x-kom hosting

Usuwanie qooqle - POMOCY(logi podane)

Evander1991
utworzono
utworzono

Wiem, że temat już wałkowany, ale sam nie daje sobie rady. Wklejam logi z OTL.exe.

OTL raport:

[log]OTL logfile created on: 2012-04-21 16:58:59 - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Downloads
Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.16562)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,49 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 61,90% Memory free
4,99 Gb Paging File | 3,99 Gb Available in Paging File | 79,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,57 Gb Total Space | 42,29 Gb Free Space | 72,21% Space Free | Partition Type: NTFS
Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS

Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Downloads\OTL.exe
PRC - [2012-04-19 09:12:24 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-04-19 09:12:20 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe
PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe
PRC - [2011-10-25 15:22:38 | 011,438,696 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
PRC - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
PRC - [2010-11-15 13:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
PRC - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe
PRC - [2010-09-28 15:33:02 | 000,299,008 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2010-08-23 16:11:04 | 000,299,008 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-06-04 09:50:40 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe
PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2009-07-14 03:14:47 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2009-07-14 03:14:43 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009-07-14 03:14:42 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2009-06-10 23:14:51 | 000,042,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
PRC - [2009-05-08 14:49:52 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-01-26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Downloads\OTL.exe
MOD - [2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
MOD - [2012-04-19 09:12:24 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2012-04-19 09:12:24 | 000,269,240 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2012-04-19 09:12:24 | 000,044,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozglue.dll
MOD - [2012-04-19 09:12:24 | 000,016,312 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll
MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-04-19 09:12:23 | 000,818,104 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MOD - [2012-04-19 09:12:23 | 000,646,072 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2012-04-19 09:12:23 | 000,371,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2012-04-19 09:12:23 | 000,187,320 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll
MOD - [2012-04-19 09:12:23 | 000,109,496 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2012-04-19 09:12:23 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll
MOD - [2012-04-19 09:12:20 | 015,915,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2012-04-19 09:12:20 | 000,170,936 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2012-04-19 09:12:20 | 000,158,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll
MOD - [2012-04-19 09:12:20 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll
MOD - [2012-04-19 09:12:20 | 000,022,456 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll
MOD - [2012-04-19 09:12:20 | 000,020,920 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll
MOD - [2012-04-19 09:12:20 | 000,019,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll
MOD - [2012-04-19 09:12:20 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
MOD - [2012-04-18 19:24:16 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
MOD - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
MOD - [2012-04-16 20:36:32 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll
MOD - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe
MOD - [2011-10-25 15:22:38 | 011,438,696 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
MOD - [2011-09-22 12:11:56 | 000,410,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll
MOD - [2011-09-22 12:09:44 | 000,093,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll
MOD - [2011-09-22 12:07:26 | 000,183,904 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiHips.dll
MOD - [2011-09-22 12:05:24 | 000,394,024 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll
MOD - [2011-09-22 12:04:32 | 001,044,984 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll
MOD - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
MOD - [2011-09-22 12:02:30 | 000,101,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll
MOD - [2011-09-22 12:01:56 | 000,097,384 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll
MOD - [2011-09-22 12:00:52 | 000,245,704 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll
MOD - [2011-09-16 14:39:56 | 000,098,664 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
MOD - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
MOD - [2011-07-28 17:55:42 | 000,011,264 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll
MOD - [2011-07-28 17:55:42 | 000,007,680 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll
MOD - [2011-07-28 17:55:40 | 000,033,280 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll
MOD - [2011-07-28 17:55:40 | 000,015,360 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll
MOD - [2011-07-28 17:55:38 | 000,016,896 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Runtime.dll
MOD - [2011-07-28 17:55:38 | 000,008,704 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll
MOD - [2011-07-28 17:55:36 | 000,040,448 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Dashboard.dll
MOD - [2011-07-28 17:55:36 | 000,012,800 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll
MOD - [2011-07-28 17:55:34 | 000,027,648 | ---- | M] (Advanced Mirco Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
MOD - [2011-07-28 17:55:34 | 000,018,944 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll
MOD - [2011-07-28 17:55:34 | 000,013,824 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
MOD - [2011-07-28 17:55:30 | 000,033,792 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
MOD - [2011-07-28 17:55:30 | 000,008,192 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Shared.dll
MOD - [2011-07-28 17:55:28 | 000,019,968 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll
MOD - [2011-07-28 17:55:26 | 000,070,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Fusion.Aspects.Runtime.dll
MOD - [2011-07-28 17:55:26 | 000,012,288 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll
MOD - [2011-07-28 17:55:24 | 000,240,128 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
MOD - [2011-07-28 17:55:22 | 002,448,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Dashboard.dll
MOD - [2011-07-28 17:55:20 | 002,041,344 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011-07-28 17:54:56 | 000,026,112 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Dashboard.dll
MOD - [2011-07-28 17:54:50 | 000,028,672 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Dashboard.dll
MOD - [2011-07-28 17:54:42 | 001,259,520 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.User.Fuel.Dashboard.dll
MOD - [2011-07-28 17:54:34 | 000,048,128 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Dashboard.dll
MOD - [2011-07-28 17:54:26 | 000,096,768 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2011-07-28 17:54:24 | 000,316,416 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011-07-28 17:54:18 | 000,774,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2011-07-28 17:54:14 | 000,061,440 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
MOD - [2011-07-28 17:54:08 | 000,021,504 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Dashboard.dll
MOD - [2011-07-28 17:54:02 | 000,524,288 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
MOD - [2011-07-28 17:53:58 | 000,159,744 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
MOD - [2011-07-28 17:53:56 | 000,013,312 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Shared.dll
MOD - [2011-07-28 17:53:54 | 000,012,800 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Shared.dll
MOD - [2011-07-28 17:53:54 | 000,007,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Shared.dll
MOD - [2011-07-28 17:53:52 | 000,019,968 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
MOD - [2011-07-28 17:53:52 | 000,012,800 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
MOD - [2011-07-28 17:53:52 | 000,011,264 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Shared.dll
MOD - [2011-07-28 17:53:52 | 000,008,704 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
MOD - [2011-07-28 17:53:50 | 000,010,752 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
MOD - [2011-07-28 17:53:48 | 000,168,960 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
MOD - [2011-07-28 17:53:48 | 000,013,824 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
MOD - [2011-07-28 17:53:32 | 000,011,776 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
MOD - [2011-07-28 17:53:32 | 000,008,704 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
MOD - [2011-07-28 17:53:32 | 000,008,192 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2011-07-28 17:53:30 | 000,050,688 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2011-07-28 17:53:26 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011-07-28 17:53:16 | 000,045,056 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011-07-28 17:53:16 | 000,035,840 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2011-07-28 17:53:16 | 000,020,480 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll
MOD - [2011-07-28 17:53:16 | 000,006,656 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
MOD - [2011-07-28 17:53:14 | 000,095,744 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
MOD - [2011-07-28 17:53:14 | 000,022,016 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
MOD - [2011-07-28 17:53:14 | 000,018,432 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
MOD - [2011-07-28 17:53:08 | 000,417,792 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
MOD - [2011-07-28 17:53:04 | 000,018,432 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2011-07-28 17:53:02 | 000,077,824 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2011-07-28 17:53:02 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011-07-28 17:53:00 | 000,032,768 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2011-07-28 17:52:58 | 000,028,672 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2011-07-28 17:52:58 | 000,020,480 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2011-07-28 17:52:56 | 000,106,496 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2011-07-28 17:52:56 | 000,055,808 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
MOD - [2011-07-28 17:52:54 | 000,065,536 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011-07-28 17:52:54 | 000,045,056 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011-07-28 17:52:54 | 000,043,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011-07-28 17:52:52 | 000,081,920 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2011-07-28 17:52:50 | 000,025,088 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2011-07-28 17:52:50 | 000,008,704 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011-07-28 17:52:46 | 000,020,480 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011-07-28 17:52:44 | 000,172,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011-07-28 17:52:44 | 000,028,672 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2011-07-28 17:52:40 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011-07-28 17:52:40 | 000,053,248 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011-07-28 17:52:40 | 000,032,768 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011-07-28 17:52:38 | 001,003,520 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011-07-28 17:52:34 | 000,053,248 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011-07-28 17:52:34 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011-07-28 17:52:34 | 000,040,960 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011-07-28 17:52:32 | 000,376,832 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
MOD - [2011-07-28 17:52:32 | 000,028,672 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011-07-28 17:52:26 | 001,284,096 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011-07-28 17:52:24 | 000,262,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
MOD - [2011-07-28 17:52:24 | 000,036,352 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
MOD - [2011-07-28 17:52:18 | 000,303,104 | ---- | M] (Advanced Mirco Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
MOD - [2011-07-28 17:52:16 | 000,005,632 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
MOD - [2011-07-28 17:52:14 | 000,020,480 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011-07-28 17:52:14 | 000,008,704 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
MOD - [2011-07-28 17:52:14 | 000,005,632 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
MOD - [2011-07-28 17:52:14 | 000,005,120 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Audio.Shared.dll
MOD - [2011-07-28 17:52:12 | 000,065,536 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
MOD - [2011-07-28 17:52:12 | 000,057,344 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
MOD - [2011-07-28 17:52:12 | 000,006,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
MOD - [2011-07-28 17:52:10 | 000,034,816 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
MOD - [2011-07-28 17:52:10 | 000,032,768 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
MOD - [2011-07-28 17:52:10 | 000,006,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
MOD - [2011-07-28 17:52:08 | 000,037,376 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011-07-28 17:52:08 | 000,007,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011-07-28 17:52:08 | 000,006,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
MOD - [2011-07-28 17:52:08 | 000,005,632 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
MOD - [2011-07-28 17:52:06 | 000,029,184 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
MOD - [2011-07-28 17:52:06 | 000,008,704 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
MOD - [2011-07-28 17:52:06 | 000,005,632 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
MOD - [2011-07-28 17:52:04 | 000,180,224 | ---- | M] (Advanced Mirco Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
MOD - [2011-07-28 17:52:04 | 000,020,480 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
MOD - [2011-07-28 17:52:04 | 000,005,632 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
MOD - [2011-07-28 17:52:02 | 000,024,576 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
MOD - [2011-07-28 17:52:00 | 000,032,768 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
MOD - [2011-07-28 17:52:00 | 000,024,576 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
MOD - [2011-07-28 17:52:00 | 000,007,680 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
MOD - [2011-07-28 17:51:58 | 000,061,440 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
MOD - [2011-07-28 17:51:58 | 000,015,360 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
MOD - [2011-07-28 17:51:58 | 000,007,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011-07-28 17:51:54 | 000,274,432 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.pl_Localization.dll
MOD - [2011-07-28 17:51:42 | 000,373,248 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOCALIZATION.Foundation.Private.dll
MOD - [2011-07-28 17:51:40 | 000,021,504 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2011-07-28 17:42:54 | 000,037,376 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Implementation.dll
MOD - [2011-07-28 17:40:46 | 000,726,528 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll
MOD - [2011-07-28 17:36:28 | 000,462,848 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
MOD - [2011-07-28 17:33:56 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
MOD - [2011-07-28 17:30:28 | 004,198,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll
MOD - [2011-07-28 17:09:12 | 004,256,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll
MOD - [2011-07-28 17:04:00 | 004,056,064 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
MOD - [2011-07-28 16:54:44 | 000,266,240 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
MOD - [2011-07-28 16:53:16 | 000,031,744 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
MOD - [2011-07-28 16:53:02 | 000,029,184 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
MOD - [2011-06-23 10:51:36 | 000,094,208 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
MOD - [2011-06-08 01:26:40 | 000,020,992 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CoreAudioApi.dll
MOD - [2010-11-15 13:22:04 | 000,186,184 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\plugins\zyngagames\ZyngaGames.dll
MOD - [2010-11-15 13:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
MOD - [2010-11-05 14:18:14 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
MOD - [2010-10-07 13:07:10 | 000,020,480 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
MOD - [2010-09-28 15:33:02 | 000,299,008 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
MOD - [2010-08-23 16:11:04 | 000,299,008 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
MOD - [2010-08-03 15:42:45 | 022,313,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010-08-03 13:32:44 | 000,291,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll
MOD - [2010-08-03 00:03:46 | 000,092,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\pl\ShFusRes.dll
MOD - [2010-06-04 10:57:58 | 001,286,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2010-06-04 09:53:48 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
MOD - [2010-06-04 09:53:48 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
MOD - [2010-06-04 09:53:46 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpdshext.dll
MOD - [2010-06-04 09:53:46 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
MOD - [2010-06-04 09:53:46 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
MOD - [2010-06-04 09:53:46 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2010-06-04 09:53:46 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
MOD - [2010-06-04 09:53:46 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll
MOD - [2010-06-04 09:53:46 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
MOD - [2010-06-04 09:53:46 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll
MOD - [2010-06-04 09:53:46 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
MOD - [2010-06-04 09:53:44 | 001,227,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
MOD - [2010-06-04 09:53:44 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2010-06-04 09:53:44 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
MOD - [2010-06-04 09:53:44 | 000,808,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2010-06-04 09:53:44 | 000,638,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
MOD - [2010-06-04 09:53:44 | 000,625,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2010-06-04 09:53:44 | 000,377,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
MOD - [2010-06-04 09:53:42 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
MOD - [2010-06-04 09:53:42 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
MOD - [2010-06-04 09:53:42 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll
MOD - [2010-06-04 09:53:42 | 000,300,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
MOD - [2010-06-04 09:53:42 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll
MOD - [2010-06-04 09:53:42 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
MOD - [2010-06-04 09:53:42 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2010-06-04 09:53:42 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll
MOD - [2010-06-04 09:53:40 | 001,665,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2010-06-04 09:53:40 | 000,349,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2010-06-04 09:53:40 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
MOD - [2010-06-04 09:53:40 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2010-06-04 09:53:40 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
MOD - [2010-06-04 09:53:40 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2010-06-04 09:53:38 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2010-06-04 09:53:38 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
MOD - [2010-06-04 09:53:38 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll
MOD - [2010-06-04 09:53:36 | 001,751,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
MOD - [2010-06-04 09:53:36 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
MOD - [2010-06-04 09:53:34 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
MOD - [2010-06-04 09:53:32 | 001,410,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-06-04 09:53:32 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2010-06-04 09:53:32 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2010-06-04 09:53:26 | 000,442,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll
MOD - [2010-06-04 09:53:18 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll
MOD - [2010-06-04 09:53:18 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
MOD - [2010-06-04 09:53:18 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll
MOD - [2010-06-04 09:53:18 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2010-06-04 09:52:58 | 001,389,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll
MOD - [2010-06-04 09:52:56 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
MOD - [2010-06-04 09:52:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
MOD - [2010-06-04 09:52:50 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
MOD - [2010-06-04 09:52:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
MOD - [2010-06-04 09:52:44 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
MOD - [2010-06-04 09:52:30 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2010-06-04 09:52:30 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2010-06-04 09:52:26 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
MOD - [2010-06-04 09:52:26 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll
MOD - [2010-06-04 09:52:26 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2010-06-04 09:52:26 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
MOD - [2010-06-04 09:52:22 | 010,975,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
MOD - [2010-06-04 09:52:22 | 002,057,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
MOD - [2010-06-04 09:52:22 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll
MOD - [2010-06-04 09:52:16 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
MOD - [2010-06-04 09:52:12 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
MOD - [2010-06-04 09:52:12 | 000,301,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2010-06-04 09:52:12 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
MOD - [2010-06-04 09:52:12 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
MOD - [2010-06-04 09:52:10 | 000,605,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll
MOD - [2010-06-04 09:52:10 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
MOD - [2010-06-04 09:52:08 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
MOD - [2010-06-04 09:51:56 | 001,076,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
MOD - [2010-06-04 09:51:56 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
MOD - [2010-06-04 09:51:56 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
MOD - [2010-06-04 09:51:52 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll
MOD - [2010-06-04 09:51:46 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
MOD - [2010-06-04 09:51:46 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
MOD - [2010-06-04 09:51:46 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
MOD - [2010-06-04 09:51:44 | 001,152,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll
MOD - [2010-06-04 09:51:44 | 000,737,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
MOD - [2010-06-04 09:51:44 | 000,524,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_ebf82fc36c758ad5\comctl32.dll
MOD - [2010-06-04 09:51:44 | 000,485,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2010-06-04 09:51:44 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
MOD - [2010-06-04 09:51:44 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll
MOD - [2010-06-04 09:51:32 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2010-06-04 09:51:28 | 000,740,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll
MOD - [2010-06-04 09:51:26 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
MOD - [2010-06-04 09:51:22 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2010-06-04 09:51:20 | 000,639,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2010-06-04 09:51:20 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
MOD - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
MOD - [2010-06-04 09:50:16 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
MOD - [2010-06-04 09:50:16 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
MOD - [2010-06-04 09:50:16 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2010-06-04 09:50:16 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv
MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010-04-14 03:31:20 | 000,115,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
MOD - [2010-04-14 03:31:16 | 005,823,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2010-04-14 03:31:16 | 000,363,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2010-04-14 03:31:14 | 001,736,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2010-04-14 03:31:00 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
MOD - [2010-03-18 09:15:26 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
MOD - [2010-03-18 09:15:26 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll
MOD - [2010-03-04 00:27:24 | 000,016,384 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
MOD - [2009-12-08 06:49:44 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
MOD - [2009-12-07 15:45:02 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe
MOD - [2009-10-14 18:44:40 | 000,200,704 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\AutoDetect.dll
MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcryptprimitives.dll
MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009-07-14 03:16:21 | 000,674,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwanmm.dll
MOD - [2009-07-14 03:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll
MOD - [2009-07-14 03:16:21 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2009-07-14 03:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll
MOD - [2009-07-14 03:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
MOD - [2009-07-14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2009-07-14 03:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll
MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
MOD - [2009-07-14 03:16:19 | 000,748,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll
MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiutils.dll
MOD - [2009-07-14 03:16:19 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll
MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll
MOD - [2009-07-14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
MOD - [2009-07-14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
MOD - [2009-07-14 03:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll
MOD - [2009-07-14 03:16:17 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemdisp.dll
MOD - [2009-07-14 03:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
MOD - [2009-07-14 03:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll
MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009-07-14 03:16:15 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-07-14 03:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll
MOD - [2009-07-14 03:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll
MOD - [2009-07-14 03:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-07-14 03:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll
MOD - [2009-07-14 03:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-07-14 03:16:12 | 000,845,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll
MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
MOD - [2009-07-14 03:16:12 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
MOD - [2009-07-14 03:16:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
MOD - [2009-07-14 03:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll
MOD - [2009-07-14 03:16:12 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
MOD - [2009-07-14 03:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdsapi.dll
MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll
MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll
MOD - [2009-07-14 03:16:03 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll
MOD - [2009-07-14 03:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-07-14 03:15:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
MOD - [2009-07-14 03:15:44 | 002,340,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
MOD - [2009-07-14 03:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll
MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-07-14 03:15:43 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
MOD - [2009-07-14 03:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
MOD - [2009-07-14 03:15:42 | 000,481,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll
MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll
MOD - [2009-07-14 03:15:35 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
MOD - [2009-07-14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll
MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll
MOD - [2009-07-14 03:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll
MOD - [2009-07-14 03:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll
MOD - [2009-07-14 03:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll
MOD - [2009-07-14 03:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll
MOD - [2009-07-14 03:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
MOD - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll
MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
MOD - [2009-07-14 03:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll
MOD - [2009-07-14 03:15:13 | 001,370,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll
MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
MOD - [2009-07-14 03:15:13 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
MOD - [2009-07-14 03:15:13 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009-07-14 03:15:13 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll
MOD - [2009-07-14 03:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsrole.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll
MOD - [2009-07-14 03:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll
MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
MOD - [2009-07-14 03:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
MOD - [2009-07-14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll
MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
MOD - [2009-07-14 03:15:07 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll
MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
MOD - [2009-07-14 03:15:07 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll
MOD - [2009-07-14 03:15:07 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptdll.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2009-07-14 03:14:59 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
MOD - [2009-07-14 03:14:57 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-07-14 03:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll
MOD - [2009-07-14 03:14:52 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
MOD - [2009-07-14 03:14:43 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
MOD - [2009-07-14 03:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hhctrl.ocx
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009-07-14 03:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv
MOD - [2009-07-14 03:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll
MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009-07-14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
MOD - [2009-06-17 10:24:26 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
MOD - [2009-06-17 10:24:26 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
MOD - [2009-06-17 05:27:48 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
MOD - [2009-06-10 23:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
MOD - [2009-06-10 23:23:11 | 000,554,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll
MOD - [2009-06-10 23:22:53 | 000,015,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
MOD - [2009-06-10 23:22:50 | 000,023,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2009-06-10 23:14:57 | 000,778,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
MOD - [2009-06-10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
MOD - [2009-06-10 23:14:46 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MOD - [2009-06-10 23:14:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll
MOD - [2009-05-08 14:49:52 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
MOD - [2009-04-22 12:13:40 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
MOD - [2009-04-22 12:13:18 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
MOD - [2009-01-26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2009-01-26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
MOD - [2009-01-26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\advcheck.dll
MOD - [2009-01-20 13:51:38 | 000,007,168 | ---- | M] ( ) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll
MOD - [2008-12-30 11:04:08 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
MOD - [2008-04-03 16:29:02 | 000,020,480 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
MOD - [2007-08-09 16:58:04 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF)
SRV - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE)
SRV - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)
SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3)
DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = Yandex
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\Google: "URL" = http://www.google.ru/search?hl=ru&q={searchTerms}\
IE - HKLM\..\SearchScopes\Wikipedia: "URL" = http://ru.wikipedia.org/wiki/{searchTerms}\
IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yahoo.com/search?p={searchTerms}\
IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru/yandsearch?stype=&nl=0&text={searchTerms}\


