Evander1991 utworzono 21 kwietnia 2012 utworzono 21 kwietnia 2012 Wiem, że temat już wałkowany, ale sam nie daje sobie rady. Wklejam logi z OTL.exe. OTL raport: [log]OTL logfile created on: 2012-04-21 16:58:59 - Run 1 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Downloads Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.16562) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,49 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 61,90% Memory free 4,99 Gb Paging File | 3,99 Gb Available in Paging File | 79,95% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 58,57 Gb Total Space | 42,29 Gb Free Space | 72,21% Space Free | Partition Type: NTFS Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Downloads\OTL.exe PRC - [2012-04-19 09:12:24 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-04-19 09:12:20 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe PRC - [2011-10-25 15:22:38 | 011,438,696 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe PRC - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe PRC - [2010-11-15 13:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe PRC - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe PRC - [2010-09-28 15:33:02 | 000,299,008 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe PRC - [2010-08-23 16:11:04 | 000,299,008 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-06-04 09:50:40 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe PRC - [2009-07-14 03:14:47 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 03:14:43 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2009-07-14 03:14:42 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2009-06-10 23:14:51 | 000,042,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe PRC - [2009-05-08 14:49:52 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-01-26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Downloads\OTL.exe MOD - [2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll MOD - [2012-04-19 09:12:24 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe MOD - [2012-04-19 09:12:24 | 000,269,240 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll MOD - [2012-04-19 09:12:24 | 000,044,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozglue.dll MOD - [2012-04-19 09:12:24 | 000,016,312 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-04-19 09:12:23 | 000,818,104 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll MOD - [2012-04-19 09:12:23 | 000,646,072 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll MOD - [2012-04-19 09:12:23 | 000,371,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll MOD - [2012-04-19 09:12:23 | 000,187,320 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll MOD - [2012-04-19 09:12:23 | 000,109,496 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll MOD - [2012-04-19 09:12:23 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll MOD - [2012-04-19 09:12:20 | 015,915,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll MOD - [2012-04-19 09:12:20 | 000,170,936 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll MOD - [2012-04-19 09:12:20 | 000,158,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll MOD - [2012-04-19 09:12:20 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll MOD - [2012-04-19 09:12:20 | 000,022,456 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll MOD - [2012-04-19 09:12:20 | 000,020,920 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll MOD - [2012-04-19 09:12:20 | 000,019,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll MOD - [2012-04-19 09:12:20 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe MOD - [2012-04-18 19:24:16 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll MOD - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe MOD - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe MOD - [2012-04-16 20:36:32 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll MOD - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe MOD - [2011-10-25 15:22:38 | 011,438,696 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe MOD - [2011-09-22 12:11:56 | 000,410,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll MOD - [2011-09-22 12:09:44 | 000,093,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll MOD - [2011-09-22 12:07:26 | 000,183,904 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiHips.dll MOD - [2011-09-22 12:05:24 | 000,394,024 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll MOD - [2011-09-22 12:04:32 | 001,044,984 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll MOD - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe MOD - [2011-09-22 12:02:30 | 000,101,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll MOD - [2011-09-22 12:01:56 | 000,097,384 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll MOD - [2011-09-22 12:00:52 | 000,245,704 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll MOD - [2011-09-16 14:39:56 | 000,098,664 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll MOD - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe MOD - [2011-07-28 17:55:42 | 000,011,264 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll MOD - [2011-07-28 17:55:42 | 000,007,680 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll MOD - [2011-07-28 17:55:40 | 000,033,280 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll MOD - [2011-07-28 17:55:40 | 000,015,360 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll MOD - [2011-07-28 17:55:38 | 000,016,896 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Runtime.dll MOD - [2011-07-28 17:55:38 | 000,008,704 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll MOD - [2011-07-28 17:55:36 | 000,040,448 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Dashboard.dll MOD - [2011-07-28 17:55:36 | 000,012,800 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll MOD - [2011-07-28 17:55:34 | 000,027,648 | ---- | M] (Advanced Mirco Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll MOD - [2011-07-28 17:55:34 | 000,018,944 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll MOD - [2011-07-28 17:55:34 | 000,013,824 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll MOD - [2011-07-28 17:55:30 | 000,033,792 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll MOD - [2011-07-28 17:55:30 | 000,008,192 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Shared.dll MOD - [2011-07-28 17:55:28 | 000,019,968 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll MOD - [2011-07-28 17:55:26 | 000,070,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Fusion.Aspects.Runtime.dll MOD - [2011-07-28 17:55:26 | 000,012,288 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll MOD - [2011-07-28 17:55:24 | 000,240,128 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll MOD - [2011-07-28 17:55:22 | 002,448,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Dashboard.dll MOD - [2011-07-28 17:55:20 | 002,041,344 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011-07-28 17:54:56 | 000,026,112 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Dashboard.dll MOD - [2011-07-28 17:54:50 | 000,028,672 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Dashboard.dll MOD - [2011-07-28 17:54:42 | 001,259,520 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.User.Fuel.Dashboard.dll MOD - [2011-07-28 17:54:34 | 000,048,128 