OTL logfile created on: 2014-01-24 11:19:24 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\AnnaR\Desktop\Nowy folder Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16476) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 47,70% Memory free 6,49 Gb Paging File | 4,47 Gb Available in Paging File | 68,85% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 203,64 Gb Total Space | 92,51 Gb Free Space | 45,43% Space Free | Partition Type: NTFS Drive D: | 262,12 Gb Total Space | 128,02 Gb Free Space | 48,84% Space Free | Partition Type: NTFS Unable to calculate disk information. Drive F: | 195,31 Gb Total Space | 64,15 Gb Free Space | 32,84% Space Free | Partition Type: NTFS Drive G: | 292,97 Gb Total Space | 141,34 Gb Free Space | 48,24% Space Free | Partition Type: NTFS Drive H: | 195,31 Gb Total Space | 14,91 Gb Free Space | 7,63% Space Free | Partition Type: NTFS Drive I: | 247,91 Gb Total Space | 90,85 Gb Free Space | 36,65% Space Free | Partition Type: NTFS Drive N: | 7,34 Gb Total Space | 7,34 Gb Free Space | 99,97% Space Free | Partition Type: FAT32 Computer Name: 40-K-ANNAR | User Name: AnnaR | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-01-23 09:25:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\AnnaR\Desktop\Nowy folder\OTL.exe PRC - [2014-01-23 09:25:34 | 001,222,144 | ---- | M] (Farbar) -- C:\Users\AnnaR\Desktop\Nowy folder\FRST.exe PRC - [2013-12-21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013-12-20 12:20:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013-12-19 12:13:16 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Users\AnnaR\AppData\Roaming\Spotify\spotify.exe PRC - [2013-12-19 12:13:14 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\AnnaR\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe PRC - [2013-12-19 12:13:14 | 000,603,648 | ---- | M] () -- C:\Users\AnnaR\AppData\Roaming\Spotify\Data\SpotifyHelper.exe PRC - [2013-04-21 20:43:52 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe PRC - [2013-04-05 11:59:08 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe PRC - [2013-04-05 11:58:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe PRC - [2012-12-12 08:20:19 | 005,979,648 | ---- | M] ( ) -- C:\Program Files\ChomikBox\chomikbox.exe PRC - [2012-11-23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2012-08-09 16:14:08 | 002,300,064 | ---- | M] () -- C:\Program Files\Audioteka.pl\Audioteka.exe PRC - [2012-03-21 15:48:58 | 004,881,544 | ---- | M] (Almeza Company) -- C:\Users\AnnaR\Documents\Almeza\LeaderCommand\LeaderCommand.exe PRC - [2011-11-17 01:36:22 | 001,231,472 | ---- | M] (ACD Systems) -- C:\Program Files\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe PRC - [2011-11-10 04:11:50 | 000,417,792 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011-11-10 04:11:20 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2011-10-25 18:55:30 | 000,388,184 | ---- | M] () -- C:\Windows\svohost.exe PRC - [2011-07-27 16:41:32 | 001,738,184 | ---- | M] (UltraVNC) -- C:\Program Files\RemoteControl\winvnc.exe PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-11-20 15:58:08 | 001,894,912 | ---- | M] (Steamcore.se) -- C:\Screamer Radio\screamer.exe PRC - [2010-11-04 17:15:50 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2010-11-04 17:15:32 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2010-05-21 13:28:36 | 002,071,064 | ---- | M] (Intel Corporation) -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe PRC - [2010-05-21 13:28:34 | 000,796,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe PRC - [2010-05-21 13:28:30 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\AMT\LMS.exe PRC - [2010-05-12 07:10:56 | 000,151,552 | ---- | M] (ComArch S.A.) -- C:\Program Files\Comarch\ComarchSmartCard\CardServer.exe PRC - [2010-03-10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009-04-21 14:27:30 | 000,101,376 | ---- | M] () -- C:\Program Files\QPrinter Bookmaker\qprintmon.exe PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-12-20 12:20:18 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013-12-19 12:13:15 | 036,967,424 | ---- | M] () -- C:\Users\AnnaR\AppData\Roaming\Spotify\Data\libcef.dll MOD - [2013-12-19 12:13:14 | 000,887,808 | ---- | M] () -- C:\Users\AnnaR\AppData\Roaming\Spotify\Data\libglesv2.dll MOD - [2013-12-19 12:13:14 | 000,603,648 | ---- | M] () -- C:\Users\AnnaR\AppData\Roaming\Spotify\Data\SpotifyHelper.exe MOD - [2013-12-19 12:13:14 | 000,109,568 | ---- | M] () -- C:\Users\AnnaR\AppData\Roaming\Spotify\Data\libegl.dll MOD - [2013-10-11 06:09:03 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\c94852f43f7ac59fcbe4c54b119788d2\System.ServiceModel.Web.ni.dll MOD - [2013-10-11 06:08:22 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll MOD - [2013-10-11 05:19:14 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll MOD - [2013-10-11 05:18:53 