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012-04-17 12:42:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012-04-17 12:42:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2012-04-17 12:42:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M]

[2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions
[2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions
[2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-04-21 16:18:49 | 000,001,860 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml
[2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
[2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
[2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-19 13:22:10 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
[2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: qooqlle ()
CHR - default_search_provider: search_url = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Readar_sl] C:\Users\Mateusz\AppData\Roaming\Readar_sl.exe (Created with WinAutomation (http://www.WinAutomation.com))
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [STCAgent] C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe ()
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm ()
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^Users^Mateusz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk - C:\Users\Mateusz\AppData\Local\Facebook\MESSEN~1\204478~1.0\FACEBO~1.EXE - (Facebook)
MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - D:\ALLPlayer\ALLUpdate.exe ()
MsConfig - StartUpReg: [b]Live Update 5[/b] - hkey= - key= - C:\Program Files\MSI\Live Update 5\BootStartLiveupdate.exe ()
MsConfig - StartUpReg: [b]NortonOnlineBackup[/b] - hkey= - key= - C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: [b]ZyngaGamesAgent[/b] - hkey= - key= - C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer
[2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet
[2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio
[2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive
[2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games
[2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-04-19 19:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\EACOM
[2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
[2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU
[2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
[2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter
[2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt
[2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO
[2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer
[2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer
[2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player
[2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs
[2012-04-19 13:12:13 | 000,311,296 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Users\Mateusz\AppData\Roaming\Readar_sl.exe
[2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic
[2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit
[2012-04-19 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012-04-19 00:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft
[2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa
[2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit
[2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit
[2012-04-18 23:52:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs
[2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera
[2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI
[2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox
[2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74
[2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird
[2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype
[2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter
[2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2012-04-17 21:15:51 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PMB Files
[2012-04-17 21:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012-04-17 21:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe
[2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games
[2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000
[2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD
[2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI
[2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\2C0A
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0C0A
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0C04
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0816
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0804
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0424
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\041F
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\041E
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\041D
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\041B
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0419
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0416
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0415
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0414
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0413
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0412
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0411
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0410
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\040E
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\040D
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\040C
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\040B
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\040A
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0408
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0407
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0406
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0405
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0404
[2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0401
[2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics
[2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile
[2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012-04-17 12:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2012-04-17 12:41:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
[2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop
[2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop
[2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software
[2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google
[2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver
[2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys
[2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation
[2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia
[2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics
[2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot
[2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero
[2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games
[2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design
[2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe
[2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla
[2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower
[2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla
[2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla
[2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real
[2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-04-16 21:01:25 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia
[2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry
[2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy
[2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange
[2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector
[2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom
[2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities
[2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts
[2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs
[2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games
[2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-21 16:33:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-21 16:26:02 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-21 16:26:02 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-21 16:18:30 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-21 16:18:15 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-21 16:18:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-21 09:22:10 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job
[2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-21 00:00:27 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-04-21 00:00:27 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2012-04-21 00:00:27 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-04-21 00:00:27 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-04-21 00:00:27 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2012-04-21 00:00:27 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-04-20 18:22:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job
[2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat
[2012-04-19 13:12:01 | 008,180,224 | RHS- | M] () -- C:\ProgramData\TunesHelper.exe
[2012-04-19 13:12:01 | 000,311,296 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Users\Mateusz\AppData\Roaming\Readar_sl.exe
[2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 20:30:58 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 21:10:47 | 000,000,571 | ---- | M] () -- C:\Users\Mateusz\Desktop\foobar2000.lnk
[2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI
[2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-20 18:17:16 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job
[2012-04-20 18:17:16 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job
[2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat
[2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2012-04-19 13:12:07 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe
[2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2012-04-18 15:58:59 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012-04-18 15:58:59 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2012-04-18 15:58:59 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2012-04-18 15:58:59 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2012-04-18 15:58:59 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml
[2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012-04-17 12:40:53 | 000,001,408 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
[2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf
[2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat
[2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012-04-16 21:10:47 | 000,000,571 | ---- | C] () -- C:\Users\Mateusz\Desktop\foobar2000.lnk
[2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk
[2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe

[color=#E56717]========== LOP Check ==========[/color]

[2012-04-18 23:54:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer
[2012-04-19 01:20:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit
[2012-04-19 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2012-04-20 08:00:29 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\foobar2000
[2012-04-20 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet
[2012-04-17 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-04-16 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ipla
[2012-04-18 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\LolClient
[2012-04-18 18:22:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MSI
[2012-04-21 00:41:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera
[2012-04-17 12:40:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Splashtop
[2012-04-20 00:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive
[2012-04-17 23:34:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 1).job
[2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 2).job
[2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 3).job
[2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 4).job
[2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012-04-20 18:22:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job
[2012-04-21 09:22:10 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job
[2009-07-14 06:53:46 | 000,010,424 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-07-14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-04-17 19:36:03 | 000,000,189 | ---- | M] () -- C:\mylog.log
[2012-04-21 16:17:52 | 2678,771,712 | -HS- | M] () -- C:\pagefile.sys
[2012-04-17 15:28:34 | 000,002,005 | ---- | M] () -- C:\RHDSetup.log

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys
[2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< End of report >[/log]


Extras raport:

[log]OTL Extras logfile created on: 2012-04-21 16:58:59 - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Downloads
Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.16562)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,49 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 61,90% Memory free
4,99 Gb Paging File | 3,99 Gb Available in Paging File | 79,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,57 Gb Total Space | 42,29 Gb Free Space | 72,21% Space Free | Partition Type: NTFS
Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS

Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [openNew] -- explorer %1 (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Connectivity\ConnectivityManager.exe" = D:\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)
"D:\Orange\Connectivity\ConnectivityManager.exe" = D:\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = Live Update 5
"{011A5EF9-3D7D-2F43-F14E-A5E9BC8B0C47}" = AMD Fuel
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{049155CC-5AB3-296F-5815-CD73A9646E99}" = CCC Help Greek
"{08366AE3-72A2-523E-7218-D1B0B8271EBA}" = CCC Help Turkish
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2812B4B3-A412-7785-1964-4D60340E60A9}" = CCC Help French
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F173C40-563E-11D4-89C5-0010ADDAAC33}" = EA.com Matchup
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{354C5FB7-C8EC-1EC4-BE90-109E048E9C82}" = CCC Help Russian
"{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}" = Splashtop Connect IE
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}" = Splashtop Connect for Firefox
"{462D8F12-355D-5920-9193-25388DA500DA}" = CCC Help Chinese Traditional
"{4A1C03BB-6A5A-B8F8-F910-6791960DC25C}" = Catalyst Control Center Localization All
"{4BF35375-9076-1169-6452-EC085410DD0E}" = Catalyst Control Center Profiles Mobile
"{4CC4A295-8204-75C9-6E44-E280E661282B}" = CCC Help Korean
"{4FD0F94D-0CAB-C85B-FA2C-9586BA0AAE60}" = CCC Help Spanish
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5332A981-2332-55C4-FE31-7BCAAB16CAE2}" = Catalyst Control Center InstallProxy
"{53B04D20-50D5-EA2F-BDFC-BCE332124FED}" = CCC Help Dutch
"{53BCB6DB-C944-CE07-BBA7-B8EC2DA228B0}" = CCC Help Swedish
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7A25D130-4EC8-11E1-BEA4-B8AC6F97B88E}" = Google Earth
"{7C428915-7C49-E005-8D9C-0AFC3B9E2A55}" = CCC Help English
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation Program
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86227080-3ADB-5A9B-BB8A-8CE8CB6429F8}" = CCC Help Chinese Standard
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885AFEC2-0809-47CE-8B3F-00AEC19DDD5F}" = TSST OEM Content
"{89590A73-9AC3-48ED-B83E-6489900DED5A}" = Nero Multimedia Suite 10 Essentials
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{91120415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{A075239D-F706-B32D-A071-5804AE360AF0}" = CCC Help Finnish
"{A10B9E4E-9C40-4491-A3E1-C2B53DAB03C1}" = Facebook Messenger 2.0.4478.0
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2C948AC-CA5B-1921-E1CC-73DAAAD7ED15}" = Catalyst Control Center InstallProxy
"{A7CDE866-4E90-D922-89C4-31B836BC6E67}" = CCC Help German
"{A83FC388-927A-68E4-72FC-FC54E404B27F}" = CCC Help Japanese
"{A860FE72-A9F6-AB3D-09AE-3AA954EA1725}" = CCC Help Norwegian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{ACC75323-DB4A-4F7F-9AF3-1D1DEFF2D1B5}" = Heroes of Might and Magic V - Tribes of the East
"{ACC75323-DB4A-4f7f-9AF3-1D1DEFF2D1B5}_is1" = Heroes of Might and Magic V - Dzikie Hordy
"{AD917F8B-197A-07F2-1A6D-EB47FE50143B}" = ccc-utility
"{B2F86EAE-18EE-6B39-20D8-C542D841F034}" = CCC Help Thai
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BC5CE684-9D5B-707E-30BC-9275E2B49FA0}" = CCC Help Danish
"{BEWINTERNET-PL-IEW}.UninstallSuite" = Orange Free
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable
"{DC311C01-B1A9-8CAD-F018-9395269654EC}" = CCC Help Polish
"{DCFF61CC-B313-37DF-D567-26430CBC8720}" = CCC Help Portuguese
"{DE329278-4E61-8A9B-CADA-44AAC9E06C81}" = CCC Help Italian
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{DFE4070B-1657-942F-72B1-0057A9A830EF}" = CCC Help Hungarian
"{ED20800E-1BFF-E5D6-86DF-2B8015E308E3}" = AMD VISION Engine Control Center
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F49AC447-8ED0-0C8A-8622-4737B2EE4248}" = ATI Catalyst Install Manager
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F627CDBC-8323-4024-9691-A0A6533F43E0}" = ESET NOD32 Antivirus
"{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1" = VideoGenie
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FDF4B587-4070-4C2A-C3DC-A8F5DB3B6C5B}" = CCC Help Czech
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALLPlayer_is1" = ALLPlayer V5.X
"AQQ" = WapSter AQQ
"BitSpirit_is1" = BitSpirit v3.6.0.550 Stable
"CardDetectorHUAWEI1752_1552" = Card Detector for Huawei E1752 and E1552
"CCleaner" = CCleaner
"Core Temp" = Core Temp
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.52
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"foobar2000" = foobar2000 v1.1.11
"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker
"Google Chrome" = Google Chrome
"Gpuz" = GPU-Z
"HashCheck Shell Extension" = HashCheck Shell Extension (x86-32)
"Icy Tower v1.5_is1" = Icy Tower v1.5
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer
"ipla" = ipla 2.3.3
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.6.1 (Full)
"Mario Ice Tower" = Mario Ice Tower
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"Mozilla Thunderbird 12.0 (x86 pl)" = Mozilla Thunderbird 12.0 (x86 pl)
"NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151)
"Opera 11.62.1347" = Opera 11.62
"PokerStars.eu" = PokerStars.eu
"RealPlayer 12.0" = RealPlayer
"Speccy" = Speccy
"Totalcmd" = Total Commander (Remove or Repair)
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.01 (32-bitowy)
"YouTube to ALLPlayer_is1" = YouTube to ALLPlayer

