OTL logfile created on: 2013-02-08 16:03:37 - Run 5 OTL by OldTimer - Version 3.2.69.0 Folder = J:\INTERNET DOWNLOAD MANAGER 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 8,00 Gb Total Physical Memory | 5,08 Gb Available Physical Memory | 63,46% Memory free 16,00 Gb Paging File | 12,19 Gb Available in Paging File | 76,21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 124,89 Gb Total Space | 35,96 Gb Free Space | 28,79% Space Free | Partition Type: NTFS Drive D: | 67,03 Gb Total Space | 22,59 Gb Free Space | 33,71% Space Free | Partition Type: NTFS Drive E: | 40,53 Gb Total Space | 30,40 Gb Free Space | 75,01% Space Free | Partition Type: NTFS Drive F: | 15,25 Gb Total Space | 13,13 Gb Free Space | 86,09% Space Free | Partition Type: NTFS Drive G: | 150,07 Gb Total Space | 56,21 Gb Free Space | 37,45% Space Free | Partition Type: NTFS Drive H: | 150,27 Gb Total Space | 10,33 Gb Free Space | 6,87% Space Free | Partition Type: NTFS Drive I: | 123,60 Gb Total Space | 22,46 Gb Free Space | 18,17% Space Free | Partition Type: NTFS Drive J: | 25,06 Gb Total Space | 0,38 Gb Free Space | 1,51% Space Free | Partition Type: NTFS Drive K: | 1,94 Gb Total Space | 1,28 Gb Free Space | 65,64% Space Free | Partition Type: NTFS Drive M: | 41,85 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: GRACE-PC | User Name: Zuza | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-02-08 15:58:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- J:\INTERNET DOWNLOAD MANAGER\OTL.exe PRC - [2013-02-05 00:05:30 | 003,089,320 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe PRC - [2013-02-05 00:05:07 | 003,363,752 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe PRC - [2013-01-31 23:59:33 | 003,565,432 | ---- | M] (Tonec Inc.) -- E:\Program Files (x86)\Internet Download Manager\IDMan.exe PRC - [2013-01-28 15:46:02 | 000,246,272 | ---- | M] (Moonchild Productions) -- C:\Program Files (x86)\pale moon\palemoon.exe PRC - [2012-12-28 20:56:28 | 006,115,432 | ---- | M] (AnVir Software) -- C:\Program Files (x86)\AnVir Task Manager\AnVir.exe PRC - [2012-12-14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-12-14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012-12-14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012-12-12 14:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- E:\Program Files (x86)\Internet Download Manager\IEMonitor.exe PRC - [2012-12-02 10:55:30 | 000,520,032 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe PRC - [2012-12-02 10:55:30 | 000,224,096 | ---- | M] () -- C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe PRC - [2012-11-07 22:37:43 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe PRC - [2012-11-06 15:30:04 | 003,804,568 | ---- | M] (Ashampoo Media GmbH & Co. KG) -- C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe PRC - [2012-11-01 02:34:56 | 000,104,088 | ---- | M] (VMware, Inc.) -- E:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe PRC - [2012-11-01 00:48:42 | 000,079,872 | ---- | M] (VMware, Inc.) -- E:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe PRC - [2011-12-01 17:18:08 | 002,068,112 | ---- | M] (Crystal Rich Ltd) -- E:\Program Files (x86)\Zentimo\Zentimo.exe PRC - [2011-10-14 07:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe PRC - [2011-10-14 07:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe PRC - [2011-10-14 07:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe PRC - [2011-10-10 18:01:16 | 014,558,848 | ---- | M] (Winstep Software Technologies) -- C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe PRC - [2011-05-31 05:59:04 | 005,730,304 | ---- | M] () -- C:\Program Files\MySql\MySqlServer\bin\mysqld-nt.exe PRC - [2011-05-20 10:12:02 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe PRC - [2011-03-14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2011-02-01 18:53:32 | 000,390,720 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2011-02-01 18:52:40 | 005,546,376 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2010-11-16 02:52:28 | 002,536,448 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe PRC - [2010-04-28 02:31:08 | 000,274,432 | ---- | M] (Rob Crombie) -- I:\system UI - tunning (wygląd i dodatki)\klawiatura\CapsLockWarningv2.5 (bez instalacji)\CapsLockWarning.exe PRC - [2009-11-08 23:18:00 | 000,065,216 | ---- | M] (WordWeb Software) -- C:\Program Files (x86)\WordWeb\wweb32.exe PRC - [2009-08-29 07:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Grace II\Local Settings\Apps\F.lux\flux.exe PRC - [2008-06-25 12:04:38 | 000,336,896 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Gateway\EzTune\dthtml.exe PRC - [2008-06-25 12:02:28 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe PRC - [2008-06-21 17:01:32 | 000,090,112 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe PRC - [2000-05-20 17:23:48 | 000,086,016 | ---- | M] () -- C:\Windows\StartupMonitor.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-01-28 15:46:03 | 001,951,744 | ---- | M] () -- C:\Program Files (x86)\pale moon\mozjs.dll MOD - [2013-01-17 17:58:56 | 006,307,952 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\1033\GrooveIntlResource.dll MOD - [2012-12-02 10:55:37 | 000,277,504 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\XFramePlugin.dll MOD - [2012-12-02 10:55:37 | 000,168,960 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\XCodec.dll MOD - [2012-12-02 10:55:37 | 000,120,160 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\Win7Support.dll MOD - [2012-12-02 10:55:36 | 000,818,688 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\SMSUIPlugin.dll MOD - [2012-12-02 10:55:36 | 000,686,080 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\SmsAppPlugin.dll MOD - [2012-12-02 10:55:36 | 000,423,424 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\USSDUIPlugin.dll MOD - [2012-12-02 10:55:36 | 000,319,488 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\StatusBarMgrPlugin.dll MOD - [2012-12-02 10:55:36 | 000,272,384 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\sdk.dll MOD - [2012-12-02 10:55:36 | 000,219,136 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\SmsSrvPlugin.dll MOD - [2012-12-02 10:55:36 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\USSDSrvPlugin.dll MOD - [2012-12-02 10:55:36 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\Trace.dll MOD - [2012-12-02 10:55:36 | 000,131,936 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\ServiceUIPlugin.dll MOD - [2012-12-02 10:55:35 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\QtGui4.dll MOD - [2012-12-02 10:55:35 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\QtNetwork4.dll MOD - [2012-12-02 10:55:35 | 000,398,336 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\QtXml4.dll MOD - [2012-12-02 10:55:34 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\QtCore4.dll MOD - [2012-12-02 10:55:34 | 000,545,280 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\PluginContainer.dll MOD - [2012-12-02 10:55:34 | 000,387,072 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\Proxy.dll MOD - [2012-12-02 10:55:34 | 000,133,632 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\OSDialup.dll MOD - [2012-12-02 10:55:34 | 000,131,584 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\OSNDIS.dll MOD - [2012-12-02 10:55:34 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\plugins\imageformats\qgif4.dll MOD - [2012-12-02 10:55:34 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\plugins\imageformats\qico4.dll MOD - [2012-12-02 10:55:34 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\OSPowerMgr.dll MOD - [2012-12-02 10:55:33 | 001,107,296 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NDISAPI.dll MOD - [2012-12-02 10:55:33 | 000,804,864 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\MiniFramePlugin.dll MOD - [2012-12-02 10:55:33 | 000,524,640 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetInfoUIExPlugin.dll MOD - [2012-12-02 10:55:33 | 000,424,448 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetSettingPlugin.dll MOD - [2012-12-02 10:55:33 | 000,332,640 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetConnectPlugin.dll MOD - [2012-12-02 10:55:33 | 000,313,856 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetInfoRecordUIPlugin.dll MOD - [2012-12-02 10:55:33 | 000,295,936 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetInfoSrvPlugin.dll MOD - [2012-12-02 10:55:33 | 000,271,872 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\MenuMgrPlugin.dll MOD - [2012-12-02 10:55:33 | 000,250,720 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\LiveUpdateInterface.dll MOD - [2012-12-02 10:55:33 | 000,224,256 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetSrvPlugin.dll MOD - [2012-12-02 10:55:33 | 000,178,688 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NDISPlugin.dll MOD - [2012-12-02 10:55:33 | 000,158,720 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NetConnectSrvPlugin.dll MOD - [2012-12-02 10:55:33 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\OSAdapt.dll MOD - [2012-12-02 10:55:33 | 000,097,280 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\NotifyServicePlugin.dll MOD - [2012-12-02 10:55:33 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\mingwm10.dll MOD - [2012-12-02 10:55:32 | 000,501,248 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\DeviceMgrUIPlugin.dll MOD - [2012-12-02 10:55:32 | 000,434,016 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\DialupUIPlugin.dll MOD - [2012-12-02 10:55:32 | 000,421,216 