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll MOD - [2013-10-11 05:18:39 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll MOD - [2013-10-11 05:18:28 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll MOD - [2013-10-11 05:18:23 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll MOD - [2013-09-11 13:35:32 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll MOD - [2013-09-11 13:35:07 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll MOD - [2013-08-20 09:11:46 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\03dc83fbe48384390aed7a455e949789\WindowsFormsIntegration.ni.dll MOD - [2013-08-20 09:09:33 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll MOD - [2013-08-20 06:37:42 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll MOD - [2013-08-20 06:37:13 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll MOD - [2013-08-20 06:37:06 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll MOD - [2013-07-12 07:37:51 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll MOD - [2013-07-12 07:36:57 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\8f4a3d09bd38a742ccfe4a20a126fff5\UIAutomationProvider.ni.dll MOD - [2013-07-12 07:36:16 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll MOD - [2012-08-09 16:14:08 | 002,300,064 | ---- | M] () -- C:\Program Files\Audioteka.pl\Audioteka.exe MOD - [2012-08-09 16:14:00 | 000,094,368 | ---- | M] () -- C:\Program Files\Audioteka.pl\K2.Audioteka.Desktop.UIPL.dll MOD - [2012-08-09 16:13:58 | 000,093,856 | ---- | M] () -- C:\Program Files\Audioteka.pl\K2.Audioteka.Desktop.BLL.dll MOD - [2012-08-09 16:13:56 | 000,096,928 | ---- | M] () -- C:\Program Files\Audioteka.pl\K2.Audioteka.Desktop.Common.dll MOD - [2012-08-09 16:13:44 | 000,012,448 | ---- | M] () -- C:\Program Files\Audioteka.pl\K2.Core.Desktop.dll MOD - [2012-03-21 15:49:02 | 000,071,816 | ---- | M] () -- C:\Users\AnnaR\Documents\Almeza\LeaderCommand\lt_plugins.dll MOD - [2012-03-21 15:49:00 | 000,518,280 | ---- | M] () -- C:\Users\AnnaR\Documents\Almeza\LeaderCommand\basedbalm.dll MOD - [2012-02-22 15:25:06 | 000,025,088 | ---- | M] () -- C:\Program Files\ChomikBox\tsplugins\integration\chomikbox_win7.tsp MOD - [2012-02-20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012-02-20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011-12-02 13:15:16 | 000,126,976 | ---- | M] () -- C:\Program Files\ChomikBox\libgstcontroller-0.10.dll MOD - [2011-12-02 13:15:16 | 000,098,304 | ---- | M] () -- C:\Program Files\ChomikBox\libgstpbutils-0.10.dll MOD - [2011-12-02 13:15:16 | 000,053,760 | ---- | M] () -- C:\Program Files\ChomikBox\libgstinterfaces-0.10.dll MOD - [2011-12-02 13:15:14 | 001,520,128 | ---- | M] () -- C:\Program Files\ChomikBox\libvorbisenc-2.dll MOD - [2011-12-02 13:15:14 | 000,718,336 | ---- | M] () -- C:\Program Files\ChomikBox\libgnutls-26.dll MOD - [2011-12-02 13:15:14 | 000,699,392 | ---- | M] () -- C:\Program Files\ChomikBox\libgstreamer-0.10.dll MOD - [2011-12-02 13:15:14 | 000,604,160 | ---- | M] () -- C:\Program Files\ChomikBox\libgcrypt-11.dll MOD - [2011-12-02 13:15:14 | 000,331,264 | ---- | M] () -- C:\Program Files\ChomikBox\libFLAC-8.dll MOD - [2011-12-02 13:15:14 | 000,162,304 | ---- | M] () -- C:\Program Files\ChomikBox\libvorbis-0.dll MOD - [2011-12-02 13:15:14 | 000,133,120 | ---- | M] () -- C:\Program Files\ChomikBox\libgsttag-0.10.dll MOD - [2011-12-02 13:15:14 | 000,111,104 | ---- | M] () -- C:\Program Files\ChomikBox\avutil-lgpl-50.dll MOD - [2011-12-02 13:15:14 | 000,109,568 | ---- | M] () -- C:\Program Files\ChomikBox\libgstaudio-0.10.dll MOD - [2011-12-02 13:15:14 | 000,070,656 | ---- | M] () -- C:\Program Files\ChomikBox\libgstrtp-0.10.dll MOD - [2011-12-02 13:15:14 | 000,067,584 | ---- | M] () -- C:\Program Files\ChomikBox\libbz2.dll MOD - [2011-12-02 13:15:14 | 000,039,936 | ---- | M] () -- C:\Program Files\ChomikBox\libgstapp-0.10.dll MOD - [2011-12-02 13:15:14 | 000,035,328 | ---- | M] () -- C:\Program Files\ChomikBox\libgpg-error-0.dll MOD - [2011-12-02 13:15:14 | 000,023,552 | ---- | M] () -- C:\Program Files\ChomikBox\libogg-0.dll MOD - [2011-12-02 13:15:06 | 000,228,864 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstdirectsound.dll MOD - [2011-12-02 13:15:06 | 000,212,992 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstcoreelements.dll MOD - [2011-12-02 13:15:06 | 000,197,632 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstplaybin.dll MOD - [2011-12-02 13:15:06 | 000,180,736 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstffmpeg-lgpl.dll MOD - [2011-12-02 13:15:06 | 000,151,040 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstmpegdemux.dll MOD - [2011-12-02 13:15:06 | 000,149,504 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstqtdemux.dll MOD - [2011-12-02 13:15:06 | 000,132,608 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstogg.dll MOD - [2011-12-02 13:15:06 | 000,114,688 