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-04-19 19:45:56 | Computer Name = AUTO | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\MSI\live
update 5\UCPlugin\c17t1706v0.0.0l1p5889r1o1\VizorShortCut.exe". Nie można odnaleźć
zestawu zależnego Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2012-04-19 19:45:56 | Computer Name = AUTO | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\MSI\live
update 5\UCPlugin\c17t1706v0.0.0l1p5889r1o1\WSCHandler.exe". Nie można odnaleźć
zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2012-04-19 19:45:56 | Computer Name = AUTO | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\MSI\live
update 5\UCPlugin\c17t1706v0.0.0l1p5889r1o1\WSCTool.exe". Nie można odnaleźć zestawu
zależnego Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2012-04-19 19:46:04 | Computer Name = AUTO | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\MSI\live
update 5\Vizor64\InstallUCWrapper.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2012-04-19 19:46:05 | Computer Name = AUTO | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\MSI\live
update 5\Vizor64\TiPreAU.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2012-04-19 19:46:05 | Computer Name = AUTO | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\MSI\live
update 5\Vizor64\VizorShortCut.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2012-04-19 19:46:36 | Computer Name = AUTO | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\spybot
- search & destroy\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program
files\spybot - search & destroy\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu
"language" elementu "assemblyIdentity" jest nieprawidłowa.

Error - 2012-04-19 19:46:38 | Computer Name = AUTO | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "d:\Orange\installation\Core\InstallDevice64.exe".
Nie
można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2012-04-19 19:46:39 | Computer Name = AUTO | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "d:\Orange\installation\Core\setupApiWrapper64.exe".
Nie
można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2012-04-20 18:22:06 | Computer Name = AUTO | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 2012-04-20 18:45:19 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001
Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie
można uruchomić z powodu następującego błędu: %%1058

Error - 2012-04-20 18:45:23 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001
Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie
można uruchomić z powodu następującego błędu: %%1058

Error - 2012-04-20 18:45:23 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001
Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie
można uruchomić z powodu następującego błędu: %%1058

Error - 2012-04-20 18:45:25 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001
Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie
można uruchomić z powodu następującego błędu: %%1058

Error - 2012-04-20 18:45:25 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001
Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie
można uruchomić z powodu następującego błędu: %%1058

Error - 2012-04-20 18:56:18 | Computer Name = AUTO | Source = Service Control Manager | ID = 7034
Description = Usługa AMD External Events Utility niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2012-04-20 18:56:28 | Computer Name = AUTO | Source = DCOM | ID = 10010
Description =

Error - 2012-04-20 18:56:33 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001
Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie
można uruchomić z powodu następującego błędu: %%1058

Error - 2012-04-20 18:56:33 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001
Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie
można uruchomić z powodu następującego błędu: %%1058

Error - 2012-04-20 18:59:44 | Computer Name = AUTO | Source = DCOM | ID = 10010
Description =


< End of report >[/log]

Z góry dziękuję za okazaną pomoc :)

Gość
komentarz
komentarz

Uruchom OTL i w oknie Własne opcje skanownia/skrypt wklej:

[code]:OTL
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"

:Files
C:\Users\Mateusz\AppData\Roaming\Readar_sl.exe
C:\Windows\System32\2C0A
C:\Windows\System32\0C0A
C:\Windows\System32\0C04
C:\Windows\System32\0816
C:\Windows\System32\0804
C:\Windows\System32\0424
C:\Windows\System32\041F
C:\Windows\System32\041E
C:\Windows\System32\041D
C:\Windows\System32\041B
C:\Windows\System32\0419
C:\Windows\System32\0416
C:\Windows\System32\0415
C:\Windows\System32\0414
C:\Windows\System32\0413
C:\Windows\System32\0412
C:\Windows\System32\0411
C:\Windows\System32\0410
C:\Windows\System32\040E
C:\Windows\System32\040D
C:\Windows\System32\040C
C:\Windows\System32\040B
C:\Windows\System32\040A
C:\Windows\System32\0408
C:\Windows\System32\0407
C:\Windows\System32\0406
C:\Windows\System32\0405
C:\Windows\System32\0404
C:\Windows\System32\0401
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\Ad-Aware Update (Daily 4).job
C:\Windows\tasks\Ad-Aware Update (Daily 3).job
C:\Windows\tasks\Ad-Aware Update (Daily 2).job
C:\Windows\tasks\Ad-Aware Update (Daily 1).job

:Commands
[emptyflash]
[emptytemp][/code]

Kliknij w [b]Wykonaj skrypt.[/b]


Po restarcie OTL wygeneruje log zapisz go i przedstaw.

2. Uruchom [b]AdwCleaner[/b] i zastosuj opcję [b]Delete[/b]. Do pobrania tutaj
http://general-changelog-team.fr/outils/289-adwcleaner

3. Wykonaj nowy skan [b]OTL wg tej instrukcji[/b] i przedstaw raporty
http://www.fixitpc.pl/topic/61-diagnostyka-ogolne-raporty-systemowe/#1

Evander1991
komentarz
komentarz

Nie wiem czemu, ale nie mogę odpalić adwcleaner. Wyskakuje mi Error:


[quote]
AutoIt Error

Unable to open the script file
[/quote]

Gość
komentarz
komentarz

To wykonaj nowy skan OTL i przedstaw raport

Evander1991
komentarz
komentarz (edytowane)

Raport z wykonania skryptu:

[log]All processes killed
========== OTL ==========
HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0F3DC9E0-C459-4a40-BCF8-747BD9322E10} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4a40-BCF8-747BD9322E10}\ deleted successfully.
C:\Program Files\Splashtop\Splashtop Connect IE\AddressBarSearch.dll moved successfully.
Prefs.js: "qooqlle" removed from browser.search.selectedEngine
Prefs.js: "http://www.qooqlle.com/" removed from browser.startup.homepage
========== FILES ==========
C:\Users\Mateusz\AppData\Roaming\Readar_sl.exe moved successfully.
C:\Windows\System32\2C0A folder moved successfully.
C:\Windows\System32\0C0A folder moved successfully.
C:\Windows\System32\0C04 folder moved successfully.
C:\Windows\System32\0816 folder moved successfully.
C:\Windows\System32\0804 folder moved successfully.
C:\Windows\System32\0424 folder moved successfully.
C:\Windows\System32\041F folder moved successfully.
C:\Windows\System32\041E folder moved successfully.
C:\Windows\System32\041D folder moved successfully.
C:\Windows\System32\041B folder moved successfully.
C:\Windows\System32\0419 folder moved successfully.
C:\Windows\System32\0416 folder moved successfully.
C:\Windows\System32\0415 folder moved successfully.
C:\Windows\System32\0414 folder moved successfully.
C:\Windows\System32\0413 folder moved successfully.
C:\Windows\System32\0412 folder moved successfully.
C:\Windows\System32\0411 folder moved successfully.
C:\Windows\System32\0410 folder moved successfully.
C:\Windows\System32\040E folder moved successfully.
C:\Windows\System32\040D folder moved successfully.
C:\Windows\System32\040C folder moved successfully.
C:\Windows\System32\040B folder moved successfully.
C:\Windows\System32\040A folder moved successfully.
C:\Windows\System32\0408 folder moved successfully.
C:\Windows\System32\0407 folder moved successfully.
C:\Windows\System32\0406 folder moved successfully.
C:\Windows\System32\0405 folder moved successfully.
C:\Windows\System32\0404 folder moved successfully.
C:\Windows\System32\0401 folder moved successfully.
C:\Windows\tasks\Ad-Aware Update (Weekly).job moved successfully.
C:\Windows\tasks\Ad-Aware Update (Daily 4).job moved successfully.
C:\Windows\tasks\Ad-Aware Update (Daily 3).job moved successfully.
C:\Windows\tasks\Ad-Aware Update (Daily 2).job moved successfully.
C:\Windows\tasks\Ad-Aware Update (Daily 1).job moved successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Mateusz
->Flash cache emptied: 566 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Mateusz
->Temp folder emptied: 18107442 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 54070439 bytes
->Google Chrome cache emptied: 856432 bytes
->Opera cache emptied: 13941 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7868 bytes
RecycleBin emptied: 282 bytes

Total Files Cleaned = 70,00 mb


OTL by OldTimer - Version 3.2.40.0 log created on 04222012_000403

Files\Folders moved on Reboot...

Registry entries deleted on Reboot.[/log]


Ze skanowania:

OTL raport:

[log]OTL logfile created on: 2012-04-22 08:47:30 - Run 2
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy
Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.16562)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,49 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 61,95% Memory free
4,99 Gb Paging File | 3,97 Gb Available in Paging File | 79,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,57 Gb Total Space | 43,49 Gb Free Space | 74,25% Space Free | Partition Type: NTFS
Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS
Drive E: | 3,66 Gb Total Space | 3,66 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\Programy\OTL.exe
PRC - [2012-04-19 09:12:24 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe
PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe
PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
PRC - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
PRC - [2010-11-15 13:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
PRC - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe
PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-06-04 09:50:20 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe
PRC - [2009-10-14 16:44:38 | 001,368,064 | ---- | M] (France Telecom SA) -- D:\Orange\Deskboard\Deskboard.exe
PRC - [2009-10-14 16:44:38 | 001,110,016 | ---- | M] (France Telecom SA) -- D:\Orange\Phonetools\TextMessaging.exe
PRC - [2009-10-14 16:44:38 | 001,007,616 | ---- | M] (France Telecom SA) -- D:\Orange\Connectivity\ConnectivityManager.exe
PRC - [2009-10-14 16:44:38 | 000,725,744 | ---- | M] (France Telecom SA) -- D:\Orange\Launcher\Launcher.exe
PRC - [2009-10-14 16:44:38 | 000,544,768 | ---- | M] (France Telecom SA) -- D:\Orange\Connectivity\Corecom\CoreCom.exe
PRC - [2009-10-14 16:44:38 | 000,245,760 | ---- | M] (France Telecom SA) -- D:\Orange\Systray\SystrayApp.exe
PRC - [2009-10-14 16:44:38 | 000,094,208 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
PRC - [2009-10-14 16:44:38 | 000,094,208 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2009-01-26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-04-18 19:24:16 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2010-04-14 03:31:00 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
MOD - [2009-10-14 16:44:38 | 000,708,608 | ---- | M] () -- D:\Orange\Launcher\Plugins\PluginLnhPromptManager2.dll
MOD - [2009-10-14 16:44:38 | 000,548,864 | ---- | M] () -- D:\Orange\Launcher\Plugins\PluginLnhHotspotLocator.dll
MOD - [2009-10-14 16:44:38 | 000,040,960 | ---- | M] () -- D:\Orange\Launcher\WatchClient.dll
MOD - [2009-08-04 11:04:26 | 000,294,912 | ---- | M] () -- D:\Orange\Launcher\Sqlite3.dll
MOD - [2009-08-04 11:04:26 | 000,294,912 | ---- | M] () -- D:\Orange\Connectivity\Sqlite3.dll
MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2009-06-10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
MOD - [2009-06-10 23:14:46 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MOD - [2009-06-10 23:14:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF)
SRV - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE)
SRV - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)
SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3)
DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = Yandex
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url]
IE - HKLM\..\SearchScopes\Google: "URL" = [url="http://www.google.ru/search?hl=ru&q=%7BsearchTerms%7D%5C"]http://www.google.ru...={searchTerms}\[/url]
IE - HKLM\..\SearchScopes\Wikipedia: "URL" = [url="http://ru.wikipedia.org/wiki/%7BsearchTerms%7D%5C"]http://ru.wikipedia..../{searchTerms}\[/url]
IE - HKLM\..\SearchScopes\Yahoo: "URL" = [url="http://ru.search.yahoo.com/search?p=%7BsearchTerms%7D%5C"]http://ru.search.yah...={searchTerms}\[/url]
IE - HKLM\..\SearchScopes\Yandex: "URL" = [url="http://www.yandex.ru/yandsearch?stype=&nl=0&text=%7BsearchTerms%7D%5C"]http://www.yandex.ru...={searchTerms}\[/url]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.qooqlle.com/"]http://www.qooqlle.com/[/url]
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = [url="http://www.google.pl/cse?q=%7BsearchTerms%7D&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q=%7BsearchTerms%7D"]http://www.google.pl...q={searchTerms}[/url]
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = [url="http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q=%7BsearchTerms%7D&sa=Search&siteurl=qooqlle.com%2F"]http://www.google.co...=qooqlle.com%2F[/url]
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = [url="http://uk.search.yahoo.com/search?p=%7BsearchTerms%7D&fr=chr-devicevm&type=MMBROWSV"]http://uk.search.yah...m&type=MMBROWSV[/url]
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = [url="http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q=%7BsearchTerms%7D"]http://www.google.co...q={searchTerms}[/url]
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&form=SPLEP1&pc=SPLH"]http://www.bing.com/...=SPLEP1&pc=SPLH[/url]
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012-04-17 12:42:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012-04-17 12:42:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2012-04-17 12:42:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M]