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\core.dll MOD - [2012-12-02 10:55:32 | 000,337,408 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\DeviceAppPlugin.dll MOD - [2012-12-02 10:55:32 | 000,300,544 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\DeviceSrvPlugin.dll MOD - [2012-12-02 10:55:32 | 000,221,696 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\Common.dll MOD - [2012-12-02 10:55:32 | 000,211,968 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\DialUpPlugin.dll MOD - [2012-12-02 10:55:32 | 000,157,184 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\DataServicePlugin.dll MOD - [2012-12-02 10:55:32 | 000,138,240 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\HelpUIPlugin.dll MOD - [2012-12-02 10:55:32 | 000,117,248 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\LayoutPlugin.dll MOD - [2012-12-02 10:55:32 | 000,099,328 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\CompressRatePlugin.dll MOD - [2012-12-02 10:55:32 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\libgcc_s_dw2-1.dll MOD - [2012-12-02 10:55:30 | 001,084,416 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\AddrBookPlugin.dll MOD - [2012-12-02 10:55:30 | 000,796,160 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\AddrBookUIPlugin.dll MOD - [2012-12-02 10:55:30 | 000,520,032 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe MOD - [2012-12-02 10:55:30 | 000,262,656 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\AddrBookSrvPlugin.dll MOD - [2012-12-02 10:55:30 | 000,239,104 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\AtCodec.dll MOD - [2012-12-02 10:55:30 | 000,123,904 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_H\ATR2SMgr.dll MOD - [2012-10-22 16:47:52 | 000,042,904 | ---- | M] () -- C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\MouseHook.dll MOD - [2012-07-17 21:02:20 | 000,970,240 | ---- | M] () -- C:\Users\Grace II\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\qlwb2g12.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll MOD - [2011-03-15 19:03:07 | 000,022,800 | ---- | M] () -- C:\Program Files (x86)\WordWeb\WUCNT.dll MOD - [2009-08-29 07:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Grace II\Local Settings\Apps\F.lux\flux.exe MOD - [2008-06-25 12:02:28 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll MOD - [2008-06-25 12:02:08 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll MOD - [2008-06-21 17:01:32 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\di2c.dll MOD - [2008-06-21 17:00:24 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\vista.dll MOD - [2000-05-20 17:23:48 | 000,086,016 | ---- | M] () -- C:\Windows\StartupMonitor.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-11-08 00:37:39 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV:[b]64bit:[/b] - [2012-09-11 18:13:02 | 001,494,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc) SRV:[b]64bit:[/b] - [2012-04-10 11:17:16 | 000,097,552 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV:[b]64bit:[/b] - [2011-09-27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV:[b]64bit:[/b] - [2011-05-31 05:59:04 | 005,730,304 | ---- | M] () [Auto | Running] -- C:\Program Files\MySql\MySqlServer\bin\mysqld-nt.exe -- (MySql) SRV:[b]64bit:[/b] - [2009-08-18 01:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013-02-08 13:57:15 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-02-05 00:05:30 | 003,089,320 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2013-01-08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-01-05 04:45:32 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-12-14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-12-14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012-12-02 10:55:30 | 000,224,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe -- (Internet Manager. RunOuc) SRV - [2012-11-01 02:35:20 | 000,357,016 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2012-11-01 02:34:52 | 000,435,864 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2012-11-01 01:57:50 | 013,234,176 | ---- | M] () [Auto | Stopped] -- E:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd) SRV - [2012-11-01 00:48:42 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- E:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService) SRV - [2012-10-11 17:15:30 | 000,918,680 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService) SRV - [2012-10-11 17:15:26 | 001,853,584 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater) SRV - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2011-12-01 17:18:08 | 000,559,576 | ---- | M] () [Auto | Running] -- E:\Program Files (x86)\Zentimo\ZentimoService.exe -- (ZentimoService) SRV - [2011-10-14 07:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent) SRV - [2011-10-14 07:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2011-05-20 10:12:02 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2011-03-14 16:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2011-02-01 18:55:24 | 001,112,240 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-12-22 01:08:39 | 000,814,344 | ---- | M] (ABBYY) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.10.0) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-06-25 12:02:28 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC) SRV - [2008-06-21 17:01:32 | 000,090,112 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService) SRV - [2004-06-13 23:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Disabled | Stopped] -- C:\Windows\SysWOW64\brsvc01a.exe -- (Brother XP spl Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-12-14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012-12-02 10:55:38 | 000,212,992 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm) DRV:[b]64bit:[/b] - [2012-12-02 10:55:38 | 000,039,552 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tcpipBM.sys -- (tcpipBM) DRV:[b]64bit:[/b] - [2012-12-02 10:55:38 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV:[b]64bit:[/b] - [2012-12-02 10:55:37 | 000,222,464 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:[b]64bit:[/b] - [2012-12-02 10:55:37 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:[b]64bit:[/b] - [2012-12-02 10:55:37 | 000,098,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV:[b]64bit:[/b] - [2012-12-02 10:55:37 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:[b]64bit:[/b] - [2012-12-02 10:55:37 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV:[b]64bit:[/b] - [2012-12-02 10:55:37 | 000,016,512 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BMLoad.sys -- (BMLoad) DRV:[b]64bit:[/b] - [2012-11-26 16:34:14 | 000,058,360 | ---- | M] (NetFilterSDK.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\networx.sys -- (networx) DRV:[b]64bit:[/b] - [2012-11-22 01:43:14 | 000,165,112 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP) DRV:[b]64bit:[/b] - [2012-11-01 02:34:54 | 000,067,224 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:[b]64bit:[/b] - [2012-11-01 02:34:32 | 000,030,360 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:[b]64bit:[/b] - [2012-11-01 02:34:10 | 000,045,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge) DRV:[b]64bit:[/b] - [2012-11-01 02:34:08 | 000,020,120 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:[b]64bit:[/b] - [2012-11-01 02:34:04 | 000,032,920 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd) DRV:[b]64bit:[/b] - [2012-10-27 17:59:34 | 000,268,896 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BazisPortableCDBus.sys -- (BazisPortableCDBus) DRV:[b]64bit:[/b] - [2012-10-26 13:38:41 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2012-10-24 14:17:14 | 000,070,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock) DRV:[b]64bit:[/b] - [2012-10-24 14:17:10 | 000,085,104 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:[b]64bit:[/b] - [2012-10-11 17:15:32 | 000,052,376 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:[b]64bit:[/b] - [2012-10-11 17:15:06 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb) DRV:[b]64bit:[/b] - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2012-07-19 22:21:19 | 000,047,208 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd) DRV:[b]64bit:[/b] - [2012-07-19 22:21:13 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCapMP) DRV:[b]64bit:[/b] - [2012-07-19 22:21:13 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCap) DRV:[b]64bit:[/b] - [2012-04-10 11:17:14 | 000,164,528 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-12-15 01:46:42 | 000,222,904 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler) DRV:[b]64bit:[/b] - [2011-09-02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2011-09-02 07:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb) DRV:[b]64bit:[/b] - [2011-09-02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2011-09-02 07:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd) DRV:[b]64bit:[/b] - [2011-07-29 12:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:[b]64bit:[/b] - [2011-07-29 12:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:[b]64bit:[/b] - [2011-07-01 13:16:40 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:[b]64bit:[/b] - [2011-06-22 14:10:02 | 000,079,872 | ---- | M] (Nokia) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nokia_usb_modem_cdc_acm.sys -- (nokia_usb_modem_cdc_acm) DRV:[b]64bit:[/b] - [2011-06-22 14:10:02 | 000,058,880 | ---- | M] (Nokia) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nokia_usb_modem_cdc_ecm.sys -- (nokia_usb_modem_cdc_ecm) DRV:[b]64bit:[/b] - [2011-06-22 