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstqtmux.dll MOD - [2011-12-02 13:15:06 | 000,095,232 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstasf.dll MOD - [2011-12-02 13:15:06 | 000,086,016 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstdecodebin2.dll MOD - [2011-12-02 13:15:06 | 000,078,336 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstaudioconvert.dll MOD - [2011-12-02 13:15:06 | 000,077,312 | ---- | M] () -- C:\Program Files\ChomikBox\libtasn1-3.dll MOD - [2011-12-02 13:15:06 | 000,069,120 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstflac.dll MOD - [2011-12-02 13:15:06 | 000,064,000 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstasfmux.dll MOD - [2011-12-02 13:15:06 | 000,061,952 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgsttypefindfunctions.dll MOD - [2011-12-02 13:15:06 | 000,059,904 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstmpegstream.dll MOD - [2011-12-02 13:15:06 | 000,053,760 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstvorbis.dll MOD - [2011-12-02 13:15:06 | 000,052,224 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstaudioresample.dll MOD - [2011-12-02 13:15:06 | 000,050,688 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstwavpack.dll MOD - [2011-12-02 13:15:06 | 000,047,616 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstmpegaudioparse.dll MOD - [2011-12-02 13:15:06 | 000,042,496 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstwavparse.dll MOD - [2011-12-02 13:15:06 | 000,039,424 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstmpegtsmux.dll MOD - [2011-12-02 13:15:06 | 000,038,400 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstaiff.dll MOD - [2011-12-02 13:15:06 | 000,035,840 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstrawparse.dll MOD - [2011-12-02 13:15:06 | 000,035,840 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstinterleave.dll MOD - [2011-12-02 13:15:06 | 000,035,328 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstreplaygain.dll MOD - [2011-12-02 13:15:06 | 000,034,304 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstvolume.dll MOD - [2011-12-02 13:15:06 | 000,032,768 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstdecodebin.dll MOD - [2011-12-02 13:15:06 | 000,032,256 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstid3demux.dll MOD - [2011-12-02 13:15:06 | 000,030,208 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstreal.dll MOD - [2011-12-02 13:15:06 | 000,030,208 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstmpegpsmux.dll MOD - [2011-12-02 13:15:06 | 000,029,184 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstautodetect.dll MOD - [2011-12-02 13:15:06 | 000,026,624 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstequalizer.dll MOD - [2011-12-02 13:15:06 | 000,023,552 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstneonhttpsrc.dll MOD - [2011-12-02 13:15:06 | 000,022,528 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstcdxaparse.dll MOD - [2011-12-02 13:15:06 | 000,022,016 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgsttta.dll MOD - [2011-12-02 13:15:06 | 000,020,480 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstaudiorate.dll MOD - [2011-12-02 13:15:06 | 000,019,968 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstwasapi.dll MOD - [2011-12-02 13:15:06 | 000,019,456 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstlevel.dll MOD - [2011-12-02 13:15:06 | 000,018,944 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstauparse.dll MOD - [2011-12-02 13:15:06 | 000,018,944 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstalaw.dll MOD - [2011-12-02 13:15:06 | 000,017,920 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstspeed.dll MOD - [2011-12-02 13:15:06 | 000,015,872 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstwaveformsink.dll MOD - [2011-12-02 13:15:06 | 000,015,872 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgsticydemux.dll MOD - [2011-12-02 13:15:06 | 000,015,360 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstwaveenc.dll MOD - [2011-12-02 13:15:06 | 000,015,360 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstapetag.dll MOD - [2011-12-02 13:15:06 | 000,014,336 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstnetsim.dll MOD - [2011-12-02 13:15:06 | 000,013,824 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstacmmp3dec.dll MOD - [2011-12-02 13:15:06 | 000,012,288 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgststereo.dll MOD - [2011-12-02 13:15:06 | 000,011,776 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstcoreindexers.dll MOD - [2011-12-02 13:15:06 | 000,008,192 | ---- | M] () -- C:\Program Files\ChomikBox\gplugins\libgstapp.dll MOD - [2011-12-02 13:14:40 | 000,881,664 | ---- | M] () -- C:\Program Files\ChomikBox\avformat-lgpl-52.dll MOD - [2011-12-02 13:14:40 | 000,167,424 | ---- | M] () -- C:\Program