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Dashboard.dll MOD - [2011-07-28 17:54:26 | 000,096,768 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll MOD - [2011-07-28 17:54:24 | 000,316,416 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2011-07-28 17:54:18 | 000,774,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2011-07-28 17:54:14 | 000,061,440 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll MOD - [2011-07-28 17:54:08 | 000,021,504 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Dashboard.dll MOD - [2011-07-28 17:54:02 | 000,524,288 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll MOD - [2011-07-28 17:53:58 | 000,159,744 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll MOD - [2011-07-28 17:53:56 | 000,013,312 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Shared.dll MOD - [2011-07-28 17:53:54 | 000,012,800 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Shared.dll MOD - [2011-07-28 17:53:54 | 000,007,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Shared.dll MOD - [2011-07-28 17:53:52 | 000,019,968 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll MOD - [2011-07-28 17:53:52 | 000,012,800 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll MOD - [2011-07-28 17:53:52 | 000,011,264 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Shared.dll MOD - [2011-07-28 17:53:52 | 000,008,704 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll MOD - [2011-07-28 17:53:50 | 000,010,752 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll MOD - [2011-07-28 17:53:48 | 000,168,960 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll MOD - [2011-07-28 17:53:48 | 000,013,824 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll MOD - [2011-07-28 17:53:32 | 000,011,776 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll MOD - [2011-07-28 17:53:32 | 000,008,704 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll MOD - [2011-07-28 17:53:32 | 000,008,192 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll MOD - [2011-07-28 17:53:30 | 000,050,688 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Shared.dll MOD - [2011-07-28 17:53:26 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll MOD - [2011-07-28 17:53:16 | 000,045,056 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2011-07-28 17:53:16 | 000,035,840 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2011-07-28 17:53:16 | 000,020,480 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll MOD - [2011-07-28 17:53:16 | 000,006,656 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll MOD - [2011-07-28 17:53:14 | 000,095,744 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll MOD - [2011-07-28 17:53:14 | 000,022,016 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll MOD - [2011-07-28 17:53:14 | 000,018,432 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll MOD - [2011-07-28 17:53:08 | 000,417,792 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll MOD - [2011-07-28 17:53:04 | 000,018,432 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2011-07-28 17:53:02 | 000,077,824 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2011-07-28 17:53:02 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2011-07-28 17:53:00 | 000,032,768 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2011-07-28 17:52:58 | 000,028,672 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2011-07-28 17:52:58 | 000,020,480 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2011-07-28 17:52:56 | 000,106,496 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2011-07-28 17:52:56 | 000,055,808 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll MOD - [2011-07-28 17:52:54 | 000,065,536 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2011-07-28 17:52:54 | 000,045,056 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2011-07-28 17:52:54 | 000,043,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2011-07-28 17:52:52 | 000,081,920 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2011-07-28 17:52:50 | 000,025,088 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2011-07-28 17:52:50 | 000,008,704 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2011-07-28 17:52:46 | 000,020,480 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2011-07-28 17:52:44 | 000,172,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll MOD - [2011-07-28 17:52:44 | 000,028,672 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2011-07-28 17:52:40 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2011-07-28 17:52:40 | 000,053,248 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2011-07-28 17:52:40 | 000,032,768 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2011-07-28 17:52:38 | 001,003,520 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2011-07-28 17:52:34 | 000,053,248 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2011-07-28 17:52:34 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2011-07-28 17:52:34 | 000,040,960 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2011-07-28 17:52:32 | 000,376,832 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll MOD - [2011-07-28 17:52:32 | 000,028,672 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2011-07-28 17:52:26 | 001,284,096 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll MOD - [2011-07-28 17:52:24 | 000,262,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll MOD - [2011-07-28 17:52:24 | 000,036,352 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll MOD - [2011-07-28 17:52:18 | 000,303,104 | ---- | M] (Advanced Mirco Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll MOD - [2011-07-28 17:52:16 | 000,005,632 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll MOD - [2011-07-28 17:52:14 | 000,020,480 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2011-07-28 17:52:14 | 000,008,704 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll MOD - [2011-07-28 17:52:14 | 000,005,632 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll MOD - [2011-07-28 17:52:14 | 000,005,120 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Audio.Shared.dll MOD - [2011-07-28 17:52:12 | 000,065,536 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll MOD - [2011-07-28 17:52:12 | 000,057,344 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll MOD - [2011-07-28 17:52:12 | 000,006,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll MOD - [2011-07-28 17:52:10 | 000,034,816 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll MOD - [2011-07-28 17:52:10 | 000,032,768 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll MOD - [2011-07-28 17:52:10 | 000,006,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll MOD - [2011-07-28 17:52:08 | 000,037,376 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll MOD - [2011-07-28 17:52:08 | 000,007,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll MOD - [2011-07-28 17:52:08 | 000,006,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll MOD - [2011-07-28 17:52:08 | 000,005,632 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll MOD - [2011-07-28 17:52:06 | 000,029,184 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll MOD - [2011-07-28 17:52:06 | 000,008,704 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll MOD - [2011-07-28 17:52:06 | 000,005,632 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll MOD - [2011-07-28 17:52:04 | 000,180,224 | ---- | M] (Advanced Mirco Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll MOD - [2011-07-28 17:52:04 | 000,020,480 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll MOD - [2011-07-28 17:52:04 | 000,005,632 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll MOD - [2011-07-28 17:52:02 | 000,024,576 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll MOD - [2011-07-28 17:52:00 | 000,032,768 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll MOD - [2011-07-28 17:52:00 | 000,024,576 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll MOD - [2011-07-28 17:52:00 | 000,007,680 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll MOD - [2011-07-28 17:51:58 | 000,061,440 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll MOD - [2011-07-28 17:51:58 | 000,015,360 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll MOD - [2011-07-28 17:51:58 | 000,007,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll MOD - [2011-07-28 17:51:54 | 000,274,432 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.pl_Localization.dll MOD - [2011-07-28 17:51:42 | 000,373,248 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOCALIZATION.Foundation.Private.dll MOD - [2011-07-28 17:51:40 | 000,021,504 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll MOD - [2011-07-28 17:42:54 | 000,037,376 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Implementation.dll MOD - [2011-07-28 17:40:46 | 000,726,528 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll MOD - [2011-07-28 17:36:28 | 000,462,848 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll MOD - [2011-07-28 17:33:56 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll MOD - [2011-07-28 17:30:28 | 004,198,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll MOD - [2011-07-28 17:09:12 | 004,256,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll MOD - [2011-07-28 17:04:00 | 004,056,064 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll MOD - [2011-07-28 16:54:44 | 000,266,240 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll MOD - [2011-07-28 16:53:16 | 000,031,744 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll MOD - [2011-07-28 16:53:02 | 000,029,184 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll MOD - [2011-06-23 10:51:36 | 000,094,208 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll MOD - [2011-06-08 01:26:40 | 000,020,992 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CoreAudioApi.dll MOD - [2010-11-15 13:22:04 | 000,186,184 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\plugins\zyngagames\ZyngaGames.dll MOD - [2010-11-15 13:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe MOD - [2010-11-05 14:18:14 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll MOD - [2010-10-07 13:07:10 | 000,020,480 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll MOD - [2010-09-28 15:33:02 | 000,299,008 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe MOD - [2010-08-23 16:11:04 | 000,299,008 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe MOD - [2010-08-03 15:42:45 | 022,313,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-08-03 13:32:44 | 000,291,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll MOD - [2010-08-03 00:03:46 | 000,092,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\pl\ShFusRes.dll MOD - [2010-06-04 10:57:58 | 001,286,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-06-04 09:53:48 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll MOD - [2010-06-04 09:53:48 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll MOD - [2010-06-04 09:53:46 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpdshext.dll MOD - [2010-06-04 09:53:46 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2010-06-04 09:53:46 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll MOD - [2010-06-04 09:53:46 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2010-06-04 09:53:46 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2010-06-04 09:53:46 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll MOD - [2010-06-04 09:53:46 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll MOD - [2010-06-04 09:53:46 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll MOD - [2010-06-04 09:53:46 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll MOD - [2010-06-04 09:53:44 | 001,227,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2010-06-04 09:53:44 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2010-06-04 09:53:44 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll MOD - [2010-06-04 09:53:44 | 000,808,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2010-06-04 09:53:44 | 000,638,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll MOD - [2010-06-04 09:53:44 | 000,625,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-06-04 09:53:44 | 000,377,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll MOD - [2010-06-04 09:53:42 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll MOD - [2010-06-04 09:53:42 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll MOD - [2010-06-04 09:53:42 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll MOD - [2010-06-04 09:53:42 | 000,300,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll MOD - [2010-06-04 09:53:42 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll MOD - [2010-06-04 09:53:42 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll MOD - [2010-06-04 09:53:42 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2010-06-04 09:53:42 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll MOD - [2010-06-04 09:53:40 | 001,665,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2010-06-04 09:53:40 | 000,349,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-06-04 09:53:40 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll MOD - [2010-06-04 09:53:40 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-06-04 09:53:40 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll MOD - [2010-06-04 09:53:40 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2010-06-04 09:53:38 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2010-06-04 09:53:38 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll MOD - [2010-06-04 09:53:38 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll MOD - [2010-06-04 09:53:36 | 001,751,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll MOD - [2010-06-04 09:53:36 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll MOD - [2010-06-04 09:53:34 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\onex.dll MOD - [2010-06-04 09:53:32 | 001,410,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-06-04 09:53:32 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2010-06-04 09:53:32 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2010-06-04 09:53:26 | 000,442,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll MOD - [2010-06-04 09:53:18 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll MOD - [2010-06-04 09:53:18 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll MOD - [2010-06-04 09:53:18 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll MOD - [2010-06-04 09:53:18 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2010-06-04 09:52:58 | 001,389,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll MOD - [2010-06-04 09:52:56 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll MOD - [2010-06-04 