14:10:02 | 000,056,320 | ---- | M] (Nokia) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nokia_usb_modem_ecm_enum_filter.sys -- (nokia_usb_modem_ecm_enum_filter) DRV:[b]64bit:[/b] - [2011-06-22 14:10:02 | 000,056,320 | ---- | M] (Nokia) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nokia_usb_modem_ecm_enum.sys -- (nokia_usb_modem_ecm_enum) DRV:[b]64bit:[/b] - [2011-06-22 14:10:02 | 000,014,336 | ---- | M] (Nokia) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nokia_usb_modem_cpo.sys -- (nokia_usb_modem_cpo) DRV:[b]64bit:[/b] - [2011-05-20 10:12:04 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp) DRV:[b]64bit:[/b] - [2011-05-20 10:11:58 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273) DRV:[b]64bit:[/b] - [2011-05-20 10:11:56 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:[b]64bit:[/b] - [2011-05-20 09:28:18 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:[b]64bit:[/b] - [2010-11-20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-09-19 05:57:35 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:[b]64bit:[/b] - [2010-09-03 12:26:24 | 000,050,768 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus) DRV:[b]64bit:[/b] - [2010-09-03 12:26:22 | 000,566,864 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM) DRV:[b]64bit:[/b] - [2010-09-01 09:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI) DRV:[b]64bit:[/b] - [2010-07-16 23:06:54 | 000,049,176 | ---- | M] (SafePcTools Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\FLGuard.sys -- (FLGuard) DRV:[b]64bit:[/b] - [2010-07-16 01:56:39 | 000,053,312 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pssdk42.sys -- (PSSDK42) DRV:[b]64bit:[/b] - [2010-07-13 11:57:16 | 000,037,392 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3) DRV:[b]64bit:[/b] - [2010-06-05 11:38:00 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-06-05 10:55:34 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2010-06-05 10:55:34 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-06-05 10:55:34 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) DRV:[b]64bit:[/b] - [2010-01-27 03:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf) DRV:[b]64bit:[/b] - [2009-11-17 08:16:44 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT) DRV:[b]64bit:[/b] - [2009-08-18 02:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-18 23:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GearAspiWDM) DRV:[b]64bit:[/b] - [2008-06-21 17:01:42 | 000,020,520 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PdiPorts.sys -- (PdiPorts) DRV - [2012-06-20 00:17:01 | 000,066,320 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc) DRV - [2012-06-20 00:16:58 | 000,044,688 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver) DRV - [2011-07-29 12:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2011-07-29 12:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2011-05-19 13:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA) DRV - [2010-07-01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | Unavailable | Unknown] -- E:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2010-05-05 08:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:[b]64bit:[/b] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-392863465-1235368472-401103835-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = J:\INTERNET EXPLORER IE - HKU\S-1-5-21-392863465-1235368472-401103835-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-392863465-1235368472-401103835-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-392863465-1235368472-401103835-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-392863465-1235368472-401103835-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=55555 IE - HKU\S-1-5-21-392863465-1235368472-401103835-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_pl IE - HKU\S-1-5-21-392863465-1235368472-401103835-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = J:\INTERNET EXPLORER IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://answers.microsoft.com/pl-pl [binary data] IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.microsoft.com/testdrive IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\SearchScopes\{22E0AB3E-DA43-405F-B964-9159F2023811}: "URL" = http://www.allegro.pl/search.php?sg=0&string={searchTerms} IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_pl IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\SearchScopes\{81EB2E02-646F-4732-9F7C-342F096F8CF1}: "URL" = http://megaslownik.pl/slownik.php?phrase={searchTerms}&lang=en IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\SearchScopes\{85D773B7-C7A7-48F3-99CF-291191455DA7}: "URL" = http://pl.wikipedia.org/w/index.php?title=Specjalna:Szukaj&search={searchTerms} IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\SearchScopes\{8828C890-8E27-4540-94E0-F767F38618F6}: "URL" = http://wss.pl/Search/All/1.aspx?q={searchTerms} IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\SearchScopes\{8C6AD3F0-57FA-487E-A8F9-CFC1ADB82D7B}: "URL" = http://search.daum.net/cgi-bin/nsp/search.cgi?w=tot&nil_ch=MSKR&q={searchTerms} IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\SearchScopes\{A93B983A-1119-462A-98EE-9DF7FC3074BC}: "URL" = http://megaslownik.pl/slownik.php?phrase={searchTerms}&lang=de IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\SearchScopes\{B5BFE6A4-170A-4D61-A1A5-4434F8277989}: "URL" = http://audioteka.pl/None,None,None,None,,1,12,UserOpinion,DESC,szukaj.html?szukaj={searchTerms} IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\SearchScopes\{C595101B-BD07-45C3-9688-BAF833E9A93F}: "URL" = http://www.pf.pl/serwis/{searchTerms}--V1_YP.html IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\SearchScopes\{F53146F3-1ADD-4BB8-ADAF-747DD8A4F153}: "URL" = http://szukaj.gazeta.pl/portalSearch.do?s.si(navigation).navigationEnabled=true&s.sm.query={searchTerms} IE - HKU\S-1-5-21-392863465-1235368472-401103835-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.) FF - HKLM\Software\MozillaPlugins\@rayv.com/rayvplugin: C:\Program Files (x86)\RayV\RayV\plugins\nprayvplugin.dll (RayV) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\@stickypassword.com/Sticky Password: E:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.) FF - HKCU\Software\MozillaPlugins\en.pixelplan.pl/PIXELPLANWebViewer: C:\Users\Zuza\AppData\Roaming\Pixelplan\Pixelplan O4C Viewer Web\1.2.7\npPIXELPLANWebViewer.dll (Pixelplan S.C.) FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files (x86)\VDownloader\Addons\npVDownloader.dll (Vitzo) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010-06-05 17:01:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wcapturex@deskperience.com: C:\Program Files (x86)\WordWeb\WCaptureMoz [2011-05-26 08:25:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@vdownloader.com: C:\Program Files (x86)\VDownloader\Addons\FireFox [2012-03-04 23:35:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}: C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012-09-15 18:00:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-11 14:04:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-06-24 11:04:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2010-06-11 20:31:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Sunbird\plugins [2011-05-09 21:10:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 15.0\extensions\\Components: C:\Program Files (x86)\Pale Moon\components [2013-01-28 15:46:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 15.0\extensions\\Plugins: C:\Program Files (x86)\Pale Moon\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 15.4.1\extensions\\Components: C:\program files (x86)\pale moon\components [2013-01-28 15:46:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 15.4.1\extensions\\Plugins: C:\program files (x86)\pale moon\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\CaptureSaver@goldgingko.com: E:\Program Files (x86)\CaptureSaver\Firefox [2011-05-20 07:44:07 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{54affe52-8223-453b-be1e-2fe2e250045c}: C:\Users\Zuza\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2012-05-10 04:21:44 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Zuza\AppData\Roaming\IDM\idmmzcc5 [2013-02-01 00:05:15 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Zuza\AppData\Roaming\IDM\idmmzcc5 [2013-02-01 00:05:15 | 000,000,000 | ---D | M] [2010-06-24 23:01:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\Extensions [2010-06-24 23:01:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28} [2012-08-14 01:16:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\Firefox\Profiles\n513ljd6.default\extensions [2010-06-05 16:52:29 | 000,000,000 | ---D | M] (Organize Status Bar) -- C:\Users\Zuza\AppData\Roaming\mozilla\Firefox\Profiles\n513ljd6.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2c} [2011-11-26 22:35:15 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Zuza\AppData\Roaming\mozilla\Firefox\Profiles\n513ljd6.