[2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions
[2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions
[2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-04-22 08:42:05 | 000,001,860 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml
[2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
[2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
[2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-19 13:22:10 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
[2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: qooqlle ()
CHR - default_search_provider: search_url = [url="http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q=%7BsearchTerms%7D&sa=Search&siteurl=qooqlle.com%2F"]http://www.google.co...=qooqlle.com%2F[/url]
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [STCAgent] C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe ()
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm ()
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBA710A7-2EA8-47C7-8C15-F778620E1802}: NameServer = 79.163.127.70 217.116.100.65
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\Shell - "" = AutoRun
O33 - MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\Shell\AutoRun\command - "" = F:\setup_homm5.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-21 17:20:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Pliki
[2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer
[2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet
[2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio
[2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive
[2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games
[2012-04-20 00:17:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2012-04-20 00:17:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2012-04-20 00:17:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012-04-20 00:17:26 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2012-04-20 00:17:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2012-04-20 00:17:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2012-04-20 00:17:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2012-04-20 00:17:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012-04-20 00:17:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2012-04-20 00:17:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2012-04-20 00:17:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2012-04-20 00:17:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2012-04-20 00:17:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012-04-20 00:17:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012-04-20 00:17:23 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2012-04-20 00:17:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012-04-20 00:17:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012-04-20 00:17:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2012-04-20 00:17:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012-04-20 00:17:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012-04-20 00:17:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012-04-20 00:17:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012-04-20 00:17:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012-04-20 00:17:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012-04-20 00:17:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012-04-20 00:17:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012-04-20 00:17:20 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012-04-20 00:17:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012-04-20 00:17:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2012-04-20 00:17:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2012-04-20 00:17:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2012-04-20 00:17:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012-04-20 00:17:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2012-04-20 00:17:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2012-04-20 00:17:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2012-04-20 00:17:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2012-04-20 00:17:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2012-04-20 00:17:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012-04-20 00:17:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012-04-20 00:17:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012-04-20 00:17:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012-04-20 00:17:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012-04-20 00:17:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012-04-20 00:17:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012-04-20 00:17:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012-04-20 00:17:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012-04-20 00:17:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012-04-20 00:17:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012-04-20 00:17:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012-04-20 00:17:12 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012-04-20 00:17:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012-04-20 00:17:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012-04-20 00:17:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012-04-20 00:17:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012-04-20 00:17:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012-04-20 00:17:09 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012-04-20 00:17:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012-04-20 00:17:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012-04-20 00:17:09 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012-04-20 00:17:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012-04-20 00:17:08 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012-04-20 00:17:08 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012-04-20 00:17:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012-04-20 00:17:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012-04-20 00:17:07 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012-04-20 00:17:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012-04-20 00:17:07 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012-04-20 00:17:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012-04-20 00:17:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012-04-20 00:17:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012-04-20 00:17:04 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012-04-20 00:17:04 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012-04-20 00:17:03 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012-04-20 00:17:03 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012-04-20 00:17:03 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012-04-20 00:17:02 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012-04-20 00:17:01 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-04-19 19:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\EACOM
[2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
[2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU
[2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
[2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter
[2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt
[2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO
[2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer
[2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer
[2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player
[2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs
[2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic
[2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit
[2012-04-19 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012-04-19 00:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft
[2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012-04-18 23:57:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa
[2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit
[2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit
[2012-04-18 23:52:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs
[2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera
[2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-04-18 19:24:16 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-18 19:24:16 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI
[2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox
[2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74
[2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird
[2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype
[2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter
[2012-04-17 22:02:03 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012-04-17 22:02:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2012-04-17 22:02:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012-04-17 22:02:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2012-04-17 22:02:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2012-04-17 21:15:51 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PMB Files
[2012-04-17 21:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012-04-17 21:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe
[2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games
[2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012-04-17 19:43:56 | 000,035,968 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys
[2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-04-17 19:37:47 | 000,066,688 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_sata.sys
[2012-04-17 19:37:47 | 000,033,408 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_xata.sys
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012-04-17 19:37:08 | 000,211,984 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys
[2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-04-17 19:36:37 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2012-04-17 19:36:37 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2012-04-17 19:36:36 | 018,388,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2012-04-17 19:36:36 | 008,396,800 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2012-04-17 19:36:36 | 000,247,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2012-04-17 19:36:36 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2012-04-17 19:36:36 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2012-04-17 19:36:36 | 000,013,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2012-04-17 19:36:35 | 008,247,296 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2012-04-17 19:36:35 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2012-04-17 19:36:35 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2012-04-17 19:36:35 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2012-04-17 19:36:35 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2012-04-17 19:26:01 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn0415.exe
[2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000
[2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD
[2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012-04-17 16:05:26 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI
[2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012-04-17 16:00:48 | 004,256,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll
[2012-04-17 16:00:48 | 004,056,064 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2012-04-17 16:00:48 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2012-04-17 16:00:48 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe
[2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2012-04-17 16:00:48 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe
[2012-04-17 16:00:48 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2012-04-17 16:00:48 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2012-04-17 16:00:47 | 004,198,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll
[2012-04-17 16:00:47 | 000,726,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll
[2012-04-17 16:00:47 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2012-04-17 16:00:47 | 000,266,240 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2012-04-17 16:00:47 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe
[2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics
[2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012-04-17 15:27:49 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll
[2012-04-17 15:27:49 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll
[2012-04-17 15:27:48 | 002,285,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2012-04-17 15:27:48 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012-04-17 15:27:48 | 000,178,624 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll
[2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012-04-17 15:27:48 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll
[2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2012-04-17 15:27:47 | 003,378,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012-04-17 15:27:47 | 001,892,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012-04-17 15:27:47 | 001,329,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012-04-17 15:27:47 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012-04-17 15:27:44 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2012-04-17 15:27:44 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2012-04-17 15:27:43 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile
[2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012-04-17 12:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2012-04-17 12:41:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
[2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop
[2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop
[2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software
[2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google
[2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012-04-17 11:47:09 | 001,057,896 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8192ce.sys
[2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver
[2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys
[2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation
[2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia
[2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012-04-17 11:42:19 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics
[2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot
[2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero
[2012-04-16 23:31:19 | 003,144,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back
[2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games
[2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2012-04-16 22:02:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012-04-16 22:02:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012-04-16 22:02:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012-04-16 22:02:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design
[2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe
[2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla
[2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower
[2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla
[2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla
[2012-04-16 21:12:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla
[2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012-04-16 21:02:32 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 21:02:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012-04-16 21:02:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real
[2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-04-16 21:01:25 | 000,839,680 | ---- | C] ([url="http://www.mp3dev.org/"]http://www.mp3dev.org/[/url]) -- C:\Windows\System32\lameACM.acm
[2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012-04-16 20:40:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012-04-16 20:40:31 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia
[2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry
[2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy
[2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange
[2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector
[2012-04-16 20:00:07 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2012-04-16 20:00:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom
[2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities
[2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts
[2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-16 19:56:47 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2012-04-16 19:56:47 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe
[2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe
[2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe
[2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs
[2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games
[2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-22 08:55:31 | 003,670,016 | -H-- | M] () -- C:\Users\Mateusz\NTUSER.DAT
[2012-04-22 08:48:41 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-22 08:48:41 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-22 08:41:25 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-22 08:41:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-04-22 08:40:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-22 08:33:49 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-22 00:27:54 | 003,531,027 | -H-- | M] () -- C:\Users\Mateusz\AppData\Local\IconCache.db
[2012-04-22 00:22:08 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job
[2012-04-21 23:58:16 | 002,317,686 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012-04-21 23:58:16 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-04-21 23:58:16 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2012-04-21 23:58:16 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-04-21 23:58:16 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-04-21 23:58:16 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2012-04-21 23:58:16 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-04-21 22:33:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-20 18:22:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job
[2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat
[2012-04-19 13:12:01 | 008,180,224 | RHS- | M] () -- C:\ProgramData\TunesHelper.exe
[2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-18 19:33:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-18 19:33:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 20:30:58 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:52:55 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:41:30 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:27 | 000,262,144 | ---- | M] () -- C:\ProgramData\NTUser.dat
[2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012-04-16 23:31:19 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer_.exe.Back.0.219815846169282
[2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:16:57 | 000,051,672 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 21:12:08 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:02:32 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 21:02:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012-04-16 21:02:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI
[2012-04-16 20:52:57 | 000,000,499 | ---- | M] () -- C:\Windows\win.ini
[2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012-04-16 20:05:21 | 000,065,536 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk
[2012-04-16 19:56:36 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2012-04-16 19:56:36 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe
[2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe
[2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe
[2012-04-16 19:54:18 | 000,000,020 | -HS- | M] () -- C:\Users\Mateusz\ntuser.ini

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-20 18:17:16 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job
[2012-04-20 18:17:16 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job
[2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat
[2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2012-04-19 13:12:07 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe
[2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml
[2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012-04-17 12:52:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:52:53 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:52:53 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:41:27 | 000,262,144 | ---- | C] () -- C:\ProgramData\NTUser.dat
[2012-04-17 12:41:27 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:40:53 | 000,001,408 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
[2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf
[2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat
[2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:14:44 | 003,531,027 | -H-- | C] () -- C:\Users\Mateusz\AppData\Local\IconCache.db
[2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 20:11:28 | 000,051,672 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk
[2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-04-16 19:54:18 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012-04-16 19:54:18 | 000,000,020 | -HS- | C] () -- C:\Users\Mateusz\ntuser.ini
[2012-04-16 19:54:17 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012-04-16 19:54:17 | 000,065,536 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012-04-16 19:54:09 | 003,670,016 | -H-- | C] () -- C:\Users\Mateusz\NTUSER.DAT
[2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010-06-21 13:39:23 | 002,317,686 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI

[color=#E56717]========== LOP Check ==========[/color]

[2012-04-18 23:54:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer
[2012-04-19 01:20:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit
[2012-04-19 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2012-04-20 08:00:29 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\foobar2000
[2012-04-20 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet
[2012-04-17 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-04-16 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ipla
[2012-04-18 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\LolClient
[2012-04-18 18:22:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MSI
[2012-04-21 00:41:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera
[2012-04-17 12:40:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Splashtop
[2012-04-20 00:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive
[2012-04-17 23:34:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2012-04-20 18:22:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job
[2012-04-22 00:22:08 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job
[2009-07-14 06:53:46 | 000,012,272 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >[/log]


Extras raport:

[log]OTL Extras logfile created on: 2012-04-22 08:47:30 - Run 2
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy
Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.16562)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,49 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 61,95% Memory free
4,99 Gb Paging File | 3,97 Gb Available in Paging File | 79,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,57 Gb Total Space | 43,49 Gb Free Space | 74,25% Space Free | Partition Type: NTFS
Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS
Drive E: | 3,66 Gb Total Space | 3,66 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [openNew] -- explorer %1 (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Connectivity\ConnectivityManager.exe" = D:\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)
"D:\Orange\Connectivity\ConnectivityManager.exe" = D:\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = Live Update 5
"{011A5EF9-3D7D-2F43-F14E-A5E9BC8B0C47}" = AMD Fuel
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam™
"{049155CC-5AB3-296F-5815-CD73A9646E99}" = CCC Help Greek
"{08366AE3-72A2-523E-7218-D1B0B8271EBA}" = CCC Help Turkish
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 21
"{2812B4B3-A412-7785-1964-4D60340E60A9}" = CCC Help French
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F173C40-563E-11D4-89C5-0010ADDAAC33}" = EA.com Matchup
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{354C5FB7-C8EC-1EC4-BE90-109E048E9C82}" = CCC Help Russian
"{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}" = Splashtop Connect IE
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}" = Splashtop Connect for Firefox
"{462D8F12-355D-5920-9193-25388DA500DA}" = CCC Help Chinese Traditional
"{4A1C03BB-6A5A-B8F8-F910-6791960DC25C}" = Catalyst Control Center Localization All
"{4BF35375-9076-1169-6452-EC085410DD0E}" = Catalyst Control Center Profiles Mobile
"{4CC4A295-8204-75C9-6E44-E280E661282B}" = CCC Help Korean
"{4FD0F94D-0CAB-C85B-FA2C-9586BA0AAE60}" = CCC Help Spanish
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5332A981-2332-55C4-FE31-7BCAAB16CAE2}" = Catalyst Control Center InstallProxy
"{53B04D20-50D5-EA2F-BDFC-BCE332124FED}" = CCC Help Dutch
"{53BCB6DB-C944-CE07-BBA7-B8EC2DA228B0}" = CCC Help Swedish
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7A25D130-4EC8-11E1-BEA4-B8AC6F97B88E}" = Google Earth
"{7C428915-7C49-E005-8D9C-0AFC3B9E2A55}" = CCC Help English
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation Program
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86227080-3ADB-5A9B-BB8A-8CE8CB6429F8}" = CCC Help Chinese Standard
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885AFEC2-0809-47CE-8B3F-00AEC19DDD5F}" = TSST OEM Content
"{89590A73-9AC3-48ED-B83E-6489900DED5A}" = Nero Multimedia Suite 10 Essentials
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{91120415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{A075239D-F706-B32D-A071-5804AE360AF0}" = CCC Help Finnish
"{A10B9E4E-9C40-4491-A3E1-C2B53DAB03C1}" = Facebook Messenger 2.0.4478.0
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2C948AC-CA5B-1921-E1CC-73DAAAD7ED15}" = Catalyst Control Center InstallProxy
"{A7CDE866-4E90-D922-89C4-31B836BC6E67}" = CCC Help German
"{A83FC388-927A-68E4-72FC-FC54E404B27F}" = CCC Help Japanese
"{A860FE72-A9F6-AB3D-09AE-3AA954EA1725}" = CCC Help Norwegian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{ACC75323-DB4A-4F7F-9AF3-1D1DEFF2D1B5}" = Heroes of Might and Magic V - Tribes of the East
"{ACC75323-DB4A-4f7f-9AF3-1D1DEFF2D1B5}_is1" = Heroes of Might and Magic V - Dzikie Hordy
"{AD917F8B-197A-07F2-1A6D-EB47FE50143B}" = ccc-utility
"{B2F86EAE-18EE-6B39-20D8-C542D841F034}" = CCC Help Thai
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BC5CE684-9D5B-707E-30BC-9275E2B49FA0}" = CCC Help Danish
"{BEWINTERNET-PL-IEW}.UninstallSuite" = Orange Free
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable
"{DC311C01-B1A9-8CAD-F018-9395269654EC}" = CCC Help Polish
"{DCFF61CC-B313-37DF-D567-26430CBC8720}" = CCC Help Portuguese
"{DE329278-4E61-8A9B-CADA-44AAC9E06C81}" = CCC Help Italian
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike™
"{DFE4070B-1657-942F-72B1-0057A9A830EF}" = CCC Help Hungarian
"{ED20800E-1BFF-E5D6-86DF-2B8015E308E3}" = AMD VISION Engine Control Center
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F49AC447-8ED0-0C8A-8622-4737B2EE4248}" = ATI Catalyst Install Manager
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F627CDBC-8323-4024-9691-A0A6533F43E0}" = ESET NOD32 Antivirus
"{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1" = VideoGenie
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FDF4B587-4070-4C2A-C3DC-A8F5DB3B6C5B}" = CCC Help Czech
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALLPlayer_is1" = ALLPlayer V5.X
"AQQ" = WapSter AQQ
"BitSpirit_is1" = BitSpirit v3.6.0.550 Stable
"CardDetectorHUAWEI1752_1552" = Card Detector for Huawei E1752 and E1552
"CCleaner" = CCleaner
"Core Temp" = Core Temp
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.52
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"foobar2000" = foobar2000 v1.1.11
"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker
"Google Chrome" = Google Chrome
"Gpuz" = GPU-Z
"HashCheck Shell Extension" = HashCheck Shell Extension (x86-32)
"Icy Tower v1.5_is1" = Icy Tower v1.5
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer
"ipla" = ipla 2.3.3
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.6.1 (Full)
"Mario Ice Tower" = Mario Ice Tower
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"Mozilla Thunderbird 12.0 (x86 pl)" = Mozilla Thunderbird 12.0 (x86 pl)
"NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151)
"Opera 11.62.1347" = Opera 11.62
"PokerStars.eu" = PokerStars.eu
"RealPlayer 12.0" = RealPlayer
"Speccy" = Speccy
"Totalcmd" = Total Commander (Remove or Repair)
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.01 (32-bitowy)
"YouTube to ALLPlayer_is1" = YouTube to ALLPlayer

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-04-19 19:46:36 | Computer Name = AUTO | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\spybot
- search & destroy\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program
files\spybot - search & destroy\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu
"language" elementu "assemblyIdentity" jest nieprawidłowa.