09:52:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll MOD - [2010-06-04 09:52:50 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll MOD - [2010-06-04 09:52:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll MOD - [2010-06-04 09:52:44 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll MOD - [2010-06-04 09:52:30 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2010-06-04 09:52:30 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2010-06-04 09:52:26 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll MOD - [2010-06-04 09:52:26 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll MOD - [2010-06-04 09:52:26 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2010-06-04 09:52:26 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL MOD - [2010-06-04 09:52:22 | 010,975,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2010-06-04 09:52:22 | 002,057,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2010-06-04 09:52:22 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll MOD - [2010-06-04 09:52:16 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll MOD - [2010-06-04 09:52:12 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll MOD - [2010-06-04 09:52:12 | 000,301,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2010-06-04 09:52:12 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL MOD - [2010-06-04 09:52:12 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll MOD - [2010-06-04 09:52:10 | 000,605,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll MOD - [2010-06-04 09:52:10 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll MOD - [2010-06-04 09:52:08 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll MOD - [2010-06-04 09:51:56 | 001,076,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll MOD - [2010-06-04 09:51:56 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll MOD - [2010-06-04 09:51:56 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll MOD - [2010-06-04 09:51:52 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll MOD - [2010-06-04 09:51:46 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll MOD - [2010-06-04 09:51:46 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll MOD - [2010-06-04 09:51:46 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll MOD - [2010-06-04 09:51:44 | 001,152,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll MOD - [2010-06-04 09:51:44 | 000,737,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll MOD - [2010-06-04 09:51:44 | 000,524,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_ebf82fc36c758ad5\comctl32.dll MOD - [2010-06-04 09:51:44 | 000,485,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2010-06-04 09:51:44 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2010-06-04 09:51:44 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll MOD - [2010-06-04 09:51:32 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2010-06-04 09:51:28 | 000,740,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll MOD - [2010-06-04 09:51:26 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll MOD - [2010-06-04 09:51:22 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2010-06-04 09:51:20 | 000,639,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2010-06-04 09:51:20 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe MOD - [2010-06-04 09:50:16 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl MOD - [2010-06-04 09:50:16 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl MOD - [2010-06-04 09:50:16 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2010-06-04 09:50:16 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2010-04-14 03:31:20 | 000,115,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll MOD - [2010-04-14 03:31:16 | 005,823,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll MOD - [2010-04-14 03:31:16 | 000,363,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll MOD - [2010-04-14 03:31:14 | 001,736,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll MOD - [2010-04-14 03:31:00 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll MOD - [2010-03-18 09:15:26 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll MOD - [2010-03-18 09:15:26 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll MOD - [2010-03-04 00:27:24 | 000,016,384 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll MOD - [2009-12-08 06:49:44 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll MOD - [2009-12-07 15:45:02 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe MOD - [2009-10-14 18:44:40 | 000,200,704 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\AutoDetect.dll MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcryptprimitives.dll MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009-07-14 03:16:21 | 000,674,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwanmm.dll MOD - [2009-07-14 03:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll MOD - [2009-07-14 03:16:21 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2009-07-14 03:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll MOD - [2009-07-14 03:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll MOD - [2009-07-14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2009-07-14 03:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL MOD - [2009-07-14 03:16:19 | 000,748,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll MOD - [2009-07-14 03:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiutils.dll MOD - [2009-07-14 03:16:19 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll MOD - [2009-07-14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll MOD - [2009-07-14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll MOD - [2009-07-14 03:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll MOD - [2009-07-14 03:16:17 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll MOD - [2009-07-14 03:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemdisp.dll MOD - [2009-07-14 03:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll MOD - [2009-07-14 03:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 03:16:15 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-07-14 03:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll MOD - [2009-07-14 03:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll MOD - [2009-07-14 03:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 03:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll MOD - [2009-07-14 03:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-07-14 03:16:12 | 000,845,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll MOD - [2009-07-14 03:16:12 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2009-07-14 03:16:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL MOD - [2009-07-14 03:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll MOD - [2009-07-14 03:16:12 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL MOD - [2009-07-14 03:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdsapi.dll MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll MOD - [2009-07-14 03:16:03 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll MOD - [2009-07-14 03:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 03:15:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll MOD - [2009-07-14 03:15:44 | 002,340,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll MOD - [2009-07-14 03:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 03:15:43 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll MOD - [2009-07-14 03:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll MOD - [2009-07-14 03:15:42 | 000,481,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll MOD - [2009-07-14 03:15:35 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll MOD - [2009-07-14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll MOD - [2009-07-14 03:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll MOD - [2009-07-14 03:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll MOD - [2009-07-14 03:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll MOD - [2009-07-14 03:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll MOD - [2009-07-14 03:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll MOD - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-07-14 03:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll MOD - [2009-07-14 03:15:13 | 001,370,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll MOD - [2009-07-14 03:15:13 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2009-07-14 03:15:13 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 03:15:13 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll MOD - [2009-07-14 03:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsrole.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll MOD - [2009-07-14 03:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll MOD - [2009-07-14 03:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll MOD - [2009-07-14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll MOD - [2009-07-14 03:15:07 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll MOD - [2009-07-14 03:15:07 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll MOD - [2009-07-14 03:15:07 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptdll.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 03:14:59 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll MOD - [2009-07-14 03:14:57 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 03:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll MOD - [2009-07-14 03:14:52 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll MOD - [2009-07-14 03:14:43 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe MOD - [2009-07-14 03:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hhctrl.ocx MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 03:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv MOD - [2009-07-14 03:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2009-07-14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll MOD - [2009-06-17 10:24:26 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll MOD - [2009-06-17 10:24:26 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll MOD - [2009-06-17 05:27:48 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll MOD - [2009-06-10 23:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll MOD - [2009-06-10 23:23:11 | 000,554,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll MOD - [2009-06-10 23:22:53 | 000,015,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll MOD - [2009-06-10 23:22:50 | 000,023,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll MOD - [2009-06-10 23:14:57 | 000,778,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll MOD - [2009-06-10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll MOD - [2009-06-10 23:14:46 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll MOD - [2009-06-10 23:14:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll MOD - [2009-05-08 14:49:52 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe MOD - [2009-04-22 12:13:40 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll MOD - [2009-04-22 12:13:18 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll MOD - [2009-01-26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe MOD - [2009-01-26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll MOD - [2009-01-26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\advcheck.dll MOD - [2009-01-20 13:51:38 | 000,007,168 | ---- | M] ( ) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll MOD - [2008-12-30 11:04:08 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll MOD - [2008-04-03 16:29:02 | 000,020,480 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll MOD - [2007-08-09 16:58:04 | 000,016,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SBSDWSCService) SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger) SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF) SRV - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE) SRV - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService) SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc) DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce) DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata) DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata) DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4) DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507) DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86) DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3) DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake) DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = Yandex IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\Google: "URL" = http://www.google.ru/search?hl=ru&q={searchTerms}\ IE - HKLM\..\SearchScopes\Wikipedia: "URL" = http://ru.wikipedia.org/wiki/{searchTerms}\ IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yahoo.com/search?p={searchTerms}\ IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru/yandsearch?stype=&nl=0&text={searchTerms}\ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.) IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012-04-17 12:42:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012-04-17 12:42:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2012-04-17 12:42:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M] [2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions [2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions [2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org [2012-04-21 16:18:49 | 000,001,860 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml [2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} () (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI [2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll [2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-04-19 13:22:10 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml [2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: qooqlle () CHR - default_search_provider: search_url = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F CHR - default_search_provider: suggest_url = CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\ O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [Readar_sl] C:\Users\Mateusz\AppData\Roaming\Readar_sl.exe (Created with WinAutomation (http://www.WinAutomation.com)) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [STCAgent] C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.) O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe () O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.) O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm () O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^Users^Mateusz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk - C:\Users\Mateusz\AppData\Local\Facebook\MESSEN~1\204478~1.0\FACEBO~1.EXE - (Facebook) MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - D:\ALLPlayer\ALLUpdate.exe () MsConfig - StartUpReg: [b]Live Update 5[/b] - hkey= - key= - C:\Program Files\MSI\Live Update 5\BootStartLiveupdate.exe () MsConfig - StartUpReg: [b]NortonOnlineBackup[/b] - hkey= - key= - C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]ZyngaGamesAgent[/b] - hkey= - key= - C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.) SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL [2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer [2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet [2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio [2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive [2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games [2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft [2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012-04-19 19:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\EACOM [2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images [2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU [2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU [2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter [2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt [2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO [2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer [2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer [2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player [2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs [2012-04-19 13:12:13 | 000,311,296 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Users\Mateusz\AppData\Roaming\Readar_sl.exe [2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic [2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit [2012-04-19 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2012-04-19 00:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft [2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3 [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit [2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit [2012-04-18 23:52:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs [2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera [2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI [2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des [2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys [2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox [2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74 [2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74 [2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird [2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype [2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander [2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER [2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter [2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2012-04-17 21:15:51 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PMB Files [2012-04-17 21:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2012-04-17 21:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe [2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games [2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP [2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll [2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe [2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe [2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll [2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD [2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI [2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\2C0A [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0C0A [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0C04 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0816 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0804 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0424 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\041F [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\041E [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\041D [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\041B [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0419 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0416 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0415 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0414 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0413 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0412 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0411 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0410 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\040E [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\040D [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\040C [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\040B [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\040A [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0408 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0407 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0406 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0405 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0404 [2012-04-17 15:59:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\0401 [2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics [2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother [2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll [2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll [2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll [2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll [2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll [2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll [2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll [2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll [2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll [2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll [2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll [2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll [2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll [2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll [2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll [2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll [2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll [2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll [2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile [2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2012-04-17 12:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop [2012-04-17 12:41:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} [2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop [2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop [2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software [2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google [2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI [2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI [2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco [2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver [2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys [2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation [2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia [2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros [2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics [2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot [2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero [2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games [2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games [2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design [2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe [2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla [2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower [2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla [2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla [2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar [2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real [2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2012-04-16 21:01:25 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm [2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia [2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry [2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy [2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange [2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector [2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom [2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities [2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts [2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs [2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games [2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-04-21 16:33:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-21 16:26:02 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-04-21 16:26:02 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-04-21 16:18:30 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-21 16:18:15 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-21 16:18:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-04-21 09:22:10 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job [2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-21 00:00:27 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-04-21 00:00:27 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat [2012-04-21 00:00:27 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-04-21 00:00:27 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-04-21 00:00:27 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat [2012-04-21 00:00:27 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-04-20 18:22:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job [2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat [2012-04-19 13:12:01 | 008,180,224 | RHS- | M] () -- C:\ProgramData\TunesHelper.exe [2012-04-19 13:12:01 | 000,311,296 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Users\Mateusz\AppData\Roaming\Readar_sl.exe [2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job [2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job [2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job [2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 20:30:58 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf [2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 21:10:47 | 000,000,571 | ---- | M] () -- C:\Users\Mateusz\Desktop\foobar2000.lnk [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI [2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-20 18:17:16 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job [2012-04-20 18:17:16 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job [2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat [2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2012-04-19 13:12:07 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe [2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd [2012-04-18 15:58:59 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2012-04-18 15:58:59 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job [2012-04-18 15:58:59 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job [2012-04-18 15:58:59 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job [2012-04-18 15:58:59 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF [2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap [2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml [2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb [2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012-04-17 12:40:53 | 000,001,408 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk [2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe [2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf [2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat [2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [2012-04-16 21:10:47 | 000,000,571 | ---- | C] () -- C:\Users\Mateusz\Desktop\foobar2000.lnk [2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [color=#E56717]========== LOP Check ==========[/color] [2012-04-18 23:54:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2012-04-19 01:20:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit [2012-04-19 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2012-04-20 08:00:29 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2012-04-20 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet [2012-04-17 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GHISLER [2012-04-16 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ipla [2012-04-18 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\LolClient [2012-04-18 18:22:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MSI [2012-04-21 00:41:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera [2012-04-17 12:40:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Splashtop [2012-04-20 00:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive [2012-04-17 23:34:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird [2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 1).job [2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 2).job [2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 3).job [2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 4).job [2012-04-18 17:50:13 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job [2012-04-20 18:22:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job [2012-04-21 09:22:10 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job [2009-07-14 06:53:46 | 000,010,424 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-07-14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-04-17 19:36:03 | 000,000,189 | ---- | M] () -- C:\mylog.log [2012-04-21 16:17:52 | 2678,771,712 | -HS- | M] () -- C:\pagefile.sys [2012-04-17 15:28:34 | 000,002,005 | ---- | M] () -- C:\RHDSetup.