21:42:32 | 000,008,194 | ---- | C] () -- C:\Users\Przemek\AppData\Local\ace9 [2012-08-29 08:50:58 | 000,015,190 | ---- | C] () -- C:\Windows\M2000Twn.ini [2012-08-27 18:59:24 | 001,638,614 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-08-27 16:10:49 | 000,017,408 | ---- | C] () -- C:\Users\Przemek\AppData\Local\WebpageIcons.db [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2010-04-02 23:06:26 | 014,160,384 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2012-09-14 14:23:09 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Ashampoo [2012-12-22 22:43:47 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Babylon [2013-01-08 22:42:38 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\BESTplayer [2012-12-19 16:38:04 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\BlackBean [2012-10-29 22:21:34 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\BlueSprig [2012-10-08 19:01:57 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\COWON [2012-08-28 23:00:36 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\CrystalIdea Software [2013-01-09 23:11:02 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\DAEMON Tools Lite [2012-12-25 19:26:30 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\dll-files.com [2013-01-30 23:12:39 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\DMCache [2012-12-22 18:24:32 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Downloaded Installations [2012-10-16 14:46:53 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Easeware [2012-09-14 20:43:05 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\ekAzek Download [2012-10-07 11:23:54 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\EPSON [2012-11-16 21:45:26 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\EurekaLog [2012-11-04 11:10:54 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\FileOpen [2013-01-29 23:03:05 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\GG [2012-10-31 17:01:31 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\GHISLER [2012-08-31 20:40:33 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Hard Disk Sentinel [2012-12-30 22:51:56 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\HD Tune Pro [2013-01-20 22:37:37 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\HTML Executable [2013-01-30 23:01:28 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\IDM [2012-08-28 22:20:23 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Leadertech [2012-09-14 13:44:32 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Mirillis [2013-01-20 20:51:09 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Mp3 Audio Editor [2012-08-28 20:50:42 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\NapiProjekt [2012-11-04 11:23:08 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Nitro [2013-01-29 21:01:16 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Nitro PDF [2013-01-29 21:23:16 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\ObviousIdea [2012-08-27 19:15:09 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Opera [2012-10-23 13:22:53 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Patcher [2012-12-12 16:52:33 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\SeriousBit [2012-11-27 23:19:48 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\TeamViewer [2012-10-18 21:24:30 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Thinstall [2012-11-24 19:50:11 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\TuneUp Software [2012-11-04 22:14:50 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\TweakNow PowerPack 2012 [2012-08-27 21:33:00 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\URSoft [2013-02-01 11:45:18 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\USBSafelyRemove [2013-01-26 22:51:27 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\uTorrent [2012-09-25 18:39:05 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Wargaming.net [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 178 bytes -> C:\ProgramData\TEMP:1CE11B51 < End of report >