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2012-04-18 10:59:08 | 000,000,000 | ---D | M] (KeyScrambler) -- C:\Users\Zuza\AppData\Roaming\mozilla\Firefox\Profiles\n513ljd6.default\extensions\keyscrambler@qfx.software.corporation [2012-08-10 05:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\Firefox\Profiles\n513ljd6.default\extensions\staged [2012-08-14 01:16:34 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Zuza\AppData\Roaming\mozilla\Firefox\Profiles\n513ljd6.default\extensions\support@lastpass.com [2010-06-24 23:01:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\Sunbird\Profiles\c24p9e1s.default\extensions [2011-10-14 23:24:44 | 000,246,802 | ---- | M] () (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\firefox\profiles\n513ljd6.default\extensions\lazarus@interclue.com.xpi [2011-11-26 21:08:29 | 000,236,088 | ---- | M] () (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\firefox\profiles\n513ljd6.default\extensions\optimizegoogle@optimizegoogle.com.xpi [2011-10-14 23:23:16 | 000,084,346 | ---- | M] () (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\firefox\profiles\n513ljd6.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}.xpi [2011-11-26 21:11:05 | 000,258,330 | ---- | M] () (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\firefox\profiles\n513ljd6.default\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi [2011-10-14 23:25:14 | 000,206,933 | ---- | M] () (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\firefox\profiles\n513ljd6.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2012-02-04 06:49:43 | 000,520,337 | ---- | M] () (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\firefox\profiles\n513ljd6.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-08-10 05:30:29 | 000,011,801 | ---- | M] () (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\firefox\profiles\n513ljd6.default\extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}.xpi [2011-11-26 21:08:32 | 001,071,854 | ---- | M] () (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\firefox\profiles\n513ljd6.default\extensions\{cf47767d-5f3a-4e32-9fce-5d79565c9702}.xpi [2011-10-14 23:25:29 | 000,627,675 | ---- | M] () (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\firefox\profiles\n513ljd6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-14 23:24:54 | 000,013,152 | ---- | M] () (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\firefox\profiles\n513ljd6.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2012-03-16 18:47:38 | 000,011,801 | ---- | M] () (No name found) -- C:\Users\Zuza\AppData\Roaming\mozilla\firefox\profiles\n513ljd6.default\extensions\staged\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}.xpi [2010-07-24 22:48:58 | 000,000,358 | ---- | M] () -- C:\Users\Zuza\AppData\Roaming\mozilla\firefox\profiles\n513ljd6.default\searchplugins\winamp-search.xml [2013-01-11 14:04:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-03-04 23:35:20 | 000,000,000 | ---D | M] (VDownloader) -- C:\PROGRAM FILES (X86)\VDOWNLOADER\ADDONS\FIREFOX [2011-05-20 07:44:07 | 000,000,000 | ---D | M] (CaptureSaver) -- E:\PROGRAM FILES (X86)\CAPTURESAVER\FIREFOX [2013-01-05 04:45:48 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010-10-26 11:24:03 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2013-01-05 04:45:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013-01-05 04:45:12 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll CHR - plugin: NPLastPass (Enabled) = C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.1_0\nplastpass.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Foxit PhantomPDF Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.50.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll CHR - plugin: RayV Plugin (Enabled) = C:\Program Files (x86)\RayV\RayV\plugins\nprayvplugin.dll CHR - plugin: VDownloader (Enabled) = C:\Program Files (x86)\VDownloader\Addons\npVDownloader.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll CHR - plugin: Sticky Password (Enabled) = E:\Program Files (x86)\Sticky Password\npspAutofill.dll CHR - Extension: Logitech Flow Scroll = C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi\4.0.33_0\ CHR - Extension: LastPass = C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.1_0\ CHR - Extension: IDM Integration = C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.12.25.1_0\ CHR - Extension: IDM Integration = C:\Users\Zuza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.14.4_0\ O1 HOSTS File: ([2010-11-03 14:51:39 | 000,855,597 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) O2:[b]64bit:[/b] - BHO: (FLockObj Class) - {26C3165B-FC58-4910-802D-250B2E68A04E} - C:\Program Files (x86)\GiliSoft\Privacy Protector\FileLockPlugin64.dll () O2:[b]64bit:[/b] - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation) O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll () O2:[b]64bit:[/b] - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2:[b]64bit:[/b] - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.) O2:[b]64bit:[/b] - BHO: (no name) - AutorunsDisabled - No CLSID value found. O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (IGMONObj Class) - {02464DDC-3187-11D8-8004-0020ED227566} - C:\Program Files (x86)\iGetter\Integration\IGMON.dll (Presenta Ltd.) O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation) O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll () O2 - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.) O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found. O2 - BHO: (no name) - Disabled:{9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found. O2 - BHO: (no name) - Disabled:{C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - No CLSID value found. O2 - BHO: (no name) - Disabled:{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - No CLSID value found. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll () O3:[b]64bit:[/b] - HKLM\..\Toolbar: (&NetWorx Desk Band) - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Program Files\NetWorx\deskband.dll (SoftPerfect Research) O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O3 - HKLM\..\Toolbar: (CaptureSaver) - {5148AB7D-8868-4490-B6DA-F98368488582} - E:\Program Files (x86)\CaptureSaver\CaptureSaverIE.dll (www.capturesaver.com) O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll () O3 - HKLM\..\Toolbar: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found. O3:[b]64bit:[/b] - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:[b]64bit:[/b] - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:[b]64bit:[/b] - HKU\S-1-5-21-392863465-1235368472-401103835-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:[b]64bit:[/b] - HKU\S-1-5-21-392863465-1235368472-401103835-1001\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll () O3 - HKU\S-1-5-21-392863465-1235368472-401103835-1001\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll () O3:[b]64bit:[/b] - HKU\S-1-5-21-392863465-1235368472-401103835-1001\..\Toolbar\WebBrowser: (&NetWorx Desk Band) - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Program Files\NetWorx\deskband.dll (SoftPerfect Research) O3:[b]64bit:[/b] - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\Toolbar\ShellBrowser: (&NetWorx Desk Band) - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Program Files\NetWorx\deskband.dll (SoftPerfect Research) O3:[b]64bit:[/b] - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:[b]64bit:[/b] - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll () O3 - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll () O3:[b]64bit:[/b] - HKU\S-1-5-21-392863465-1235368472-401103835-1004\..\Toolbar\WebBrowser: (&NetWorx Desk Band) - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Program Files\NetWorx\deskband.dll (SoftPerfect Research) O4:[b]64bit:[/b] - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4:[b]64bit:[/b] - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe (Logitech, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [NetWorx] C:\Program Files\NetWorx\networx.exe (SoftPerfect Research) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Zentimo xStorage Manager] E:\Program Files (x86)\Zentimo\Zentimo.exe (Crystal Rich Ltd) O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [DT GWY] C:\PROGRAM FILES (X86)\COMMON FILES\PORTRAIT DISPLAYS\Shared\DT_STARTUP.EXE () O4 - HKLM..\Run: [Run StartupMonitor] C:\Windows\StartupMonitor.exe () O4 - HKLM..\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [vmware-tray.exe] E:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.) O4 - HKLM..\Run: [WordWeb] C:\Program Files (x86)\WordWeb\wweb32.exe (WordWeb Software) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-392863465-1235368472-401103835-1001..\Run: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe (Ashampoo Media GmbH & Co. KG) O4 - HKU\S-1-5-21-392863465-1235368472-401103835-1001..\Run: [F.lux] C:\Users\Zuza\Local Settings\Apps\F.lux\flux.exe () O4 - HKU\S-1-5-21-392863465-1235368472-401103835-1001..\Run: [IDMan] E:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKU\S-1-5-21-392863465-1235368472-401103835-1001..\Run: [Mobile Partner] C:/Program Files (x86)/T-Mobile/InternetManager_H/Internet Manager.exe () O4 - HKU\S-1-5-21-392863465-1235368472-401103835-1001..\Run: [Nexus] File not found O4 - HKU\S-1-5-21-392863465-1235368472-401103835-1001..\Run: [Nexus-Ultimate] C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe (Winstep Software Technologies) O4 - HKU\S-1-5-21-392863465-1235368472-401103835-1001..\Run: [ZortamMp3MediaStudio] E:\Program Files (x86)\Zortam Mp3 Media Studio\zmmspro.exe (Zortam) O4 - HKU\S-1-5-21-392863465-1235368472-401103835-1004..\Run: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe (Ashampoo Media GmbH & Co. KG) O4 - HKU\S-1-5-21-392863465-1235368472-401103835-1004..\Run: [F.lux] C:\Users\Grace II\Local Settings\Apps\F.lux\flux.exe () O4 - HKU\S-1-5-21-392863465-1235368472-401103835-1004..\Run: [NeXuS-Ultimate] C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe (Winstep Software Technologies) O4 - HKU\S-1-5-21-392863465-1235368472-401103835-1004..