Files\ChomikBox\libexpat-1.dll MOD - [2011-12-02 13:14:40 | 000,085,504 | ---- | M] () -- C:\Program Files\ChomikBox\z.dll MOD - [2011-12-02 13:14:32 | 005,038,592 | ---- | M] () -- C:\Program Files\ChomikBox\avcodec-lgpl-52.dll MOD - [2011-12-02 13:14:32 | 001,396,736 | ---- | M] () -- C:\Program Files\ChomikBox\libxml2-2.dll MOD - [2011-12-02 13:14:32 | 000,563,712 | ---- | M] () -- C:\Program Files\ChomikBox\liborc-0.4-0.dll MOD - [2011-12-02 13:14:32 | 000,253,440 | ---- | M] () -- C:\Program Files\ChomikBox\libgstbase-0.10.dll MOD - [2011-12-02 13:14:32 | 000,196,608 | ---- | M] () -- C:\Program Files\ChomikBox\libwavpack-1.dll MOD - [2011-12-02 13:14:32 | 000,125,952 | ---- | M] () -- C:\Program Files\ChomikBox\libneon-27.dll MOD - [2011-12-02 13:14:32 | 000,070,144 | ---- | M] () -- C:\Program Files\ChomikBox\libgstrtsp-0.10.dll MOD - [2011-12-02 13:14:32 | 000,041,984 | ---- | M] () -- C:\Program Files\ChomikBox\libgstriff-0.10.dll MOD - [2011-12-02 13:14:32 | 000,038,912 | ---- | M] () -- C:\Program Files\ChomikBox\libgstvideo-0.10.dll MOD - [2011-12-02 13:14:32 | 000,025,088 | ---- | M] () -- C:\Program Files\ChomikBox\libgstsdp-0.10.dll MOD - [2011-12-02 13:14:32 | 000,018,944 | ---- | M] () -- C:\Program Files\ChomikBox\avcore-lgpl-0.dll MOD - [2011-11-09 22:10:38 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011-07-29 13:59:46 | 002,293,248 | ---- | M] () -- C:\Program Files\ChomikBox\QtCore4.dll MOD - [2011-04-12 06:08:19 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_pl_31bf3856ad364e35\PresentationFramework.resources.dll MOD - [2011-04-12 06:08:14 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pl_b77a5c561934e089\System.resources.dll MOD - [2011-03-30 09:49:10 | 000,028,672 | ---- | M] () -- C:\Program Files\ChomikBox\imageformats\qico4.dll MOD - [2011-03-30 09:49:02 | 000,284,672 | ---- | M] () -- C:\Program Files\ChomikBox\imageformats\qtiff4.dll MOD - [2011-03-30 09:48:38 | 000,220,672 | ---- | M] () -- C:\Program Files\ChomikBox\imageformats\qmng4.dll MOD - [2011-03-30 09:48:22 | 000,026,624 | ---- | M] () -- C:\Program Files\ChomikBox\imageformats\qgif4.dll MOD - [2011-03-30 09:48:14 | 000,196,608 | ---- | M] () -- C:\Program Files\ChomikBox\imageformats\qjpeg4.dll MOD - [2011-03-30 06:16:34 | 008,173,568 | ---- | M] () -- C:\Program Files\ChomikBox\QtGui4.dll MOD - [2011-03-30 05:59:26 | 000,971,776 | ---- | M] () -- C:\Program Files\ChomikBox\QtNetwork4.dll MOD - [2011-03-30 05:57:58 | 000,339,968 | ---- | M] () -- C:\Program Files\ChomikBox\QtXml4.dll MOD - [2010-11-13 03:39:52 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_pl_b03f5f7f11d50a3a\System.Drawing.resources.dll MOD - [2010-11-13 02:57:57 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_pl_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2010-11-13 02:57:46 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2009-04-21 14:27:30 | 000,101,376 | ---- | M] () -- C:\Program Files\QPrinter Bookmaker\qprintmon.exe MOD - [2009-03-20 16:15:30 | 010,403,328 | ---- | M] () -- C:\Program Files\QPrinter Bookmaker\QtGui4.dll MOD - [2009-03-20 16:15:30 | 002,123,776 | ---- | M] () -- C:\Program Files\QPrinter Bookmaker\QtNetwork4.dll MOD - [2009-03-20 16:15:30 | 000,411,136 | ---- | M] () -- C:\Program Files\QPrinter Bookmaker\QtSvg4.dll MOD - [2009-03-20 16:15:28 | 002,653,696 | ---- | M] () -- C:\Program Files\QPrinter Bookmaker\QtCore4.dll MOD - [2009-03-20 16:15:26 | 000,159,744 | ---- | M] () -- C:\Program Files\QPrinter Bookmaker\imageformats\qjpeg4.dll MOD - [2009-03-20 16:15:26 | 000,041,472 | ---- | M] () -- C:\Program Files\QPrinter Bookmaker\imageformats\qgif4.dll MOD - [2009-03-20 16:15:26 | 000,032,256 | ---- | M] () -- C:\Program Files\QPrinter Bookmaker\imageformats\qsvg4.dll MOD - [2007-12-27 17:23:34 | 000,015,964 | ---- | M] () -- C:\Program Files\QPrinter Bookmaker\mingwm10.dll MOD - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013-12-21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013-12-20 12:20:19 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-12-11 09:51:14 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-11-26 09:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService) SRV - [2013-05-27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012-01-18 11:20:05 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011-11-10 04:11:20 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011-10-25 18:55:30 | 000,388,184 | ---- | M] () [Auto | Running] -- C:\Windows\svohost.exe -- (svohost) SRV - [2011-07-27 16:41:32 | 001,738,184 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files\RemoteControl\winvnc.exe -- (uvnc_service) SRV - [2011-07-07 11:04:14 | 000,074,328 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\rmc.exe -- (RmcSvc) SRV - [2010-11-04 17:18:10 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-11-04 17:15:50 