Error - 2012-04-19 19:46:38 | Computer Name = AUTO | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "d:\Orange\installation\Core\InstallDevice64.exe".
Nie
można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2012-04-19 19:46:39 | Computer Name = AUTO | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "d:\Orange\installation\Core\setupApiWrapper64.exe".
Nie
można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2012-04-20 18:22:06 | Computer Name = AUTO | Source = Google Update | ID = 20
Description =

Error - 2012-04-20 18:53:00 | Computer Name = AUTO | Source = Application Hang | ID = 1002
Description = Program OTL.com w wersji 3.2.40.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: d80 Godzina rozpoczęcia: 01cd1f4820da4017 Godzina zakończenia:
10 Ścieżka aplikacji: C:\Users\Mateusz\Downloads\OTL.com Identyfikator raportu: 91cc4cb1-8b3b-11e1-872e-6c626d360c74


Error - 2012-04-20 18:54:15 | Computer Name = AUTO | Source = Application Hang | ID = 1002
Description = Program OTL.com w wersji 3.2.40.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: 928 Godzina rozpoczęcia: 01cd1f486ab0d9ee Godzina zakończenia:
15 Ścieżka aplikacji: C:\Users\Mateusz\Downloads\OTL.com Identyfikator raportu: bfba2c9b-8b3b-11e1-872e-6c626d360c74


Error - 2012-04-20 18:56:05 | Computer Name = AUTO | Source = Application Hang | ID = 1002
Description = Program OTL.scr w wersji 3.2.40.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: 48c Godzina rozpoczęcia: 01cd1f489d0c84d2 Godzina zakończenia:
72 Ścieżka aplikacji: C:\Users\Mateusz\Downloads\OTL.scr Identyfikator raportu: 003b43c5-8b3c-11e1-872e-6c626d360c74


Error - 2012-04-21 03:07:33 | Computer Name = AUTO | Source = Application Hang | ID = 1002
Description = Program OTL.com w wersji 3.2.40.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: f88 Godzina rozpoczęcia: 01cd1f8d39c4da93 Godzina zakończenia:
10 Ścieżka aplikacji: C:\Users\Mateusz\Downloads\OTL.com Identyfikator raportu: a842d0bb-8b80-11e1-8e43-6c626d360c74


Error - 2012-04-21 03:26:20 | Computer Name = AUTO | Source = Application Hang | ID = 1002
Description = Program OTL.exe w wersji 3.2.40.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: d68 Godzina rozpoczęcia: 01cd1f8fb8276d3a Godzina zakończenia:
19 Ścieżka aplikacji: C:\Users\Mateusz\Downloads\OTL.exe Identyfikator raportu: 46f817ab-8b83-11e1-a98a-6c626d360c74


Error - 2012-04-21 10:23:27 | Computer Name = AUTO | Source = Application Hang | ID = 1002
Description = Program OTL.exe w wersji 3.2.40.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: e5c Godzina rozpoczęcia: 01cd1fca324d863f Godzina zakończenia:
15 Ścieżka aplikacji: C:\Users\Mateusz\Downloads\OTL.exe Identyfikator raportu: 8dc268a7-8bbd-11e1-9111-e0b9a5dc5bb0


[ System Events ]
Error - 2012-04-21 11:53:52 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001
Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie
można uruchomić z powodu następującego błędu: %%1058

Error - 2012-04-21 11:53:52 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001
Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie
można uruchomić z powodu następującego błędu: %%1058

Error - 2012-04-21 11:53:58 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001
Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie
można uruchomić z powodu następującego błędu: %%1058

Error - 2012-04-21 11:53:58 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001
Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie
można uruchomić z powodu następującego błędu: %%1058

Error - 2012-04-21 11:54:02 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001
Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie
można uruchomić z powodu następującego błędu: %%1058

Error - 2012-04-21 11:54:02 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001
Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie
można uruchomić z powodu następującego błędu: %%1058

Error - 2012-04-21 12:15:29 | Computer Name = AUTO | Source = DCOM | ID = 10010
Description =

Error - 2012-04-21 16:16:40 | Computer Name = AUTO | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą SBSD Security Center Service.

Error - 2012-04-21 16:16:40 | Computer Name = AUTO | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi SBSD Security Center Service z powodu następującego
błędu: %%1053

Error - 2012-04-21 16:58:40 | Computer Name = AUTO | Source = DCOM | ID = 10010
Description =


< End of report >[/log]

Gość
komentarz
komentarz

Uruchom OTL i w oknie Własne opcje skanowania/skrypt wklej:

[code]:Files
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job

:OTL
IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yah...={searchTerms}\
IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru...={searchTerms}\
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found

:Commands
[emptytemp][/code]

Zamknij wszystkie przeglądarki. Jest to konieczne. Następnie kliknij w [b]Wykonaj skrypt.[/b]

Zapisz log po usuwaniu i go przedstaw.

Odinstaluj [b]Sapybot Search Destroy[/b]. To przestarzały i nie rozwijany program.

Wykonaj nowy skan OTL i przedstaw raport. Extras już nie potrzebuję

Evander1991
komentarz
komentarz

Raport:

[log]All processes killed
========== FILES ==========
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "qooqlle" removed from browser.search.selectedEngine
Prefs.js: "http://www.qooqlle.com/" removed from browser.startup.homepage
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Readar_sl deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Mateusz
->Temp folder emptied: 17513832 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 21427360 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 37,00 mb


OTL by OldTimer - Version 3.2.40.0 log created on 04222012_162045

Files\Folders moved on Reboot...
File move failed. C:\Users\Mateusz\AppData\Local\Temp\BIT20E8.tmp scheduled to be moved on reboot.

Registry entries deleted on Reboot...[/log]


OTL raport:

[log]OTL logfile created on: 2012-04-22 16:27:22 - Run 3
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy
Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.16562)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,49 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 64,64% Memory free
4,99 Gb Paging File | 4,02 Gb Available in Paging File | 80,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,57 Gb Total Space | 43,47 Gb Free Space | 74,22% Space Free | Partition Type: NTFS
Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS

Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\Programy\OTL.exe
PRC - [2012-04-20 18:17:12 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012-04-19 09:12:24 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe
PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe
PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
PRC - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
PRC - [2010-11-15 13:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
PRC - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe
PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-06-04 09:50:20 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe
PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-04-18 19:24:16 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2010-04-14 03:31:00 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2009-06-10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
MOD - [2009-06-10 23:14:46 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MOD - [2009-06-10 23:14:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF)
SRV - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE)
SRV - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)
SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3)
DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = Yandex
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\Google: "URL" = http://www.google.ru/search?hl=ru&q={searchTerms}\
IE - HKLM\..\SearchScopes\Wikipedia: "URL" = http://ru.wikipedia.org/wiki/{searchTerms}\
IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yahoo.com/search?p={searchTerms}\
IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru/yandsearch?stype=&nl=0&text={searchTerms}\


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012-04-17 12:42:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012-04-17 12:42:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2012-04-17 12:42:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M]

[2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions
[2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions
[2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-04-22 16:22:57 | 000,001,860 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml
[2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
[2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
[2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-19 13:22:10 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
[2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: qooqlle ()
CHR - default_search_provider: search_url = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [STCAgent] C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe ()
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm ()
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\Shell - "" = AutoRun
O33 - MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\Shell\AutoRun\command - "" = F:\setup_homm5.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-21 17:20:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Pliki
[2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer
[2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet
[2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio
[2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive
[2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games
[2012-04-20 00:17:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2012-04-20 00:17:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2012-04-20 00:17:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012-04-20 00:17:26 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2012-04-20 00:17:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2012-04-20 00:17:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2012-04-20 00:17:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2012-04-20 00:17:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012-04-20 00:17:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2012-04-20 00:17:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2012-04-20 00:17:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2012-04-20 00:17:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2012-04-20 00:17:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012-04-20 00:17:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012-04-20 00:17:23 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2012-04-20 00:17:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012-04-20 00:17:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012-04-20 00:17:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2012-04-20 00:17:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012-04-20 00:17:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012-04-20 00:17:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012-04-20 00:17:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012-04-20 00:17:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012-04-20 00:17:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012-04-20 00:17:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012-04-20 00:17:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012-04-20 00:17:20 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012-04-20 00:17:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012-04-20 00:17:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2012-04-20 00:17:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2012-04-20 00:17:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2012-04-20 00:17:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012-04-20 00:17:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2012-04-20 00:17:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2012-04-20 00:17:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2012-04-20 00:17:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2012-04-20 00:17:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2012-04-20 00:17:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012-04-20 00:17:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012-04-20 00:17:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012-04-20 00:17:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012-04-20 00:17:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012-04-20 00:17:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012-04-20 00:17:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012-04-20 00:17:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012-04-20 00:17:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012-04-20 00:17:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012-04-20 00:17:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012-04-20 00:17:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012-04-20 00:17:12 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012-04-20 00:17:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012-04-20 00:17:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012-04-20 00:17:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012-04-20 00:17:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012-04-20 00:17:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012-04-20 00:17:09 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012-04-20 00:17:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012-04-20 00:17:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012-04-20 00:17:09 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012-04-20 00:17:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012-04-20 00:17:08 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012-04-20 00:17:08 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012-04-20 00:17:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012-04-20 00:17:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012-04-20 00:17:07 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012-04-20 00:17:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012-04-20 00:17:07 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012-04-20 00:17:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012-04-20 00:17:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012-04-20 00:17:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012-04-20 00:17:04 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012-04-20 00:17:04 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012-04-20 00:17:03 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012-04-20 00:17:03 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012-04-20 00:17:03 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012-04-20 00:17:02 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012-04-20 00:17:01 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
[2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU
[2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
[2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter
[2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt
[2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO
[2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer
[2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer
[2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player
[2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs
[2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic
[2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit
[2012-04-19 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012-04-19 00:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft
[2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012-04-18 23:57:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa
[2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit
[2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs
[2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera
[2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-04-18 19:24:16 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-18 19:24:16 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI
[2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox
[2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74
[2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird
[2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype
[2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter
[2012-04-17 22:02:03 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012-04-17 22:02:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2012-04-17 22:02:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012-04-17 22:02:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2012-04-17 22:02:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2012-04-17 21:15:51 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PMB Files
[2012-04-17 21:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012-04-17 21:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe
[2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games
[2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012-04-17 19:43:56 | 000,035,968 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys
[2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-04-17 19:37:47 | 000,066,688 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_sata.sys
[2012-04-17 19:37:47 | 000,033,408 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_xata.sys
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012-04-17 19:37:08 | 000,211,984 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys
[2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-04-17 19:36:37 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2012-04-17 19:36:37 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2012-04-17 19:36:36 | 018,388,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2012-04-17 19:36:36 | 008,396,800 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2012-04-17 19:36:36 | 000,247,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2012-04-17 19:36:36 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2012-04-17 19:36:36 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2012-04-17 19:36:36 | 000,013,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2012-04-17 19:36:35 | 008,247,296 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2012-04-17 19:36:35 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2012-04-17 19:36:35 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2012-04-17 19:36:35 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2012-04-17 19:36:35 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2012-04-17 19:26:01 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn0415.exe
[2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000
[2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD
[2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012-04-17 16:05:26 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI
[2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012-04-17 16:00:48 | 004,256,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll
[2012-04-17 16:00:48 | 004,056,064 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2012-04-17 16:00:48 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2012-04-17 16:00:48 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe
[2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2012-04-17 16:00:48 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe
[2012-04-17 16:00:48 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2012-04-17 16:00:48 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2012-04-17 16:00:47 | 004,198,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll
[2012-04-17 16:00:47 | 000,726,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll
[2012-04-17 16:00:47 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2012-04-17 16:00:47 | 000,266,240 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2012-04-17 16:00:47 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe
[2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics
[2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012-04-17 15:27:49 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll
[2012-04-17 15:27:49 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll
[2012-04-17 15:27:48 | 002,285,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2012-04-17 15:27:48 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012-04-17 15:27:48 | 000,178,624 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll
[2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012-04-17 15:27:48 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll
[2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2012-04-17 15:27:47 | 003,378,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012-04-17 15:27:47 | 001,892,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012-04-17 15:27:47 | 001,329,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012-04-17 15:27:47 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012-04-17 15:27:44 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2012-04-17 15:27:44 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2012-04-17 15:27:43 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile
[2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012-04-17 12:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2012-04-17 12:41:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
[2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop
[2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop
[2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software
[2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google
[2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012-04-17 11:47:09 | 001,057,896 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8192ce.sys
[2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver
[2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys
[2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation
[2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia
[2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012-04-17 11:42:19 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics
[2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot
[2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero
[2012-04-16 23:31:19 | 003,144,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back
[2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games
[2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2012-04-16 22:02:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012-04-16 22:02:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012-04-16 22:02:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012-04-16 22:02:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design
[2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe
[2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla
[2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower
[2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla
[2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla
[2012-04-16 21:12:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla
[2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012-04-16 21:02:32 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 21:02:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012-04-16 21:02:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real
[2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-04-16 21:01:25 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012-04-16 20:40:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012-04-16 20:40:31 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia
[2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry
[2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy
[2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange
[2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector
[2012-04-16 20:00:07 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2012-04-16 20:00:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom
[2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities
[2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts
[2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-16 19:56:47 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2012-04-16 19:56:47 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe
[2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe
[2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe
[2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs
[2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games
[2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-22 16:33:06 | 003,670,016 | -H-- | M] () -- C:\Users\Mateusz\NTUSER.DAT
[2012-04-22 16:33:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-22 16:29:35 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-22 16:29:35 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-22 16:22:19 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-22 16:21:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-04-22 16:21:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-22 16:18:44 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-22 09:35:45 | 003,531,115 | -H-- | M] () -- C:\Users\Mateusz\AppData\Local\IconCache.db
[2012-04-21 23:58:16 | 002,317,686 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012-04-21 23:58:16 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-04-21 23:58:16 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2012-04-21 23:58:16 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-04-21 23:58:16 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-04-21 23:58:16 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2012-04-21 23:58:16 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat
[2012-04-19 13:12:01 | 008,180,224 | RHS- | M] () -- C:\ProgramData\TunesHelper.exe
[2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-18 19:33:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-18 19:33:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 20:30:58 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:52:55 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:41:30 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:27 | 000,262,144 | ---- | M] () -- C:\ProgramData\NTUser.dat
[2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012-04-16 23:31:19 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer_.exe.Back.0.219815846169282
[2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:16:57 | 000,051,672 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 21:12:08 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:02:32 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 21:02:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012-04-16 21:02:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI
[2012-04-16 20:52:57 | 000,000,499 | ---- | M] () -- C:\Windows\win.ini
[2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012-04-16 20:05:21 | 000,065,536 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk
[2012-04-16 19:56:36 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2012-04-16 19:56:36 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe
[2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe
[2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe
[2012-04-16 19:54:18 | 000,000,020 | -HS- | M] () -- C:\Users\Mateusz\ntuser.ini

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat
[2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2012-04-19 13:12:07 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe
[2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml
[2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012-04-17 12:52:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:52:53 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:52:53 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:41:27 | 000,262,144 | ---- | C] () -- C:\ProgramData\NTUser.dat
[2012-04-17 12:41:27 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:40:53 | 000,001,408 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
[2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf
[2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat
[2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:14:44 | 003,531,115 | -H-- | C] () -- C:\Users\Mateusz\AppData\Local\IconCache.db
[2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 20:11:28 | 000,051,672 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk
[2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-04-16 19:54:18 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012-04-16 19:54:18 | 000,000,020 | -HS- | C] () -- C:\Users\Mateusz\ntuser.ini
[2012-04-16 19:54:17 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012-04-16 19:54:17 | 000,065,536 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012-04-16 19:54:09 | 003,670,016 | -H-- | C] () -- C:\Users\Mateusz\NTUSER.DAT
[2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010-06-21 13:39:23 | 002,317,686 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI

[color=#E56717]========== LOP Check ==========[/color]

[2012-04-18 23:54:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer
[2012-04-19 01:20:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit
[2012-04-19 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2012-04-20 08:00:29 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\foobar2000
[2012-04-20 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet
[2012-04-17 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-04-16 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ipla
[2012-04-18 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\LolClient
[2012-04-18 18:22:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MSI
[2012-04-21 00:41:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera
[2012-04-17 12:40:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Splashtop
[2012-04-20 00:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive
[2012-04-17 23:34:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2009-07-14 06:53:46 | 000,012,800 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >[/log]

Gość
komentarz
komentarz

wejdz w tryb awaryjny Windows. Uruchom OTL i wykonaj ten skrypt


[code]:OTL
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\Shell - "" = AutoRun
O33 - MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\Shell\AutoRun\command - "" = F:\setup_homm5.exe

:Files
C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml
C:\Program Files\mozilla firefox\searchplugins\v9.xml

:Commands
[emtytemp][/code]


Zapisz rapot z usuwania i napisz jak wyglada sytuacja

Evander1991
komentarz
komentarz

Niestety dalej nic :( Oto raport:

[log]========== OTL ==========
HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "qooqlle" removed from browser.search.selectedEngine
Prefs.js: "http://www.qooqlle.com/" removed from browser.startup.homepage
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Readar_sl deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\ not found.
File F:\setup_homm5.exe not found.
========== FILES ==========
C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml moved successfully.
C:\Program Files\mozilla firefox\searchplugins\v9.xml moved successfully.
========== COMMANDS ==========
Error: Unable to interpret <[emtytemp]> in the current context!