\Run: [SystemExplorerAutoStart] "I:\system - działanie OS i programów\narzędzia diagnostyczne i informacyjne\SystemExplorer\SystemExplorerPortable_391 x64\SystemExplorer.exe" /TRAY File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Grace\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System\Startup\Install LastPass FF RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) O4 - Startup: C:\Users\Grace\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System\Startup\Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) O4 - Startup: C:\Users\Zuza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System\Startup\Disabled [2010-10-27 10:35:17 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\Zuza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System\Startup\SystemExplorerDisabled [2012-09-11 12:54:04 | 000,000,000 | -H-D | M] O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\S-1-5-21-392863465-1235368472-401103835-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecycleFiles = 1 O8:[b]64bit:[/b] - Extra context menu item: &Winamp Search - Reg Error: Value error. File not found O8:[b]64bit:[/b] - Extra context menu item: Add to CaptureSaver - E:\Program Files (x86)\CaptureSaver\\AddFromIE.htm () O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8:[b]64bit:[/b] - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O8:[b]64bit:[/b] - Extra context menu item: LastPass - file://C:\Users\Zuza\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found O8:[b]64bit:[/b] - Extra context menu item: LastPass Fill Forms - file://C:\Users\Zuza\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O8:[b]64bit:[/b] - Extra context menu item: Ściągnij przez IDM - E:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8:[b]64bit:[/b] - Extra context menu item: Ściągnij wszystkie linki przez IDM - E:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8:[b]64bit:[/b] - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found O8:[b]64bit:[/b] - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: &Winamp Search - Reg Error: Value error. File not found O8 - Extra context menu item: Add to CaptureSaver - E:\Program Files (x86)\CaptureSaver\\AddFromIE.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O8 - Extra context menu item: LastPass - file://C:\Users\Zuza\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Zuza\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Ściągnij przez IDM - E:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - E:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar64.dll File not found O9:[b]64bit:[/b] - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar64.dll File not found O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation) O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - E:\Program Files (x86)\VideoGet\Plugins\VideoGet_IE_x64.dll () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - E:\Program Files (x86)\VideoGet\Plugins\VideoGet_IE_x64.dll () O9 - Extra 'Tools' menuitem : Ustawienia wtyczki &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra Button: CaptureSaver - {3BD9DD3E-F9B6-45b9-9ED3-5E1980C2686F} - E:\Program Files (x86)\CaptureSaver\CaptureSaverIE.dll (www.capturesaver.com) O9 - Extra 'Tools' menuitem : CaptureSaver - {3BD9DD3E-F9B6-45b9-9ED3-5E1980C2686F} - Reg Error: Value error. File not found O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll File not found O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll File not found O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - E:\Program Files (x86)\VideoGet\Plugins\VideoGet_IE.dll () O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - E:\Program Files (x86)\VideoGet\Plugins\VideoGet_IE.dll () O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-392863465-1235368472-401103835-1001\..Trusted Ranges: Range1979 ([http] in Trusted sites) O16:[b]64bit:[/b] - DPF: {615A1925-0E5B-4767-A65E-3165AEAC32A3} http://quickscan.bitdefender.com/qsax/qsax64.cab (BitDefender QuickScan Control) O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{238B023F-7C97-4374-8D0B-2FCC579F4953}: NameServer = 8.26.56.26,156.154.70.22 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{407B0DE1-397D-4C57-9451-21C497BCB937}: NameServer = 8.26.56.26,156.154.70.22 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{595A939A-4E2D-42C9-BF1F-C6029534BFBC}: NameServer = 193.41.112.14 193.41.112.18 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2011898-1A6D-4443-AD3D-ACB761D3F894}: NameServer = 193.41.112.14 193.41.112.18 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB0224C0-2C8A-4EFE-898C-BEE014CFE847}: NameServer = 193.41.112.14 193.41.112.18 O18:[b]64bit:[/b] - Protocol\Handler\AutorunsDisabled - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\AutorunsDisabled\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll File not found O18:[b]64bit:[/b] - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll () O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found O18 - Protocol\Handler\AutorunsDisabled\ms-help - No CLSID value found O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll () O18:[b]64bit:[/b] - Protocol\Filter\AutorunsDisabled - No CLSID value found O18 - Protocol\Filter\AutorunsDisabled - No CLSID value found O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKU\.DEFAULT Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-18 Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-19 Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-20 Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-392863465-1235368472-401103835-1001 Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-392863465-1235368472-401103835-1004 Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\AutorunsDisabled: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O27:[b]64bit:[/b] - HKLM IFEO\taskmgr.exe: Debugger - I:\system - działanie OS i programów\narzędzia diagnostyczne i informacyjne\SystemExplorer\SystemExplorerPortable x64\SystemExplorer.exe (Mister Group) O27 - HKLM IFEO\taskmgr.exe: Debugger - I:\system - działanie OS i programów\narzędzia diagnostyczne i informacyjne\SystemExplorer\SystemExplorerPortable x64\SystemExplorer.exe (Mister Group) O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () - M:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2009-09-25 03:46:52 | 000,000,045 | R--- | M] () - M:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{02d10939-8a87-11df-b528-001e101f7f74}\Shell - "" = AutoRun O33 - MountPoints2\{1227ccd6-94f1-11df-bb87-001e101f79c9}\Shell - "" = AutoRun O33 - MountPoints2\{17db1ad5-ca69-11e1-930d-001966d302f4}\Shell - "" = AutoRun O33 - MountPoints2\{17db1ad5-ca69-11e1-930d-001966d302f4}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () O33 - MountPoints2\{b5b83c01-7094-11df-9ea2-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{e572c9d0-3c64-11e2-a3d5-ec4409e34433}\Shell - "" = AutoRun O33 - MountPoints2\{e572c9d0-3c64-11e2-a3d5-ec4409e34433}\Shell\AutoRun\command - "" = M:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-02-05 11:07:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013-02-05 11:07:12 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013-02-04 13:49:55 | 000,000,000 | ---D | C] -- C:\results [2013-02-03 16:23:49 | 000,000,000 | ---D | C] -- C:\Users\Zuza\AppData\Roaming\VMware [2013-02-03 14:42:04 | 000,000,000 | ---D | C] -- G:\{GRACE na D}\Moje dokumenty\Virtual Machines [2013-02-03 13:29:19 | 000,000,000 | ---D | C] -- G:\{GRACE na D}\Pulpit\Nowy folder (5) [2013-02-03 11:11:44 | 000,067,224 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vsocklib.dll [2013-02-03 11:11:44 | 000,063,128 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vsocklib.dll [2013-02-03 11:11:43 | 000,070,296 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vsock.sys [2013-02-03 11:11:39 | 000,067,224 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys [2013-02-03 11:11:38 | 000,032,920 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\VMkbd.sys [2013-02-03 11:11:13 | 000,357,016 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe [2013-02-03 11:11:09 | 000,435,864 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe [2013-02-03 11:11:08 | 000,030,360 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys [2013-02-03 11:11:03 | 000,933,528 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll [2013-02-03 11:10:59 | 000,052,376 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys [2013-02-03 11:10:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware [2013-02-03 11:10:24 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware [2013-02-03 11:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware [2013-02-03 11:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware [2013-02-02 09:39:48 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe [2013-02-02 09:10:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio [2013-02-01 00:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM [2013-01-30 15:09:44 | 000,000,000 | ---D | C] -- G:\{GRACE na D}\Pulpit\COrganizerLite [2013-01-29 13:03:10 | 000,165,112 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys [2013-01-28 15:45:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pale moon [2013-01-25 23:39:53 | 000,000,000 | ---D | C] -- C:\Users\Zuza\AppData\Local\arw [2013-01-24 14:08:42 | 000,000,000 | ---D | C] -- C:\ProgramData\flipbuilder [2013-01-17 22:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2013-01-17 19:45:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive [2013-01-17 19:45:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive [2013-01-17 14:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013-01-17 13:02:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15 [2013-01-16 01:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Portable [2013-01-14 22:15:34 | 000,000,000 | ---D | C] -- C:\Users\Zuza\AppData\Roaming\Foxit Reader [2013-01-11 22:57:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2013-01-09 16:44:30 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013-01-09 16:44:28 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013-01-09 16:44:28 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013-01-09 16:44:28 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013-01-09 16:44:28 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013-01-09 16:44:28 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013-01-09 16:44:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013-01-09 16:44:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013-01-09 16:44:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013-01-09 16:44:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013-01-09 16:44:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013-01-09 16:44:25 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013-01-09 16:44:25 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013-01-09 16:44:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 16:44:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 16:44:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 16:44:24 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013-01-09 16:44:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 16:44:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 16:44:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 16:44:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 16:44:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 16:44:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 16:44:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 16:44:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013-01-09 16:44:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013-01-09 16:44:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 16:44:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 16:44:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 16:44:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 16:44:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 16:44:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 16:44:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 16:44:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 16:44:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 16:44:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 16:44:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 16:44:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 16:44:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 16:44:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 16:44:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 16:44:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 16:44:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013-01-09 16:44:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013-01-09 16:44:22 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 16:44:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 16:44:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013-01-09 16:44:21 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013-01-09 16:44:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 16:44:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013-01-09 16:44:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013-01-09 16:44:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 16:44:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013-01-09 16:44:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013-01-09 16:44:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013-01-09 16:43:48 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013-01-09 16:43:48 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013-01-09 16:43:48 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013-01-09 16:43:47 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013-01-09 16:43:47 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013-01-09 16:43:47 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013-01-09 16:43:47 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013-01-09 16:43:47 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013-01-09 16:43:47 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013-01-09 16:43:47 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013-01-09 16:43:47 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013-01-09 16:43:47 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013-01-09 16:43:47 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013-01-09 16:43:47 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013-01-09 16:43:47 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013-01-09 16:43:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013-01-09 16:43:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013-01-09 16:43:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013-01-09 16:43:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013-01-09 16:43:47 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013-01-09 16:43:47 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013-01-09 16:43:46 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013-01-09 16:43:46 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013-01-09 16:43:46 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013-01-09 16:43:45 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013-01-09 16:43:45 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013-01-09 16:43:45 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013-01-09 16:43:45 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013-01-09 16:43:45 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013-01-09 16:43:45 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013-01-09 16:43:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013-01-09 16:43:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013-01-09 16:43:21 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013-01-09 16:43:21 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013-01-09 16:43:05 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013-01-09 16:43:03 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013-01-09 16:43:02 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2012-11-12 02:44:25 | 000,486,184 | ---- | C] (Bitsum Technologies) -- C:\Users\Zuza\AppData\Roaming\ProcessLassopl_rsrc_temp.dll [2012-08-14 01:16:32 | 014,690,376 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-02-08 16:06:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-392863465-1235368472-401103835-1004UA.job [2013-02-08 16:05:14 | 000,015,385 | ---- | M] () -- C:\Windows\FileGuard.bin [2013-02-08 15:54:33 | 000,022,592 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-02-08 15:54:33 | 000,022,592 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-02-08 15:51:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-02-08 15:42:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-02-08 14:36:12 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-02-08 14:35:38 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2013-02-08 14:35:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-02-08 14:35:15 | 2146,934,783 | -HS- | M] () -- C:\hiberfil.sys [2013-02-08 14:20:24 | 001,733,612 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-02-08 14:20:24 | 000,769,300 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-02-08 14:20:24 | 000,666,804 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-02-08 14:20:24 | 000,165,980 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-02-08 14:20:24 | 000,131,714 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-02-08 13:57:15 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-02-08 13:57:15 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-02-08 13:13:06 | 000,000,699 | ---- | M] () -- G:\{GRACE na D}\Pulpit\Grochola.Katarzyna-Podanie.o.milosc.lnk [2013-02-08 13:06:00 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-392863465-1235368472-401103835-1004Core.job [2013-02-06 21:05:08 | 000,000,984 | ---- | M] () -- G:\{GRACE na D}\Pulpit\MassWatermark.lnk [2013-02-06 19:00:31 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys [2013-02-03 11:10:46 | 000,001,024 | ---- | M] () -- C:\Windows\SysWow64\%TMP% [2013-02-03 11:10:42 | 001,751,044 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013-02-03 11:10:42 | 000,001,857 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk [2013-02-02 09:39:08 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe [2013-01-22 19:59:05 | 000,000,129 | ---- | M] () -- G:\{GRACE na D}\Pulpit\vika6 - Microsoft Community.URL [2013-01-21 15:54:19 | 000,000,604 | ---- | M] () -- G:\{GRACE na D}\Pulpit\PYTANIE DO WINSTEP.rtf [2013-01-18 12:07:19 | 000,479,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-01-17 04:08:02 | 000,000,898 | ---- | M] () -- C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 5.6.5 .lnk [2013-01-16 00:26:49 | 000,000,834 | ---- | M] () -- G:\{GRACE na D}\Pulpit\Full Uninstall.lnk [2013-01-15 15:45:04 | 000,000,048 | ---- | M] () -- G:\{GRACE na D}\Pulpit\jdtech.pl - Blog technologiczny - Sklep.URL [2013-01-15 11:11:30 | 