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2010-05-21 13:28:36 | 002,071,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe -- (UNS) SRV - [2010-05-21 13:28:30 | 000,174,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\AMT\LMS.exe -- (LMS) SRV - [2010-05-12 07:10:56 | 000,151,552 | ---- | M] (ComArch S.A.) [Auto | Running] -- C:\Program Files\Comarch\ComarchSmartCard\CardServer.exe -- (ComarchCardServer) SRV - [2010-03-10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Temp\kwrcruoc.sys -- (kwrcruoc) DRV - [2012-03-28 11:33:04 | 000,096,640 | ---- | M] (Gemalto) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GemCCID.sys -- (GemCCID) DRV - [2011-11-10 04:44:12 | 008,913,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011-11-10 03:12:20 | 000,263,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011-11-02 20:57:28 | 000,002,822 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\PCScan\biflak.sys -- (BIFLAK) DRV - [2010-11-20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc) DRV - [2010-11-20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD) DRV - [2010-11-20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-10-01 02:07:44 | 000,052,096 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10) DRV - [2010-09-03 06:13:46 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2010-07-29 12:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw) DRV - [2010-07-29 12:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-07-29 12:31:26 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp) DRV - [2010-07-29 12:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2009-07-13 23:02:52 | 000,164,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1k6032.sys -- (e1kexpress) DRV - [2009-06-23 14:28:12 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = ${SEARCH_URL}{searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2448764365-1740472431-915354426-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/?aff=7&uid=4b08393e-7050-11e2-859f-00219b807518 IE - HKU\S-1-5-21-2448764365-1740472431-915354426-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-2448764365-1740472431-915354426-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKU\S-1-5-21-2448764365-1740472431-915354426-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://searchab.com/?aff=7&uid=4b08393e-7050-11e2-859f-00219b807518&q={searchTerms} IE - HKU\S-1-5-21-2448764365-1740472431-915354426-1000\..\SearchScopes\{1238E4C4-C915-4AD1-8D2A-D1714BCA2F14}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=98FEC050-06BC-4392-9E81-A33A225719FB&apn_sauid=AC80A584-103A-400A-BF04-457A1ACC4266 IE - HKU\S-1-5-21-2448764365-1740472431-915354426-1000\..\SearchScopes\{6D7E0EBF-5CFE-4AAE-89CB-9B8E2F01583B}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110823&tt=120912_nocpc_3812_8&babsrc=SP_ss&mntrId=965b916400000000000000219b807518 IE - HKU\S-1-5-21-2448764365-1740472431-915354426-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2448764365-1740472431-915354426-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: SignPlugin%40pekao.pl:1.3.0.84 FF - prefs.js..extensions.enabledAddons: SignPlugin%40Raiffeisen.com:1.3.0.36 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@audioteka.pl/Audioteka.pl,version=1.0.0.1: C:\Program Files\Audioteka.pl\Plugins\npaudiotekadesktop.dll (Audioteka.pl) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\AnnaR\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-08-20 09:49:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-01-18 13:47:54 | 000,000,000 | ---D | M] [2012-01-24 16:29:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AnnaR\AppData\Roaming\mozilla\Extensions [2013-09-27 07:26:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AnnaR\AppData\Roaming\mozilla\Firefox\Profiles\i3jv147z.default-1378361078525\extensions [2013-09-05 08:20:26 | 000,000,000 | ---D | M] (PEKAO S.A. Sign Plugin) -- C:\Users\AnnaR\AppData\Roaming\mozilla\Firefox\Profiles\i3jv147z.default-1378361078525\extensions\SignPlugin@pekao.pl [2013-09-05 10:06:39 | 000,000,000 | ---D | M] (Raiffeisen SignPlugin) -- C:\Users\AnnaR\AppData\Roaming\mozilla\Firefox\Profiles\i3jv147z.default-1378361078525\extensions\SignPlugin@Raiffeisen.com [2013-05-27 07:18:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-09-19 12:27:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-05-27 07:18:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013-12-20 12:20:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012-09-19 13:06:34 | 000,002,362 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://search.babylon.com/?affID=110823&tt=120912_nocpc_3812_8&babsrc=HP_ss&mntrId=965b916400000000000000219b807518 CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://search.babylon.com/?affID=110823&tt=120912_nocpc_3812_8&babsrc=HP_ss&mntrId=965b916400000000000000219b807518 CHR - Extension: SweetIM for Facebook = C:\Users\AnnaR\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\ CHR - Extension: SweetPacks Chrome Extension = C:\Users\AnnaR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.0.0.1_0\ CHR - Extension: SweetIM for Facebook = C:\Users\AnnaR\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\ CHR - Extension: SweetPacks Chrome Extension = C:\Users\AnnaR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.0.0.1_0\ O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [ACSW14EN] C:\Program Files\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe (ACD Systems) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Audioteka] C:\Program Files\Audioteka.pl\Audioteka.exe () O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [picon] C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe () O4 - HKLM..\Run: [PrivitizeVPN] C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe (OOO Industry) O4 - HKLM..\Run: [QPrinter 2.0 monitor] C:\Program Files\QPrinter Bookmaker\qprintmon.exe () O4 - HKLM..\Run: [RunAudit] C:\PCScan\RunAudit.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-2448764365-1740472431-915354426-1000..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) O4 - HKU\S-1-5-21-2448764365-1740472431-915354426-1000..\Run: [ChomikBox] C:\Program Files\ChomikBox\chomikbox.exe ( ) O4 - HKU\S-1-5-21-2448764365-1740472431-915354426-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) O4 - HKU\S-1-5-21-2448764365-1740472431-915354426-1000..\Run: [LeaderTask Company Management] C:\Users\AnnaR\Documents\Almeza\LeaderCommand\LeaderCommand.exe (Almeza Company) O4 - HKU\S-1-5-21-2448764365-1740472431-915354426-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-2448764365-1740472431-915354426-1000..\Run: [Spotify] C:\Users\AnnaR\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-21-2448764365-1740472431-915354426-1000..\Run: [Spotify Web Helper] C:\Users\AnnaR\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\AnnaR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Baza.bat () O4 - Startup: C:\Users\AnnaR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Screamer.lnk = C:\Screamer Radio\screamer.exe (Steamcore.se) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.51.2) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.51.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 62.233.233.233 87.204.204.204 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2C759C5-1555-4D30-8EBF-FE950D238126}: DhcpNameServer = 192.168.1.1 62.233.233.233 87.204.204.204 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{a8218be8-1e92-11e3-b9bd-00219b807518}\Shell - "" = AutoRun O33 - MountPoints2\{a8218be8-1e92-11e3-b9bd-00219b807518}\Shell\AutoRun\command - "" = N:\USB_test.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-01-24 11:15:33 | 000,000,000 | ---D | C] -- C:\FRST [2014-01-24 10:42:33 | 000,000,000 | ---D | C] -- C:\Users\AnnaR\Desktop\Nowy folder [2014-01-21 08:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle [2014-01-21 08:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2014-01-21 08:32:27 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2014-01-21 08:32:23 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2014-01-21 08:32:23 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2014-01-21 08:32:23 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2014-01-21 08:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit [2014-01-21 08:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [2014-01-17 06:52:04 | 000,000,000 | ---D | C] -- C:\Users\AnnaR\Desktop\reklamacje dom do załatwienia [2014-01-15 06:49:14 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2014-01-15 06:49:13 | 000,240,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys [2014-01-15 06:49:12 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2014-01-15 06:49:12 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys [2014-01-13 16:10:38 | 000,000,000 | ---D | C] -- C:\Users\AnnaR\Desktop\Glasmark 2014 [2014-01-13 09:51:25 | 000,000,000 | ---D | C] -- C:\Users\AnnaR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup [2014-01-13 09:51:23 | 000,000,000 | ---D | C] -- C:\Users\AnnaR\AppData\Local\Programs [2014-01-09 15:07:53 | 000,000,000 | ---D | C] -- C:\Users\AnnaR\AppData\Roaming\Asseco Business Solutions [2014-01-08 15:32:55 | 000,000,000 | ---D | C] -- C:\Users\AnnaR\Podcasts [2014-01-08 15:32:55 | 000,000,000 | ---D | C] -- C:\Users\AnnaR\Documents\Media Go [2014-01-08 15:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2014-01-08 15:31:42 | 000,000,000 | ---D | C] -- C:\Users\AnnaR\AppData\Local\Sony [2014-01-08 15:31:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared [2014-01-08 15:24:02 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2014-01-08 15:22:26 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Media Go Install [2014-01-08 15:22:26 | 000,000,000 | ---D | C] -- C:\Users\AnnaR\AppData\Roaming\Sony [2014-01-08 15:22:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WALKMAN Guide [2014-01-08 15:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation [2014-01-08 15:19:28 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2014-01-07 12:53:57 | 000,000,000 | ---D | C] -- C:\Users\AnnaR\Desktop\FOTO DOM [2014-01-06 20:23:36 | 004,558,848 | ---- | C] (Google Inc.) -- C:\Windows\System32\GPhotos.scr [2014-01-03 09:30:19 | 000,000,000 | ---D | C] -- C:\Users\AnnaR\Desktop\Thermomix przepisy [2013-12-26 13:06:34 | 000,000,000 | ---D | C] -- C:\Users\AnnaR\Desktop\inspiracje grudzień 2013 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-01-24 11:19:56 | 000,021,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-01-24 11:19:56 | 000,021,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-01-24 11:00:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-01-24 10:51:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-01-24 10:44:02 | 000,697,896 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2014-01-24 10:44:02 | 000,616,032 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014-01-24 10:44:02 | 000,135,006 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2014-01-24 10:44:02 | 000,106,412 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014-01-24 08:24:24 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-01-24 08:24:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-01-24 08:24:11 | 2615,365,632 | -HS- | M] () -- C:\hiberfil.sys [2014-01-17 15:58:17 | 001,351,080 | ---- | M] () -- C:\Users\AnnaR\Desktop\SzablonAllegroKupszkłoScandiPastel.jpg [2014-01-16 09:05:09 | 000,002,141 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-01-16 08:12:56 | 000,403,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2014-01-15 11:25:09 | 000,037,376 | ---- | M] () -- C:\Users\AnnaR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-01-14 13:58:25 | 000,046,049 | ---- | M] () -- C:\Users\AnnaR\Clip_2.jpg [2014-01-10 06:26:49 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\WF-Mag dla Windows.lnk [2014-01-08 15:31:57 | 000,001,861 | ---- | M] () -- C:\Users\Public\Desktop\Media Go.lnk [2014-01-08 15:22:07 | 000,002,107 | ---- | M] () -- C:\Users\Public\Desktop\NWZ-W270S WALKMAN Guide.lnk [2014-01-08 08:18:51 | 000,002,202 | ---- | M] () -- C:\Users\Public\Desktop\WF-Analizy.lnk [2014-01-08 07:12:19 | 000,245,015 | ---- | M] () -- C:\Users\AnnaR\1239502_581932205197377_1105427005_n.png [2014-01-06 20:23:36 | 004,558,848 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr [2014-01-02 15:08:53 | 000,767,437 | ---- | M] () -- C:\Users\AnnaR\DSC00741.JPG [2014-01-02 09:44:31 | 001,196,686 | ---- | M] () -- C:\Users\AnnaR\RITA-kolorl.jpg [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-01-17 15:58:15 | 001,351,080 | ---- | C] () -- C:\Users\AnnaR\Desktop\SzablonAllegroKupszkłoScandiPastel.jpg [2014-01-14 13:58:05 | 000,046,049 | ---- | C] () -- C:\Users\AnnaR\Clip_2.jpg [2014-01-08 15:31:57 | 000,001,861 | ---- | C] () -- C:\Users\Public\Desktop\Media Go.lnk [2014-01-08 15:22:07 | 000,002,107 | ---- | C] () -- C:\Users\Public\Desktop\NWZ-W270S WALKMAN Guide.lnk [2014-01-08 08:18:10 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\WF-Mag dla Windows.lnk [2014-01-08 07:12:19 | 000,245,015 | ---- | C] () -- C:\Users\AnnaR\1239502_581932205197377_1105427005_n.png [2014-01-02 15:08:38 | 000,767,437 | ---- | C] () -- C:\Users\AnnaR\DSC00741.JPG [2014-01-02 09:44:31 | 001,196,686 | ---- | C] () -- C:\Users\AnnaR\RITA-kolorl.jpg [2013-12-20 15:24:28 | 000,033,545 | ---- | C] () -- C:\Users\AnnaR\1474415_384998271647025_855383112_n.jpg [2013-12-18 11:52:23 | 000,074,322 | ---- | C] () -- C:\Users\AnnaR\1499462_433966596730206_783256884_n.jpg [2013-12-18 09:13:15 | 000,576,683 | ---- | C] () -- C:\Users\AnnaR\Untitled-1.jpg [2013-12-11 15:03:26 | 000,036,277 | ---- | C] () -- C:\Users\AnnaR\1465358_278246178966824_909802081_n.jpg [2013-12-11 09:13:22 | 000,014,161 | ---- | C] () -- C:\Users\AnnaR\Teksty motywujące .odt [2013-12-10 16:32:16 | 000,046,262 | ---- | C] () -- C:\Users\AnnaR\1463772_613792565349450_121675974_n.jpg [2013-12-04 08:17:38 | 000,685,076 | ---- | C] () -- C:\Users\AnnaR\KUPON2.jpg [2013-12-04 08:17:38 | 000,682,755 | ---- | C] () -- C:\Users\AnnaR\KUPON1.jpg [2013-11-26 10:24:20 | 000,070,670 | ---- | C] () -- C:\Users\AnnaR\ZALICZKA SYLEWSTWER_20131126101906.pdf [2013-11-22 06:16:02 | 000,046,973 | ---- | C] () -- C:\Users\AnnaR\1358183674_qnfna0_600.jpg [2013-11-20 08:12:23 | 000,029,590 | ---- | C] () -- C:\Users\AnnaR\1452434_616929905039910_2050784708_n.jpg [2013-11-18 16:26:39 | 000,103,486 | ---- | C] () -- C:\Users\AnnaR\1461784_570231019717279_1494923570_n.png [2013-11-18 10:31:55 | 000,192,821 | ---- | C] () -- C:\Users\AnnaR\Wegańska książka kucharska Przepisy .odt [2013-11-12 14:50:18 | 000,013,576 | ---- | C] () -- C:\Windows\System32\wnaspi32.dll [2013-10-23 10:43:25 | 004,080,849 | ---- | C] () -- C:\Users\AnnaR\Netsky - Love Has Gone - Official Video.mp3 [2013-09-27 15:22:09 | 000,181,383 | ---- | C] () -- C:\Users\AnnaR\tumblr_mdbtwqbmMh1rcnsvjo1_1280.jpg [2013-09-18 12:40:35 | 000,320,687 | ---- | C] () -- C:\Users\AnnaR\Pożyczka Sylwia Kenar.jpg [2013-09-02 10:24:05 | 000,706,793 | ---- | C] () -- C:\Users\AnnaR\plan lekcji Julka.jpg [2013-08-08 07:58:53 | 001,676,812 | ---- | C] () -- C:\Users\AnnaR\Babskie Fanaberie....pdf [2013-08-08 07:55:30 | 001,273,534 | ---- | C] () -- C:\Users\AnnaR\Dieta surowa, ktora.pdf [2013-08-06 15:35:40 | 000,050,701 | ---- | C] () -- C:\Users\AnnaR\BUSSAKA_mapa.jpg [2013-07-30 12:39:47 | 000,003,453 | ---- | C] () -- C:\Users\AnnaR\ściana.pdf [2013-07-18 09:16:10 | 000,072,694 | ---- | C] () -- C:\Users\AnnaR\zdjecie.JPG [2013-07-17 14:54:14 | 000,063,646 | ---- | C] () -- C:\Users\AnnaR\Clip.jpg [2013-07-10 08:13:54 | 000,358,722 | ---- | C] () -- C:\Users\AnnaR\P032002-8.jpg [2013-07-09 09:14:15 | 000,070,874 | ---- | C] () -- C:\Users\AnnaR\OBÓZ USTRZYKI_JULIA RYGIEL_20130709101107.pdf [2013-07-03 07:56:15 | 000,037,574 | ---- | C] () -- C:\Users\AnnaR\1307_509696555750058_93461139_n.jpg [2013-07-03 07:40:17 | 000,041,377 | ---- | C] () -- C:\Users\AnnaR\5874_10151462123270563_501425450_n.jpg [2013-06-25 12:33:10 | 000,000,600 | ---- | C] () -- C:\Users\AnnaR\AppData\Local\PUTTY.RND [2013-06-20 14:14:40 | 000,071,055 | ---- | C] () -- C:\Users\AnnaR\KOLONIA KAROLINA_20130620151206.pdf [2013-06-20 11:07:16 | 000,071,065 | ---- | C] () -- C:\Users\AnnaR\KOLONIA_20130620120442.pdf [2013-06-04 05:50:19 | 001,893,973 | ---- | C] () -- C:\Users\AnnaR\IMG_1998.JPG [2013-05-16 13:09:52 | 002,750,837 | ---- | C] () -- C:\Users\AnnaR\IMG_2172.JPG [2013-04-19 08:02:25 | 000,140,763 | ---- | C] () -- C:\Users\AnnaR\Jurek czapka.odt [2013-03-14 19:08:18 | 000,013,740 | ---- | C] () -- C:\Users\AnnaR\FANTY.ods [2013-02-28 07:50:34 | 000,000,078 | ---- | C] () -- C:\Windows\ricdb.ini [2013-02-28 07:50:34 | 000,000,029 | ---- | C] () -- C:\Windows\System32\RPCS.ini [2013-02-27 08:20:51 | 000,732,439 | ---- | C] () -- C:\Users\AnnaR\Kalendarz Imprez 2013.jpg [2012-02-15 11:54:30 | 000,037,376 | ---- | C] () -- C:\Users\AnnaR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-01-25 15:02:12 | 000,000,032 | ---- | C] () -- C:\Windows\analizy_dane.INI [2012-01-25 08:57:07 | 000,004,399 | ---- | C] () -- C:\Users\AnnaR\Pulpit.lnk [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-02-09 11:37:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ESET [2013-02-07 08:50:08 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\.minecraft [2012-09-11 10:41:47 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\ACD Systems [2012-07-20 11:46:16 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\ACD Systems_EN [2012-09-04 08:36:08 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\ACD Systems_PL [2014-01-10 18:30:36 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\AIMP3 [2012-01-25 07:07:54 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\AmonSDG [2012-08-21 07:37:04 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\Ashampoo Photo Commander 5 [2014-01-09 15:07:53 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\Asseco Business Solutions [2013-12-17 15:22:52 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\Audioteka [2012-09-19 13:06:27 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\Babylon [2012-05-23 11:28:35 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\Canneverbe Limited [2012-06-28 09:26:54 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\EBBE [2012-01-25 06:25:41 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\EPSON [2012-01-18 15:21:09 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\ESET [2012-05-10 07:13:18 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\Foxit Software [2012-05-29 12:31:27 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\NapiProjekt [2012-07-20 11:40:43 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\Nowy folder [2012-01-25 13:04:15 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\OpenOffice.org [2013-02-13 12:58:29 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\Polkomtel [2012-01-25 08:48:23 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\QPrint [2014-01-08 15:34:29 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\Sony [2014-01-24 11:04:46 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\Spotify [2012-08-29 14:10:21 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\Ulead Systems [2013-01-18 14:40:32 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\Unity [2012-01-25 07:55:29 | 000,000,000 | ---D | M] -- C:\Users\AnnaR\AppData\Roaming\WA-PRO [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 789 bytes -> C:\Users\AnnaR\Documents\1.eml:OECustomProperty < End of report >