OTL by OldTimer - Version 3.2.40.0 log created on 04222012_194543[/log]

OTL skan:

[log]OTL logfile created on: 2012-04-22 19:54:19 - Run 4
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy
Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.16562)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,49 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 70,08% Memory free
4,99 Gb Paging File | 4,16 Gb Available in Paging File | 83,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,57 Gb Total Space | 43,37 Gb Free Space | 74,05% Space Free | Partition Type: NTFS
Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS

Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\Programy\OTL.exe
PRC - [2012-04-20 18:17:12 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012-04-19 09:12:24 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe
PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe
PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
PRC - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
PRC - [2010-11-15 13:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
PRC - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe
PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-06-04 09:50:20 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe
PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-04-18 19:24:16 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2010-04-14 03:31:00 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2009-06-10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
MOD - [2009-06-10 23:14:46 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MOD - [2009-06-10 23:14:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF)
SRV - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE)
SRV - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)
SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3)
DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = Yandex
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\Google: "URL" = http://www.google.ru/search?hl=ru&q={searchTerms}\
IE - HKLM\..\SearchScopes\Wikipedia: "URL" = http://ru.wikipedia.org/wiki/{searchTerms}\
IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yahoo.com/search?p={searchTerms}\
IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru/yandsearch?stype=&nl=0&text={searchTerms}\


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012-04-17 12:42:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012-04-17 12:42:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2012-04-17 12:42:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M]

[2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions
[2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions
[2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-04-22 19:47:51 | 000,001,860 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml
[2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
[2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
[2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: qooqlle ()
CHR - default_search_provider: search_url = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [STCAgent] C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe ()
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm ()
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-21 17:20:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Pliki
[2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer
[2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet
[2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio
[2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive
[2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games
[2012-04-20 00:17:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2012-04-20 00:17:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2012-04-20 00:17:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012-04-20 00:17:26 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2012-04-20 00:17:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2012-04-20 00:17:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2012-04-20 00:17:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2012-04-20 00:17:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012-04-20 00:17:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2012-04-20 00:17:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2012-04-20 00:17:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2012-04-20 00:17:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2012-04-20 00:17:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012-04-20 00:17:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012-04-20 00:17:23 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2012-04-20 00:17:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012-04-20 00:17:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012-04-20 00:17:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2012-04-20 00:17:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012-04-20 00:17:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012-04-20 00:17:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012-04-20 00:17:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012-04-20 00:17:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012-04-20 00:17:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012-04-20 00:17:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012-04-20 00:17:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012-04-20 00:17:20 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012-04-20 00:17:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012-04-20 00:17:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2012-04-20 00:17:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2012-04-20 00:17:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2012-04-20 00:17:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012-04-20 00:17:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2012-04-20 00:17:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2012-04-20 00:17:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2012-04-20 00:17:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2012-04-20 00:17:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2012-04-20 00:17:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012-04-20 00:17:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012-04-20 00:17:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012-04-20 00:17:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012-04-20 00:17:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012-04-20 00:17:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012-04-20 00:17:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012-04-20 00:17:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012-04-20 00:17:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012-04-20 00:17:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012-04-20 00:17:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012-04-20 00:17:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012-04-20 00:17:12 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012-04-20 00:17:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012-04-20 00:17:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012-04-20 00:17:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012-04-20 00:17:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012-04-20 00:17:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012-04-20 00:17:09 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012-04-20 00:17:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012-04-20 00:17:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012-04-20 00:17:09 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012-04-20 00:17:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012-04-20 00:17:08 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012-04-20 00:17:08 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012-04-20 00:17:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012-04-20 00:17:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012-04-20 00:17:07 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012-04-20 00:17:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012-04-20 00:17:07 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012-04-20 00:17:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012-04-20 00:17:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012-04-20 00:17:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012-04-20 00:17:04 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012-04-20 00:17:04 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012-04-20 00:17:03 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012-04-20 00:17:03 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012-04-20 00:17:03 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012-04-20 00:17:02 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012-04-20 00:17:01 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
[2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU
[2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
[2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter
[2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt
[2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO
[2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer
[2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer
[2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player
[2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs
[2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic
[2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit
[2012-04-19 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012-04-19 00:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft
[2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012-04-18 23:57:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa
[2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit
[2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs
[2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera
[2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-04-18 19:24:16 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-18 19:24:16 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI
[2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox
[2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74
[2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird
[2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype
[2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter
[2012-04-17 22:02:03 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012-04-17 22:02:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2012-04-17 22:02:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012-04-17 22:02:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2012-04-17 22:02:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2012-04-17 21:15:51 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PMB Files
[2012-04-17 21:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012-04-17 21:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe
[2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games
[2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012-04-17 19:43:56 | 000,035,968 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys
[2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-04-17 19:37:47 | 000,066,688 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_sata.sys
[2012-04-17 19:37:47 | 000,033,408 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_xata.sys
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012-04-17 19:37:08 | 000,211,984 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys
[2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-04-17 19:36:37 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2012-04-17 19:36:37 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2012-04-17 19:36:36 | 018,388,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2012-04-17 19:36:36 | 008,396,800 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2012-04-17 19:36:36 | 000,247,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2012-04-17 19:36:36 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2012-04-17 19:36:36 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2012-04-17 19:36:36 | 000,013,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2012-04-17 19:36:35 | 008,247,296 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2012-04-17 19:36:35 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2012-04-17 19:36:35 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2012-04-17 19:36:35 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2012-04-17 19:36:35 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2012-04-17 19:26:01 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn0415.exe
[2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000
[2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD
[2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012-04-17 16:05:26 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI
[2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012-04-17 16:00:48 | 004,256,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll
[2012-04-17 16:00:48 | 004,056,064 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2012-04-17 16:00:48 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2012-04-17 16:00:48 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe
[2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2012-04-17 16:00:48 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe
[2012-04-17 16:00:48 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2012-04-17 16:00:48 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2012-04-17 16:00:47 | 004,198,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll
[2012-04-17 16:00:47 | 000,726,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll
[2012-04-17 16:00:47 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2012-04-17 16:00:47 | 000,266,240 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2012-04-17 16:00:47 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe
[2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics
[2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012-04-17 15:27:49 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll
[2012-04-17 15:27:49 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll
[2012-04-17 15:27:48 | 002,285,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2012-04-17 15:27:48 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012-04-17 15:27:48 | 000,178,624 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll
[2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012-04-17 15:27:48 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll
[2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2012-04-17 15:27:47 | 003,378,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012-04-17 15:27:47 | 001,892,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012-04-17 15:27:47 | 001,329,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012-04-17 15:27:47 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012-04-17 15:27:44 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2012-04-17 15:27:44 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2012-04-17 15:27:43 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile
[2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012-04-17 12:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2012-04-17 12:41:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
[2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop
[2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop
[2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software
[2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google
[2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012-04-17 11:47:09 | 001,057,896 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8192ce.sys
[2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver
[2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys
[2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation
[2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia
[2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012-04-17 11:42:19 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics
[2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot
[2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero
[2012-04-16 23:31:19 | 003,144,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back
[2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games
[2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2012-04-16 22:02:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012-04-16 22:02:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012-04-16 22:02:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012-04-16 22:02:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design
[2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe
[2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla
[2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower
[2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla
[2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla
[2012-04-16 21:12:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla
[2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012-04-16 21:02:32 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 21:02:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012-04-16 21:02:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real
[2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-04-16 21:01:25 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012-04-16 20:40:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012-04-16 20:40:31 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia
[2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry
[2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy
[2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange
[2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector
[2012-04-16 20:00:07 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2012-04-16 20:00:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom
[2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities
[2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts
[2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-16 19:56:47 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2012-04-16 19:56:47 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe
[2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe
[2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe
[2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs
[2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games
[2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-22 20:00:11 | 003,670,016 | -H-- | M] () -- C:\Users\Mateusz\NTUSER.DAT
[2012-04-22 19:54:45 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-22 19:54:45 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-22 19:47:22 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-22 19:47:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-04-22 19:47:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-22 19:33:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-22 19:25:33 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-21 23:58:16 | 002,317,686 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012-04-21 23:58:16 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-04-21 23:58:16 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2012-04-21 23:58:16 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-04-21 23:58:16 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-04-21 23:58:16 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2012-04-21 23:58:16 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat
[2012-04-19 13:12:01 | 008,180,224 | RHS- | M] () -- C:\ProgramData\TunesHelper.exe
[2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-18 19:33:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-18 19:33:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 20:30:58 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:52:55 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:41:30 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:27 | 000,262,144 | ---- | M] () -- C:\ProgramData\NTUser.dat
[2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012-04-16 23:31:19 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer_.exe.Back.0.219815846169282
[2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:16:57 | 000,051,672 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 21:12:08 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:02:32 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 21:02:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012-04-16 21:02:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI
[2012-04-16 20:52:57 | 000,000,499 | ---- | M] () -- C:\Windows\win.ini
[2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012-04-16 20:05:21 | 000,065,536 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk
[2012-04-16 19:56:36 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2012-04-16 19:56:36 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe
[2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe
[2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe
[2012-04-16 19:54:18 | 000,000,020 | -HS- | M] () -- C:\Users\Mateusz\ntuser.ini

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat
[2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2012-04-19 13:12:07 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe
[2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml
[2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012-04-17 12:52:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:52:53 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:52:53 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:41:27 | 000,262,144 | ---- | C] () -- C:\ProgramData\NTUser.dat
[2012-04-17 12:41:27 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:40:53 | 000,001,408 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
[2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf
[2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat
[2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 20:11:28 | 000,051,672 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk
[2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-04-16 19:54:18 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012-04-16 19:54:18 | 000,000,020 | -HS- | C] () -- C:\Users\Mateusz\ntuser.ini
[2012-04-16 19:54:17 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012-04-16 19:54:17 | 000,065,536 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012-04-16 19:54:09 | 003,670,016 | -H-- | C] () -- C:\Users\Mateusz\NTUSER.DAT
[2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010-06-21 13:39:23 | 002,317,686 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI

< End of report >[/log]

Gość
komentarz
komentarz

W pasek adresów w Firefoxie wpisz
[b]about:config > Enter > potwierdź OK[/b]

Znajdź na liście następujące wartości:

[code]FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"[/code]

PPM na wartość wybierasz modyfikuj > wycinasz qooqlle i zostawiasz czyste pole zatwierdzasz OK
w drugie wpisujesz strone startową [b]www.google.pl[/b] zatwierdzasz zmainy i sprawdzasz

  • Dobra wypowiedź 1
Evander1991
komentarz
komentarz

1. Jest tylko do wyboru true or false
2. Zmienione

Nic to niestety nie dało dalej...

Gość
komentarz
komentarz

Odinstaluj następujace oprogramowanie

[b]Splashtop Connect IE
Splashtop Connect for Firefox
Pando Media Booster[/b]

Wykonaj nowy skan OTL i przedstaw log. Spróbujemy jeszcze raz.

Evander1991
komentarz
komentarz

Odinstalowane. Za chwile dodam do tego postu loga. Co do wyszukiwarek w FF u góry po prawej to wcześniej miałem Google(to normalne), Google(coś co się podszywało pod google) i qooqlle. To fałszywe Google zniknęło po tych naprawach skryptu.

OTL raport:

[log]OTL logfile created on: 2012-04-23 09:31:47 - Run 5
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy
Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.16562)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,49 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 71,12% Memory free
4,99 Gb Paging File | 4,24 Gb Available in Paging File | 84,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,57 Gb Total Space | 43,28 Gb Free Space | 73,90% Space Free | Partition Type: NTFS
Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS

Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\Programy\OTL.exe
PRC - [2012-04-20 18:17:12 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe
PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe
PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-06-04 09:50:20 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe
PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2010-04-14 03:31:00 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2009-06-10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
MOD - [2009-06-10 23:14:46 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MOD - [2009-06-10 23:14:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3)
DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = Yandex
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\Google: "URL" = http://www.google.ru/search?hl=ru&q={searchTerms}\
IE - HKLM\..\SearchScopes\Wikipedia: "URL" = http://ru.wikipedia.org/wiki/{searchTerms}\
IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yahoo.com/search?p={searchTerms}\
IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru/yandsearch?stype=&nl=0&text={searchTerms}\


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M]