000,000,093 | ---- | M] () -- G:\{GRACE na D}\Pulpit\Foxit PhantomPDF.URL [2013-01-14 02:33:08 | 000,000,170 | ---- | M] () -- G:\{GRACE na D}\Pulpit\MS Word jako program domyślny - niemożność ustawienia - Microsoft Community.url [2013-01-11 19:26:53 | 000,003,190 | ---- | M] () -- C:\Windows\Sandboxie.ini [2013-01-10 05:03:18 | 000,486,184 | ---- | M] (Bitsum Technologies) -- C:\Users\Zuza\AppData\Roaming\ProcessLassopl_rsrc_temp.dll [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-02-08 13:13:07 | 000,000,699 | ---- | C] () -- G:\{GRACE na D}\Pulpit\Grochola.Katarzyna-Podanie.o.milosc.lnk [2013-02-08 03:35:28 | 2146,934,783 | -HS- | C] () -- C:\hiberfil.sys [2013-02-06 21:05:08 | 000,000,984 | ---- | C] () -- G:\{GRACE na D}\Pulpit\MassWatermark.lnk [2013-02-03 11:10:46 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\%TMP% [2013-02-03 11:10:42 | 000,001,857 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk [2013-01-22 19:59:05 | 000,000,129 | ---- | C] () -- G:\{GRACE na D}\Pulpit\vika6 - Microsoft Community.URL [2013-01-21 15:54:19 | 000,000,604 | ---- | C] () -- G:\{GRACE na D}\Pulpit\PYTANIE DO WINSTEP.rtf [2013-01-17 04:08:02 | 000,000,898 | ---- | C] () -- C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 5.6.5 .lnk [2013-01-16 00:26:49 | 000,000,834 | ---- | C] () -- G:\{GRACE na D}\Pulpit\Full Uninstall.lnk [2013-01-15 15:45:04 | 000,000,048 | ---- | C] () -- G:\{GRACE na D}\Pulpit\jdtech.pl - Blog technologiczny - Sklep.URL [2013-01-15 11:11:30 | 000,000,093 | ---- | C] () -- G:\{GRACE na D}\Pulpit\Foxit PhantomPDF.URL [2013-01-14 02:33:08 | 000,000,170 | ---- | C] () -- G:\{GRACE na D}\Pulpit\MS Word jako program domyślny - niemożność ustawienia - Microsoft Community.url [2012-12-22 06:20:17 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll [2012-12-22 06:20:17 | 000,157,696 | ---- | C] () -- C:\Windows\SysWow64\OggEnc.exe [2012-12-22 06:20:17 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\Lame.exe [2012-12-22 06:20:17 | 000,076,800 | ---- | C] () -- C:\Windows\SysWow64\Faac.exe [2012-12-19 02:43:41 | 000,161,397 | ---- | C] () -- C:\Windows\Animated Wallpaper Maker Uninstaller.exe [2012-11-28 13:02:35 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\Mp3Ctrl.dll [2012-09-15 07:03:51 | 002,469,760 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe [2012-09-15 07:03:51 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2012-09-15 07:03:50 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe [2012-09-15 07:03:50 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2012-09-15 07:03:50 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2012-09-04 02:05:45 | 000,162,019 | ---- | C] () -- C:\Windows\DP Animation Maker Uninstaller.exe [2012-05-24 18:13:07 | 000,000,007 | ---- | C] () -- C:\Windows\grabber4.dat [2012-05-08 06:02:20 | 000,003,190 | ---- | C] () -- C:\Windows\Sandboxie.ini [2012-04-21 07:18:35 | 000,000,183 | ---- | C] () -- C:\Users\Zuza\SecurityKISSTunnel.config [2012-01-21 02:30:29 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe [2012-01-12 08:53:17 | 000,000,123 | ---- | C] () -- C:\Windows\SysWow64\EPMConfig.ini [2011-12-13 21:41:12 | 000,000,104 | -HS- | C] () -- C:\Users\Zuza\AppData\Local\00000021 [2011-09-30 10:46:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-06-25 04:28:00 | 000,000,212 | ---- | C] () -- C:\Windows\aXmag.INI [2011-05-26 10:51:31 | 000,714,526 | ---- | C] () -- C:\Windows\unins002.exe [2011-05-26 10:51:31 | 000,120,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll [2011-05-26 10:51:31 | 000,001,989 | ---- | C] () -- C:\Windows\unins002.dat [2011-04-19 10:53:06 | 000,000,022 | -HS- | C] () -- C:\Users\Zuza\AppData\Roaming\Sys6925.Config Collection.sys [2011-04-19 10:53:06 | 000,000,022 | -HS- | C] () -- C:\Windows\Sys3390 SettingsCollection.bin [2011-03-28 00:48:16 | 000,000,022 | ---- | C] () -- C:\Windows\cmm.dat [2011-03-22 21:02:44 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\utvideo.dll [2011-03-22 21:02:44 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\utv_vcm.dll [2010-09-17 14:19:21 | 000,000,993 | ---- | C] () -- C:\Users\Zuza\.rainlendar2 — 7z.lnk [2010-08-20 19:40:32 | 000,001,715 | ---- | C] () -- C:\Program Files\chrome.exe — skrót.lnk [2010-08-08 10:30:31 | 000,007,623 | ---- | C] () -- C:\Users\Zuza\AppData\Local\Resmon.ResmonCfg [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2012-11-11 22:40:06 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\EurekaLog [2011-04-01 02:32:47 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Spearit [2012-11-11 22:40:06 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\EurekaLog [2011-04-01 02:32:47 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Spearit [2011-04-30 19:38:04 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\ChomikBox [2011-04-30 19:38:04 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Mediaparts Interactive [2011-04-30 19:38:09 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\Opera [2011-04-30 19:38:09 | 000,000,000 | ---D | M] -- C:\Users\Grace\AppData\Roaming\streamripper [2012-09-29 16:44:32 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\4shared Desktop [2010-11-03 07:19:50 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Acronis [2010-10-29 01:24:41 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Apetito.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012-08-29 09:34:23 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Apowersoft [2012-12-05 04:02:36 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\ArcticLine [2010-10-08 21:55:59 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Ashampoo [2012-11-11 19:45:48 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Audacity [2012-12-08 13:59:12 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Auslogics [2012-12-10 19:08:16 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\BANDISOFT [2012-05-26 10:18:11 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Beenokle [2011-12-18 07:43:11 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\BitSpirit [2011-04-21 23:51:15 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Broad Intelligence [2011-12-21 00:28:36 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\CaptureSaver [2011-05-26 08:21:14 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\CBS Interactive [2013-01-09 03:44:44 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\ChemTable Software [2012-02-12 07:14:29 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Clipdiary [2013-01-09 02:20:35 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2011-07-24 03:55:12 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\com.focusboosterapp.focusbooster.8E5F79C899747AD22E21DB62AA496926DA6BBC64.1 [2012-10-26 13:45:53 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\DAEMON Tools Pro [2012-05-24 19:56:31 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Digiarty [2010-09-16 03:45:30 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\DisplayTune [2013-02-07 01:20:13 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\DMCache [2013-01-14 23:17:20 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Dropbox [2012-12-21 03:34:27 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Easy Macro Recorder [2012-06-18 04:18:56 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Enplase [2011-12-10 04:02:06 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\FaceOffMax [2012-01-29 07:32:21 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\FireShot [2013-01-19 03:07:48 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Foxit Reader [2013-01-26 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Foxit Software [2010-09-16 03:26:03 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Gili Privacy Protector [2011-04-21 15:45:07 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\GPSoftware [2010-09-21 15:07:08 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\GrabPro [2012-09-18 03:03:30 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Hornil [2013-02-05 14:55:07 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\IDM [2011-04-26 18:42:32 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\iGetter [2012-01-12 07:50:22 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\IrfanView [2011-04-04 03:45:58 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\JLC's Software [2011-05-26 12:37:59 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\KeePass [2011-05-30 07:36:56 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Laconic Software [2010-10-20 14:13:52 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Lamantine [2010-09-22 23:15:25 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Likno Software [2012-08-07 12:07:08 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\LogoMaker [2012-12-18 23:24:22 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\M8 Software [2011-03-28 16:11:48 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Marine Aquarium 3 [2012-03-04 14:37:30 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Maxthon3 [2011-03-28 02:59:53 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Mirillis [2012-05-24 19:09:03 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Moonchild Productions [2012-11-11 13:52:21 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Mp3tag [2012-08-15 10:45:16 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\NapiProjekt [2011-12-06 20:01:17 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\NeoDownloader [2012-08-11 10:53:09 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Nuclear