[2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions
[2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions
[2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-04-23 09:23:37 | 000,001,860 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml
[2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
[2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
[2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: qooqlle ()
CHR - default_search_provider: search_url = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe ()
O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm ()
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.202.144.12 85.202.144.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 85.202.144.12 85.202.144.11
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-23 09:27:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012-04-21 17:20:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Pliki
[2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer
[2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet
[2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio
[2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive
[2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games
[2012-04-20 00:17:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2012-04-20 00:17:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2012-04-20 00:17:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012-04-20 00:17:26 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2012-04-20 00:17:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2012-04-20 00:17:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2012-04-20 00:17:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2012-04-20 00:17:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012-04-20 00:17:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2012-04-20 00:17:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2012-04-20 00:17:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2012-04-20 00:17:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2012-04-20 00:17:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012-04-20 00:17:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012-04-20 00:17:23 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2012-04-20 00:17:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012-04-20 00:17:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012-04-20 00:17:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2012-04-20 00:17:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012-04-20 00:17:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012-04-20 00:17:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012-04-20 00:17:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012-04-20 00:17:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012-04-20 00:17:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012-04-20 00:17:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012-04-20 00:17:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012-04-20 00:17:20 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012-04-20 00:17:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012-04-20 00:17:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2012-04-20 00:17:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2012-04-20 00:17:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2012-04-20 00:17:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012-04-20 00:17:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2012-04-20 00:17:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2012-04-20 00:17:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2012-04-20 00:17:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2012-04-20 00:17:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2012-04-20 00:17:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012-04-20 00:17:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012-04-20 00:17:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012-04-20 00:17:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012-04-20 00:17:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012-04-20 00:17:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012-04-20 00:17:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012-04-20 00:17:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012-04-20 00:17:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012-04-20 00:17:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012-04-20 00:17:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012-04-20 00:17:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012-04-20 00:17:12 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012-04-20 00:17:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012-04-20 00:17:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012-04-20 00:17:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012-04-20 00:17:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012-04-20 00:17:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012-04-20 00:17:09 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012-04-20 00:17:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012-04-20 00:17:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012-04-20 00:17:09 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012-04-20 00:17:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012-04-20 00:17:08 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012-04-20 00:17:08 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012-04-20 00:17:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012-04-20 00:17:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012-04-20 00:17:07 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012-04-20 00:17:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012-04-20 00:17:07 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012-04-20 00:17:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012-04-20 00:17:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012-04-20 00:17:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012-04-20 00:17:04 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012-04-20 00:17:04 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012-04-20 00:17:03 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012-04-20 00:17:03 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012-04-20 00:17:03 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012-04-20 00:17:02 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012-04-20 00:17:01 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
[2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU
[2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
[2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter
[2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt
[2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO
[2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer
[2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer
[2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player
[2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs
[2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic
[2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit
[2012-04-19 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012-04-19 00:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft
[2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012-04-18 23:57:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa
[2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit
[2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs
[2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera
[2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-04-18 19:24:16 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-18 19:24:16 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI
[2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox
[2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74
[2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird
[2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype
[2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter
[2012-04-17 22:02:03 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012-04-17 22:02:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2012-04-17 22:02:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012-04-17 22:02:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2012-04-17 22:02:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2012-04-17 21:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe
[2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games
[2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012-04-17 19:43:56 | 000,035,968 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys
[2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-04-17 19:37:47 | 000,066,688 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_sata.sys
[2012-04-17 19:37:47 | 000,033,408 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_xata.sys
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012-04-17 19:37:08 | 000,211,984 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys
[2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-04-17 19:36:37 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2012-04-17 19:36:37 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2012-04-17 19:36:36 | 018,388,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2012-04-17 19:36:36 | 008,396,800 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2012-04-17 19:36:36 | 000,247,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2012-04-17 19:36:36 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2012-04-17 19:36:36 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2012-04-17 19:36:36 | 000,013,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2012-04-17 19:36:35 | 008,247,296 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2012-04-17 19:36:35 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2012-04-17 19:36:35 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2012-04-17 19:36:35 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2012-04-17 19:36:35 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2012-04-17 19:26:01 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn0415.exe
[2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000
[2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD
[2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012-04-17 16:05:26 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI
[2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012-04-17 16:00:48 | 004,256,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll
[2012-04-17 16:00:48 | 004,056,064 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2012-04-17 16:00:48 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2012-04-17 16:00:48 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe
[2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2012-04-17 16:00:48 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe
[2012-04-17 16:00:48 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2012-04-17 16:00:48 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2012-04-17 16:00:47 | 004,198,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll
[2012-04-17 16:00:47 | 000,726,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll
[2012-04-17 16:00:47 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2012-04-17 16:00:47 | 000,266,240 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2012-04-17 16:00:47 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe
[2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics
[2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012-04-17 15:27:49 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll
[2012-04-17 15:27:49 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll
[2012-04-17 15:27:48 | 002,285,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2012-04-17 15:27:48 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012-04-17 15:27:48 | 000,178,624 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll
[2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012-04-17 15:27:48 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll
[2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2012-04-17 15:27:47 | 003,378,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012-04-17 15:27:47 | 001,892,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012-04-17 15:27:47 | 001,329,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012-04-17 15:27:47 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012-04-17 15:27:44 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2012-04-17 15:27:44 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2012-04-17 15:27:43 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile
[2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012-04-17 12:41:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
[2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop
[2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop
[2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software
[2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google
[2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012-04-17 11:47:09 | 001,057,896 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8192ce.sys
[2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver
[2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys
[2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation
[2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia
[2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012-04-17 11:42:19 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics
[2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot
[2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero
[2012-04-16 23:31:19 | 003,144,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back
[2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games
[2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2012-04-16 22:02:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012-04-16 22:02:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012-04-16 22:02:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012-04-16 22:02:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design
[2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe
[2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla
[2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower
[2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla
[2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla
[2012-04-16 21:12:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla
[2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012-04-16 21:02:32 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 21:02:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012-04-16 21:02:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real
[2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-04-16 21:01:25 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012-04-16 20:40:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012-04-16 20:40:31 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia
[2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry
[2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy
[2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange
[2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector
[2012-04-16 20:00:07 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2012-04-16 20:00:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom
[2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities
[2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts
[2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-16 19:56:47 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2012-04-16 19:56:47 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe
[2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe
[2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe
[2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs
[2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games
[2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-23 09:33:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-23 09:32:12 | 003,670,016 | -H-- | M] () -- C:\Users\Mateusz\NTUSER.DAT
[2012-04-23 09:30:41 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-23 09:30:41 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-23 09:23:26 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-23 09:23:09 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-23 09:23:09 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-04-23 09:22:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-22 23:42:25 | 001,291,634 | -H-- | M] () -- C:\Users\Mateusz\AppData\Local\IconCache.db
[2012-04-22 22:28:52 | 002,317,686 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012-04-22 22:28:52 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-04-22 22:28:52 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2012-04-22 22:28:52 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-04-22 22:28:52 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-04-22 22:28:52 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2012-04-22 22:28:52 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat
[2012-04-19 13:12:01 | 008,180,224 | RHS- | M] () -- C:\ProgramData\TunesHelper.exe
[2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-18 19:33:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-18 19:33:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 20:30:58 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:52:55 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:41:30 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:27 | 000,262,144 | ---- | M] () -- C:\ProgramData\NTUser.dat
[2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012-04-16 23:31:19 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer_.exe.Back.0.219815846169282
[2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:16:57 | 000,051,672 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 21:12:08 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:02:32 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 21:02:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012-04-16 21:02:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI
[2012-04-16 20:52:57 | 000,000,499 | ---- | M] () -- C:\Windows\win.ini
[2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012-04-16 20:05:21 | 000,065,536 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk
[2012-04-16 19:56:36 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2012-04-16 19:56:36 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe
[2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe
[2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe
[2012-04-16 19:54:18 | 000,000,020 | -HS- | M] () -- C:\Users\Mateusz\ntuser.ini

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-22 21:16:51 | 001,291,634 | -H-- | C] () -- C:\Users\Mateusz\AppData\Local\IconCache.db
[2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat
[2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2012-04-19 13:12:07 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe
[2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml
[2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012-04-17 12:52:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:52:53 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:52:53 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:41:27 | 000,262,144 | ---- | C] () -- C:\ProgramData\NTUser.dat
[2012-04-17 12:41:27 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf
[2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat
[2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 20:11:28 | 000,051,672 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk
[2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-04-16 19:54:18 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012-04-16 19:54:18 | 000,000,020 | -HS- | C] () -- C:\Users\Mateusz\ntuser.ini
[2012-04-16 19:54:17 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012-04-16 19:54:17 | 000,065,536 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012-04-16 19:54:09 | 003,670,016 | -H-- | C] () -- C:\Users\Mateusz\NTUSER.DAT
[2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010-06-21 13:39:23 | 002,317,686 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI

[color=#E56717]========== LOP Check ==========[/color]

[2012-04-18 23:54:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer
[2012-04-19 01:20:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit
[2012-04-19 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2012-04-20 08:00:29 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\foobar2000
[2012-04-20 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet
[2012-04-17 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-04-16 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ipla
[2012-04-18 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\LolClient
[2012-04-18 18:22:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MSI
[2012-04-21 00:41:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera
[2012-04-23 09:30:27 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Splashtop
[2012-04-20 00:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive
[2012-04-17 23:34:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2009-07-14 06:53:46 | 000,014,120 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >[/log]

Gość
komentarz
komentarz

Uruchom OTL i w oknie Własne opcje skanowania skrypt wklej:

[code]:OTL
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found

:Files
C:\Program Files\Pando Networks
C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}

:Commands
[reboot][/code]

Kliknij w [b]Wykonaj skrypt[/b]

Przedstawiasz log z usuwania i nowy z opcji Skanuj.

[b]2.[/b] Sprawdź, co jest w tych folderze [b]C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[/b]

ma atrybut ukryty więc musisz miec właczone pokazywanie ukrytych plików systemowych

Evander1991
komentarz
komentarz

Raport z wykonania się nie pojawił. Co do pliku jest to plik systemowy powstał dziś rano o 9:30 i jest też drugi bliźniaczo podobny też z tej samej godziny.

OTL raport:

[log]OTL logfile created on: 2012-04-23 14:32:13 - Run 6
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy
Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.16562)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,49 Gb Total Physical Memory | 1,88 Gb Available Physical Memory | 75,38% Memory free
4,99 Gb Paging File | 4,35 Gb Available in Paging File | 87,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,57 Gb Total Space | 42,61 Gb Free Space | 72,74% Space Free | Partition Type: NTFS
Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS

Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\Programy\OTL.exe
PRC - [2012-04-20 18:17:12 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Updater\Updater.exe
PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe
PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe
PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-06-04 09:50:20 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe
PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3)
DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = Yandex
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\Google: "URL" = http://www.google.ru/search?hl=ru&q={searchTerms}\
IE - HKLM\..\SearchScopes\Wikipedia: "URL" = http://ru.wikipedia.org/wiki/{searchTerms}\
IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yahoo.com/search?p={searchTerms}\
IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru/yandsearch?stype=&nl=0&text={searchTerms}\


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M]

[2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions
[2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions
[2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-04-23 14:31:00 | 000,001,860 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml
[2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
[2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
[2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: qooqlle ()
CHR - default_search_provider: search_url = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe ()
O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm ()
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.202.144.12 85.202.144.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 85.202.144.12 85.202.144.11
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-23 10:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012-04-23 09:27:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012-04-21 17:20:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Pliki
[2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer
[2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet
[2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio
[2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive
[2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games
[2012-04-20 00:17:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2012-04-20 00:17:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2012-04-20 00:17:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012-04-20 00:17:26 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2012-04-20 00:17:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2012-04-20 00:17:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2012-04-20 00:17:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2012-04-20 00:17:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012-04-20 00:17:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2012-04-20 00:17:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2012-04-20 00:17:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2012-04-20 00:17:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2012-04-20 00:17:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012-04-20 00:17:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012-04-20 00:17:23 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2012-04-20 00:17:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012-04-20 00:17:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012-04-20 00:17:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2012-04-20 00:17:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012-04-20 00:17:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012-04-20 00:17:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012-04-20 00:17:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012-04-20 00:17:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012-04-20 00:17:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012-04-20 00:17:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012-04-20 00:17:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012-04-20 00:17:20 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012-04-20 00:17:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012-04-20 00:17:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2012-04-20 00:17:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2012-04-20 00:17:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2012-04-20 00:17:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012-04-20 00:17:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2012-04-20 00:17:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2012-04-20 00:17:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2012-04-20 00:17:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2012-04-20 00:17:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2012-04-20 00:17:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012-04-20 00:17:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012-04-20 00:17:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012-04-20 00:17:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012-04-20 00:17:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012-04-20 00:17:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012-04-20 00:17:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012-04-20 00:17:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012-04-20 00:17:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012-04-20 00:17:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012-04-20 00:17:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012-04-20 00:17:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012-04-20 00:17:12 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012-04-20 00:17:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012-04-20 00:17:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012-04-20 00:17:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012-04-20 00:17:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012-04-20 00:17:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012-04-20 00:17:09 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012-04-20 00:17:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012-04-20 00:17:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012-04-20 00:17:09 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012-04-20 00:17:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012-04-20 00:17:08 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012-04-20 00:17:08 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012-04-20 00:17:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012-04-20 00:17:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012-04-20 00:17:07 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012-04-20 00:17:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012-04-20 00:17:07 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012-04-20 00:17:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012-04-20 00:17:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012-04-20 00:17:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012-04-20 00:17:04 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012-04-20 00:17:04 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012-04-20 00:17:03 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012-04-20 00:17:03 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012-04-20 00:17:03 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012-04-20 00:17:02 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012-04-20 00:17:01 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
[2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU
[2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
[2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter
[2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt
[2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO
[2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer
[2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer
[2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player
[2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs
[2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic
[2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit
[2012-04-19 00:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft
[2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012-04-18 23:57:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa
[2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit
[2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs
[2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera
[2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-04-18 19:24:16 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-18 19:24:16 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI
[2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox
[2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74
[2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird
[2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype
[2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter
[2012-04-17 22:02:03 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012-04-17 22:02:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2012-04-17 22:02:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012-04-17 22:02:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2012-04-17 22:02:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe
[2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games
[2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012-04-17 19:43:56 | 000,035,968 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys
[2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-04-17 19:37:47 | 000,066,688 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_sata.sys
[2012-04-17 19:37:47 | 000,033,408 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_xata.sys
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012-04-17 19:37:08 | 000,211,984 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys
[2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-04-17 19:36:37 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2012-04-17 19:36:37 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2012-04-17 19:36:36 | 018,388,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2012-04-17 19:36:36 | 008,396,800 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2012-04-17 19:36:36 | 000,247,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2012-04-17 19:36:36 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2012-04-17 19:36:36 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2012-04-17 19:36:36 | 000,013,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2012-04-17 19:36:35 | 008,247,296 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2012-04-17 19:36:35 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2012-04-17 19:36:35 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2012-04-17 19:36:35 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2012-04-17 19:36:35 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2012-04-17 19:26:01 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn0415.exe
[2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000
[2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD
[2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012-04-17 16:05:26 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI
[2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012-04-17 16:00:48 | 004,256,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll
[2012-04-17 16:00:48 | 004,056,064 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2012-04-17 16:00:48 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2012-04-17 16:00:48 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe
[2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2012-04-17 16:00:48 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe
[2012-04-17 16:00:48 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2012-04-17 16:00:48 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2012-04-17 16:00:47 | 004,198,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll
[2012-04-17 16:00:47 | 000,726,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll
[2012-04-17 16:00:47 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2012-04-17 16:00:47 | 000,266,240 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2012-04-17 16:00:47 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe
[2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics
[2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012-04-17 15:27:49 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll
[2012-04-17 15:27:49 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll
[2012-04-17 15:27:48 | 002,285,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2012-04-17 15:27:48 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012-04-17 15:27:48 | 000,178,624 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll
[2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012-04-17 15:27:48 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll
[2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2012-04-17 15:27:47 | 003,378,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012-04-17 15:27:47 | 001,892,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012-04-17 15:27:47 | 001,329,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012-04-17 15:27:47 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012-04-17 15:27:44 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2012-04-17 15:27:44 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2012-04-17 15:27:43 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile
[2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop
[2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop
[2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software
[2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google
[2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012-04-17 11:47:09 | 001,057,896 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8192ce.sys
[2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver
[2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys
[2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation
[2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia
[2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012-04-17 11:42:19 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics
[2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot
[2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero
[2012-04-16 23:31:19 | 003,144,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back
[2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games
[2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2012-04-16 22:02:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012-04-16 22:02:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012-04-16 22:02:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012-04-16 22:02:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design
[2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe
[2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla
[2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower
[2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla
[2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla
[2012-04-16 21:12:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla
[2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012-04-16 21:02:32 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 21:02:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012-04-16 21:02:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real
[2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-04-16 21:01:25 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012-04-16 20:40:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012-04-16 20:40:31 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia
[2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry
[2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy
[2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange
[2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector
[2012-04-16 20:00:07 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2012-04-16 20:00:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom
[2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities
[2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts
[2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-16 19:56:47 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2012-04-16 19:56:47 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe
[2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe
[2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe
[2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs
[2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games
[2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-23 14:33:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-23 14:30:34 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-23 14:30:16 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-04-23 14:30:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-23 14:29:18 | 003,670,016 | -H-- | M] () -- C:\Users\Mateusz\NTUSER.DAT
[2012-04-23 14:29:16 | 001,667,712 | -H-- | M] () -- C:\Users\Mateusz\AppData\Local\IconCache.db
[2012-04-23 14:18:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-23 09:30:41 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-23 09:30:41 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-22 22:28:52 | 002,317,686 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012-04-22 22:28:52 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-04-22 22:28:52 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2012-04-22 22:28:52 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-04-22 22:28:52 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-04-22 22:28:52 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2012-04-22 22:28:52 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat
[2012-04-19 13:12:01 | 008,180,224 | RHS- | M] () -- C:\ProgramData\TunesHelper.exe
[2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-18 19:33:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-18 19:33:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 20:30:58 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:52:55 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:41:30 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:27 | 000,262,144 | ---- | M] () -- C:\ProgramData\NTUser.dat
[2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012-04-16 23:31:19 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer_.exe.Back.0.219815846169282
[2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:16:57 | 000,051,672 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 21:12:08 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:02:32 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 21:02:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012-04-16 21:02:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI
[2012-04-16 20:52:57 | 000,000,499 | ---- | M] () -- C:\Windows\win.ini
[2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012-04-16 20:05:21 | 000,065,536 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk
[2012-04-16 19:56:36 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2012-04-16 19:56:36 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe
[2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe
[2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe
[2012-04-16 19:54:18 | 000,000,020 | -HS- | M] () -- C:\Users\Mateusz\ntuser.ini