Coffee [2012-05-25 04:06:36 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Opera [2011-12-14 05:31:07 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\org.bcdef.antenna.43FD862ECBF25EB623FC234EF1704635B78E3AB6.1 [2012-06-27 02:45:03 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\PApps [2012-09-13 00:32:53 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Pixelplan [2012-06-27 03:01:53 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Presentation Assistant [2011-07-16 01:31:57 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Process Hacker 2 [2013-01-14 22:27:50 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\ProcessLasso [2011-07-24 07:48:51 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Productivity Scientific GTD Timer [2010-09-16 04:21:23 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\ProgSense [2011-12-21 00:35:49 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\QFX Software [2010-09-17 04:20:13 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\RayV [2013-01-04 04:04:45 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\RetouchPilot [2012-02-13 08:45:50 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Softplicity [2013-02-06 22:26:52 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\SolSuite [2011-04-01 02:32:47 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Spearit [2012-04-18 18:15:17 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\SpringPublisher [2011-06-19 05:45:31 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\SuperUtils.com [2010-09-16 11:33:48 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Tabbles [2011-05-20 11:07:48 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Tapur [2010-09-19 07:53:28 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\TechSmith [2012-12-05 03:53:12 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Thinstall [2011-12-17 01:59:40 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Tool4You.net [2013-01-17 14:29:34 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\TransEngPol4 [2010-10-15 18:00:50 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\TreeCardGames [2010-09-17 05:14:57 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\TrueCrypt [2012-12-17 17:59:21 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\uTorrent [2011-03-28 04:01:45 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\VDownloader [2011-04-28 06:46:37 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\visualsearchpony.com [2010-10-26 22:40:53 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\WinPatrol [2012-10-26 14:04:31 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\WSPWNOUP2007 [2012-12-25 13:53:45 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\XBMC [2013-02-06 19:39:53 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\XYplorer [2012-08-12 13:21:40 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\YCanPDF [2012-12-20 09:59:11 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Zentimo [2011-04-28 09:29:20 | 000,000,000 | ---D | M] -- C:\Users\Grace II\AppData\Roaming\Zoner [2011-04-01 02:32:47 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\AppData\Roaming\Spearit [2010-08-20 03:14:06 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\4shared Desktop [2011-05-20 10:12:04 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\6A70DD01-E45A-4713-99A5-A23684A0CCE6 [2010-11-09 18:57:21 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Acronis [2012-12-05 04:01:28 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\ArcticLine [2013-01-14 22:46:26 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Ashampoo [2010-06-24 22:58:48 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Audacity [2012-12-08 11:10:03 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Auslogics [2011-05-11 02:29:43 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\BANDISOFT [2012-11-12 02:19:05 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\BitSpirit [2011-05-20 07:44:08 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\CaptureSaver [2011-05-26 07:48:45 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\CBS Interactive [2012-06-13 05:54:06 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\ChemTable Software [2012-02-25 22:48:07 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\ChomikBox [2011-07-24 03:52:56 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\com.focusboosterapp.focusbooster.8E5F79C899747AD22E21DB62AA496926DA6BBC64.1 [2012-10-27 15:22:51 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\DAEMON Tools Pro [2012-03-04 22:18:54 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\DAZ 3D [2012-05-24 19:14:50 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Digiarty [2010-06-05 15:25:29 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\DisplayTune [2013-01-27 13:17:54 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\DMCache [2012-08-03 11:44:42 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Dropbox [2012-05-05 06:54:23 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Easy Macro Recorder [2010-08-23 05:43:36 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Enplase [2013-01-14 22:15:34 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Foxit Reader [2012-11-08 16:52:14 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Foxit Software [2011-05-23 07:30:23 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\FreshDiagnose [2012-06-12 20:46:32 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Geek Uninstaller [2010-07-19 08:59:31 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Gili Privacy Protector [2010-11-04 03:15:32 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\GPSoftware [2010-08-09 23:55:59 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\GrabPro [2012-11-08 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\IDM [2011-03-28 03:15:54 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\IrfanView [2010-08-24 03:16:14 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\JLC's Software [2011-03-28 19:48:55 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\KeePass [2011-05-30 07:01:24 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Laconic Software [2012-05-10 04:21:44 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Lamantine [2012-09-15 17:54:46 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Leadertech [2012-08-05 17:05:17 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\LockHunter [2010-08-31 00:44:51 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\LogoMaker [2012-09-04 03:31:23 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\M8 Software [2011-12-19 23:49:56 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Maxthon3 [2010-06-24 23:07:43 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Mirillis [2012-11-08 16:21:04 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\mojosoft [2012-05-24 18:26:48 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Moonchild Productions [2012-08-15 10:26:24 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\NapiProjekt [2011-12-06 07:38:51 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\NeoDownloader [2012-08-10 05:30:36 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Nuclear Coffee [2012-09-13 00:22:01 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Pixelplan [2013-01-27 13:12:42 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\ProcessLasso [2011-07-24 07:45:39 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Productivity Scientific GTD Timer [2010-08-12 23:25:24 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\ProgSense [2011-12-03 03:06:17 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\QFX Software [2011-12-03 03:37:41 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\QuickScan [2010-08-24 07:25:46 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\RayV [2012-02-13 08:42:49 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Softplicity [2011-04-01 02:32:47 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Spearit [2010-06-24 23:15:22 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\streamripper [2012-05-08 05:44:34 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\T-Mobile [2011-05-26 10:51:51 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Tapur [2011-04-15 22:29:36 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Thinstall [2012-10-25 10:31:56 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\TransEngPol4 [2010-09-19 05:57:40 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\TrueCrypt [2012-01-21 02:31:09 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\VDownloader [2011-04-21 06:04:42 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\visualsearchpony.com [2012-11-12 01:55:14 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\WinPatrol [2011-04-17 02:47:53 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\WordWeb [2012-09-11 13:29:10 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\XBMC [2011-12-14 02:55:25 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Zentimo [2012-07-24 23:56:49 | 000,000,000 | ---D | M] -- C:\Users\Zuza\AppData\Roaming\Zoner [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 188 bytes -> C:\ProgramData\TEMP:F8B88761 @Alternate Data Stream - 162 bytes -> C:\ProgramData\TEMP:112AEA99 @Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:9341E0C6 @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:010ADD2C @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34 @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:B797EE03 < End of report >