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-22 21:16:51 | 001,667,712 | -H-- | C] () -- C:\Users\Mateusz\AppData\Local\IconCache.db
[2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat
[2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2012-04-19 13:12:07 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe
[2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml
[2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012-04-17 12:52:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:52:53 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:52:53 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms
[2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms
[2012-04-17 12:41:27 | 000,262,144 | ---- | C] () -- C:\ProgramData\NTUser.dat
[2012-04-17 12:41:27 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf
[2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf
[2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat
[2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 20:11:28 | 000,051,672 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk
[2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-04-16 19:54:18 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012-04-16 19:54:18 | 000,000,020 | -HS- | C] () -- C:\Users\Mateusz\ntuser.ini
[2012-04-16 19:54:17 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012-04-16 19:54:17 | 000,065,536 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012-04-16 19:54:09 | 003,670,016 | -H-- | C] () -- C:\Users\Mateusz\NTUSER.DAT
[2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010-06-21 13:39:23 | 002,317,686 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI

[color=#E56717]========== LOP Check ==========[/color]

[2012-04-18 23:54:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer
[2012-04-19 01:20:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit
[2012-04-19 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2012-04-20 08:00:29 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\foobar2000
[2012-04-20 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet
[2012-04-17 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-04-16 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ipla
[2012-04-18 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\LolClient
[2012-04-18 18:22:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MSI
[2012-04-21 00:41:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera
[2012-04-23 09:30:27 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Splashtop
[2012-04-20 00:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive
[2012-04-17 23:34:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2009-07-14 06:53:46 | 000,014,648 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >[/log]

Gość
komentarz
komentarz (edytowane)

[quote]Raport z wykonania się nie pojawił. [/quote]

Jest w katalogu [b]C:\OTL[/b] ale na razie zostaw.

Uruchom [b]OTL[/b] i wklej skrypt:

[code]:OTL
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="about:blank"

:Commands
[emptytemp][/code]

Klikasz w [b]Wykonaj skrypt[/b]. teraz log z usuwania będzie.

Napisz konkretnie jaka strona startowa jest w przgladarce Firefox i czy uzywasz przegladarki Chrome?

Evander1991
komentarz
komentarz

Strona startowa ciągle ustawia się na: http://www.qooqlle.com/
Chrome jest zainstalowane, ale sporadycznie używane. Głównie FF.

[log]All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Mateusz
->Temp folder emptied: 18400372 bytes
->Temporary Internet Files folder emptied: 54608 bytes
->FireFox cache emptied: 64484815 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 10405 bytes
->Flash cache emptied: 2351 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 119046867 bytes
RecycleBin emptied: 1329601 bytes

Total Files Cleaned = 194,00 mb


OTL by OldTimer - Version 3.2.40.0 log created on 04232012_163923

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...[/log]

Gość
komentarz
komentarz (edytowane)

Skopiuj skrypt do notatnika. Zamknij Firefoxa. Uruchom OTL i wklej skrypt

:OTL
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found
O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe ()

:Files
C:\Program Files\v9Soft

:Commands
[emptyflash]
[emptytemp]



Po usuwaniu. Sprawdź w FF Narzedzia >Opcje >Ogólne jaka jest strona startowa. Wykasuj adres qooqlle jak bedzie i wpisz [b]www.google.pl[/b]

Zamknij przegladarke i uruchom ponownie. Sprawdź czy są zmiany.

Spróbuj jeszce raz pobrać [b]AdwCleaner[/b] i uruchom go w przy wyłaczonym [b]ESET[/b]

daj log z opcji Search

Evander1991
komentarz
komentarz

W FF jest teraz strona startowa FF(ta domowa). W Operze i Chrome dalej jest qooqlle. Zaraz ściągnę program i spróbuję przeskanować..

[log]# AdwCleaner v1.604 - Logfile created 04/23/2012 at 17:31:52
# Updated 23/04/2012 by Xplode
# Operating system : Windows 7 Ultimate (32 bits)
# User : Mateusz - AUTO
# Running from : C:\Users\Mateusz\Downloads\adwcleaner(1).exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Conduit

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.16562

[OK] Registry is clean.

-\\ Mozilla Firefox v11.0 (pl)

Profile name : default
File : C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v18.0.1025.162

File : C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v11.62.1347.0

File : C:\Users\Mateusz\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1025 octets] - [23/04/2012 17:31:52]

########## EOF - C:\AdwCleaner[R1].txt - [1153 octets] ##########[/log]

Gość
komentarz
komentarz

[quote]W FF jest teraz strona startowa FF(ta domowa). [/quote]

Jak logi pokazywały qooqle? To w końcu jak FF działa normalnie? Pokazuje sie [b]domyślna strona startowa Mozilli[/b]?

Tak powinno być jak na obrazku

http://imageshack.us/photo/my-images/404/47319540.jpg/



Do zmiany w Chrome trzeba przeprowadzić ręcznie w Opcjach

http://img834.imageshack.us/img834/2607/googlez.png



A ja sie tutaj poce. Uruchom AdwCleaner i kliknij Delete.
Przestaw te strony w innych przegladarkach. Daj log z skanu OTL, jak wszystko zrobisz

Evander1991
komentarz
komentarz

Pokazuje się tak:

http://zapodaj.net/1403d3ad980f.png.html

[log]OTL logfile created on: 2012-04-23 18:37:56 - Run 7
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy
Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.16562)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,49 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 65,85% Memory free
4,99 Gb Paging File | 4,07 Gb Available in Paging File | 81,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,57 Gb Total Space | 42,70 Gb Free Space | 72,91% Space Free | Partition Type: NTFS
Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS

Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\Programy\OTL.exe
PRC - [2012-04-20 18:17:12 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012-04-19 09:12:24 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe
PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe
PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-06-04 09:50:20 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe
PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-04-18 19:24:16 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2010-04-14 03:31:00 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2009-06-10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
MOD - [2009-06-10 23:14:46 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MOD - [2009-06-10 23:14:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3)
DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = Yandex
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\Google: "URL" = http://www.google.ru/search?hl=ru&q={searchTerms}\
IE - HKLM\..\SearchScopes\Wikipedia: "URL" = http://ru.wikipedia.org/wiki/{searchTerms}\
IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yahoo.com/search?p={searchTerms}\
IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru/yandsearch?stype=&nl=0&text={searchTerms}\


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms}
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M]

[2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions
[2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions
[2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
[2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
[2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F
CHR - default_search_provider: suggest_url =
CHR - Extension: Skype Click to Call = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm ()
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.202.144.12 85.202.144.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 85.202.144.12 85.202.144.11
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-23 10:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012-04-23 09:27:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012-04-21 17:20:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Pliki
[2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer
[2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet
[2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio
[2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive
[2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive
[2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games
[2012-04-20 00:17:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2012-04-20 00:17:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2012-04-20 00:17:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012-04-20 00:17:26 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2012-04-20 00:17:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2012-04-20 00:17:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2012-04-20 00:17:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2012-04-20 00:17:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012-04-20 00:17:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2012-04-20 00:17:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2012-04-20 00:17:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2012-04-20 00:17:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2012-04-20 00:17:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012-04-20 00:17:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012-04-20 00:17:23 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2012-04-20 00:17:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012-04-20 00:17:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012-04-20 00:17:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2012-04-20 00:17:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012-04-20 00:17:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012-04-20 00:17:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012-04-20 00:17:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012-04-20 00:17:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012-04-20 00:17:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012-04-20 00:17:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012-04-20 00:17:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012-04-20 00:17:20 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012-04-20 00:17:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012-04-20 00:17:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2012-04-20 00:17:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2012-04-20 00:17:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2012-04-20 00:17:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012-04-20 00:17:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2012-04-20 00:17:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2012-04-20 00:17:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2012-04-20 00:17:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2012-04-20 00:17:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2012-04-20 00:17:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012-04-20 00:17:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012-04-20 00:17:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012-04-20 00:17:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012-04-20 00:17:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012-04-20 00:17:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012-04-20 00:17:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012-04-20 00:17:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012-04-20 00:17:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012-04-20 00:17:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012-04-20 00:17:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012-04-20 00:17:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012-04-20 00:17:12 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012-04-20 00:17:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012-04-20 00:17:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012-04-20 00:17:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012-04-20 00:17:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012-04-20 00:17:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012-04-20 00:17:09 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012-04-20 00:17:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012-04-20 00:17:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012-04-20 00:17:09 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012-04-20 00:17:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012-04-20 00:17:08 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012-04-20 00:17:08 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012-04-20 00:17:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012-04-20 00:17:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012-04-20 00:17:07 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012-04-20 00:17:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012-04-20 00:17:07 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012-04-20 00:17:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012-04-20 00:17:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012-04-20 00:17:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012-04-20 00:17:04 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012-04-20 00:17:04 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012-04-20 00:17:03 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012-04-20 00:17:03 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012-04-20 00:17:03 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012-04-20 00:17:02 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012-04-20 00:17:01 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU
[2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
[2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU
[2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
[2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO
[2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter
[2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt
[2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO
[2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer
[2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer
[2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player
[2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs
[2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic
[2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit
[2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012-04-18 23:57:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa
[2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp
[2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3
[2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit
[2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs
[2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera
[2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera
[2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-04-18 19:24:16 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-18 19:24:16 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI
[2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox
[2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74
[2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird
[2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype
[2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter
[2012-04-17 22:02:03 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012-04-17 22:02:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2012-04-17 22:02:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012-04-17 22:02:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2012-04-17 22:02:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe
[2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games
[2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012-04-17 19:43:56 | 000,035,968 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys
[2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-04-17 19:37:47 | 000,066,688 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_sata.sys
[2012-04-17 19:37:47 | 000,033,408 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_xata.sys
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012-04-17 19:37:08 | 000,211,984 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys
[2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-04-17 19:36:37 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2012-04-17 19:36:37 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2012-04-17 19:36:36 | 018,388,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2012-04-17 19:36:36 | 008,396,800 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2012-04-17 19:36:36 | 000,247,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2012-04-17 19:36:36 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2012-04-17 19:36:36 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2012-04-17 19:36:36 | 000,013,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2012-04-17 19:36:35 | 008,247,296 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2012-04-17 19:36:35 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2012-04-17 19:36:35 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2012-04-17 19:36:35 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2012-04-17 19:36:35 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2012-04-17 19:26:01 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn0415.exe
[2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000
[2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD
[2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012-04-17 16:05:26 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI
[2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI
[2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012-04-17 16:00:48 | 004,256,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll
[2012-04-17 16:00:48 | 004,056,064 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2012-04-17 16:00:48 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2012-04-17 16:00:48 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe
[2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2012-04-17 16:00:48 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe
[2012-04-17 16:00:48 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2012-04-17 16:00:48 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2012-04-17 16:00:47 | 004,198,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll
[2012-04-17 16:00:47 | 000,726,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll
[2012-04-17 16:00:47 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2012-04-17 16:00:47 | 000,266,240 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2012-04-17 16:00:47 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe
[2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics
[2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012-04-17 15:27:49 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll
[2012-04-17 15:27:49 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll
[2012-04-17 15:27:48 | 002,285,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2012-04-17 15:27:48 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012-04-17 15:27:48 | 000,178,624 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll
[2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012-04-17 15:27:48 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll
[2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2012-04-17 15:27:47 | 003,378,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012-04-17 15:27:47 | 001,892,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012-04-17 15:27:47 | 001,329,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012-04-17 15:27:47 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012-04-17 15:27:44 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2012-04-17 15:27:44 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2012-04-17 15:27:43 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile
[2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop
[2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop
[2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software
[2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google
[2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012-04-17 11:47:09 | 001,057,896 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8192ce.sys
[2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver
[2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys
[2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation
[2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia
[2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012-04-17 11:42:19 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics
[2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot
[2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero
[2012-04-16 23:31:19 | 003,144,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back
[2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games
[2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2012-04-16 22:02:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012-04-16 22:02:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012-04-16 22:02:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012-04-16 22:02:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design
[2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe
[2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla
[2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla
[2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower
[2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla
[2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla
[2012-04-16 21:12:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla
[2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla
[2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012-04-16 21:02:32 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 21:02:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012-04-16 21:02:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real
[2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-04-16 21:01:25 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012-04-16 20:40:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012-04-16 20:40:31 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia
[2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry
[2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy
[2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange
[2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector
[2012-04-16 20:00:07 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2012-04-16 20:00:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom
[2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches
[2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities
[2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts
[2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-16 19:56:47 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2012-04-16 19:56:47 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe
[2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe
[2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe
[2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji
[2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft
[2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs
[2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop
[2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos
[2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games
[2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-23 18:42:09 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-23 18:42:09 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-23 18:35:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-23 18:34:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-23 18:33:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-23 18:18:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-23 17:41:36 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-04-23 17:41:36 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2012-04-23 17:41:36 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-04-23 17:41:36 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-04-23 17:41:36 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2012-04-23 17:41:36 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-04-23 17:37:33 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat
[2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-18 19:33:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-18 19:33:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012-04-16 23:31:19 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer_.exe.Back.0.219815846169282
[2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 21:12:08 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-04-16 21:02:32 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012-04-16 21:02:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012-04-16 21:02:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI
[2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk
[2012-04-16 19:56:36 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2012-04-16 19:56:36 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe
[2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe
[2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat
[2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml
[2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT
[2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk
[2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf
[2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat
[2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk
[2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk
[2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk
[2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk
[2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk
[2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe

[color=#E56717]========== LOP Check ==========[/color]

[2012-04-18 23:54:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer
[2012-04-19 01:20:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit
[2012-04-19 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2012-04-20 08:00:29 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\foobar2000
[2012-04-20 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet
[2012-04-17 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-04-16 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ipla
[2012-04-18 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\LolClient
[2012-04-18 18:22:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MSI
[2012-04-21 00:41:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera
[2012-04-23 09:30:27 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Splashtop
[2012-04-20 00:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive
[2012-04-17 23:34:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2009-07-14 06:53:46 | 000,015,704 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >[/log]


Wszystko działa poprawnie z tego co widzę chyba.

Gość
komentarz
komentarz

Nie wiem jak ty do tej pory wykonywałeś skrypty. W logu jest wszystko OK.

[b]1.[/b] Uruchom OTL i kliknij opcję [b]Sprzatanie[/b]. To usunie program i kwarantannę.

[b]2. [/b]Wyczyść foldery [b]Przywracania systemu - instrukcja[/b] http://www.fixitpc.pl/topic/5-dezynfekcja-kroki-finalizujace-temat/page__p__42415#entry42415

[b]3.[/b] Zaktualizuj system. Brak [b]Service pack 1 dla Windows7[/b]
http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=c3202ce6-4056-4059-8a1b-3a9b77cdfdda

Evander1991
komentarz
komentarz

Okey zaraz wszystko zrobię. Dzięki :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.