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < End of report >[/log] Extras raport: [log]OTL Extras logfile created on: 2012-04-21 16:58:59 - Run 1 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Downloads Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.16562) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,49 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 61,90% Memory free 4,99 Gb Paging File | 3,99 Gb Available in Paging File | 79,95% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 58,57 Gb Total Space | 42,29 Gb Free Space | 72,21% Space Free | Partition Type: NTFS Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "D:\Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "D:\Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [openNew] -- explorer %1 (Microsoft Corporation) Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Connectivity\ConnectivityManager.exe" = D:\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA) "D:\Orange\Connectivity\ConnectivityManager.exe" = D:\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = Live Update 5 "{011A5EF9-3D7D-2F43-F14E-A5E9BC8B0C47}" = AMD Fuel "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM) "{049155CC-5AB3-296F-5815-CD73A9646E99}" = CCC Help Greek "{08366AE3-72A2-523E-7218-D1B0B8271EBA}" = CCC Help Turkish "{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM) "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21 "{2812B4B3-A412-7785-1964-4D60340E60A9}" = CCC Help French "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2F173C40-563E-11D4-89C5-0010ADDAAC33}" = EA.com Matchup "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM) "{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10 "{354C5FB7-C8EC-1EC4-BE90-109E048E9C82}" = CCC Help Russian "{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}" = Splashtop Connect IE "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}" = Splashtop Connect for Firefox "{462D8F12-355D-5920-9193-25388DA500DA}" = CCC Help Chinese Traditional "{4A1C03BB-6A5A-B8F8-F910-6791960DC25C}" = Catalyst Control Center Localization All "{4BF35375-9076-1169-6452-EC085410DD0E}" = Catalyst Control Center Profiles Mobile "{4CC4A295-8204-75C9-6E44-E280E661282B}" = CCC Help Korean "{4FD0F94D-0CAB-C85B-FA2C-9586BA0AAE60}" = CCC Help Spanish "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{5332A981-2332-55C4-FE31-7BCAAB16CAE2}" = Catalyst Control Center InstallProxy "{53B04D20-50D5-EA2F-BDFC-BCE332124FED}" = CCC Help Dutch "{53BCB6DB-C944-CE07-BBA7-B8EC2DA228B0}" = CCC Help Swedish "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM) "{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM) "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM) "{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10 "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7A25D130-4EC8-11E1-BEA4-B8AC6F97B88E}" = Google Earth "{7C428915-7C49-E005-8D9C-0AFC3B9E2A55}" = CCC Help English "{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger "{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation Program "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86227080-3ADB-5A9B-BB8A-8CE8CB6429F8}" = CCC Help Chinese Standard "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{885AFEC2-0809-47CE-8B3F-00AEC19DDD5F}" = TSST OEM Content "{89590A73-9AC3-48ED-B83E-6489900DED5A}" = Nero Multimedia Suite 10 Essentials "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{91120415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003 "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10 "{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3 "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update "{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver "{A075239D-F706-B32D-A071-5804AE360AF0}" = CCC Help Finnish "{A10B9E4E-9C40-4491-A3E1-C2B53DAB03C1}" = Facebook Messenger 2.0.4478.0 "{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime "{A2C948AC-CA5B-1921-E1CC-73DAAAD7ED15}" = Catalyst Control Center InstallProxy "{A7CDE866-4E90-D922-89C4-31B836BC6E67}" = CCC Help German "{A83FC388-927A-68E4-72FC-FC54E404B27F}" = CCC Help Japanese "{A860FE72-A9F6-AB3D-09AE-3AA954EA1725}" = CCC Help Norwegian "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3) "{ACC75323-DB4A-4F7F-9AF3-1D1DEFF2D1B5}" = Heroes of Might and Magic V - Tribes of the East "{ACC75323-DB4A-4f7f-9AF3-1D1DEFF2D1B5}_is1" = Heroes of Might and Magic V - Dzikie Hordy "{AD917F8B-197A-07F2-1A6D-EB47FE50143B}" = ccc-utility "{B2F86EAE-18EE-6B39-20D8-C542D841F034}" = CCC Help Thai "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BC5CE684-9D5B-707E-30BC-9275E2B49FA0}" = CCC Help Danish "{BEWINTERNET-PL-IEW}.UninstallSuite" = Orange Free "{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM) "{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM) "{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable "{DC311C01-B1A9-8CAD-F018-9395269654EC}" = CCC Help Polish "{DCFF61CC-B313-37DF-D567-26430CBC8720}" = CCC Help Portuguese "{DE329278-4E61-8A9B-CADA-44AAC9E06C81}" = CCC Help Italian "{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM) "{DFE4070B-1657-942F-72B1-0057A9A830EF}" = CCC Help Hungarian "{ED20800E-1BFF-E5D6-86DF-2B8015E308E3}" = AMD VISION Engine Control Center "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9 "{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10 "{F49AC447-8ED0-0C8A-8622-4737B2EE4248}" = ATI Catalyst Install Manager "{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM) "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10 "{F627CDBC-8323-4024-9691-A0A6533F43E0}" = ESET NOD32 Antivirus "{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1" = VideoGenie "{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10 "{FDF4B587-4070-4C2A-C3DC-A8F5DB3B6C5B}" = CCC Help Czech "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "ALLPlayer_is1" = ALLPlayer V5.X "AQQ" = WapSter AQQ "BitSpirit_is1" = BitSpirit v3.6.0.550 Stable "CardDetectorHUAWEI1752_1552" = Card Detector for Huawei E1752 and E1552 "CCleaner" = CCleaner "Core Temp" = Core Temp "DAEMON Tools Lite" = DAEMON Tools Lite "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.52 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "foobar2000" = foobar2000 v1.1.11 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "Google Chrome" = Google Chrome "Gpuz" = GPU-Z "HashCheck Shell Extension" = HashCheck Shell Extension (x86-32) "Icy Tower v1.5_is1" = Icy Tower v1.5 "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer "ipla" = ipla 2.3.3 "KLiteCodecPack_is1" = K-Lite Codec Pack 5.6.1 (Full) "Mario Ice Tower" = Mario Ice Tower "Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl) "Mozilla Thunderbird 12.0 (x86 pl)" = Mozilla Thunderbird 12.0 (x86 pl) "NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151) "Opera 11.62.1347" = Opera 11.62 "PokerStars.eu" = PokerStars.eu "RealPlayer 12.0" = RealPlayer "Speccy" = Speccy "Totalcmd" = Total Commander (Remove or Repair) "Winamp" = Winamp "WinRAR archiver" = WinRAR 4.01 (32-bitowy) "YouTube to ALLPlayer_is1" = YouTube to ALLPlayer [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-04-19 19:45:56 | Computer Name = AUTO | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\MSI\live update 5\UCPlugin\c17t1706v0.0.0l1p5889r1o1\VizorShortCut.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-04-19 19:45:56 | Computer Name = AUTO | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\MSI\live update 5\UCPlugin\c17t1706v0.0.0l1p5889r1o1\WSCHandler.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-04-19 19:45:56 | Computer Name = AUTO | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\MSI\live update 5\UCPlugin\c17t1706v0.0.0l1p5889r1o1\WSCTool.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-04-19 19:46:04 | Computer Name = AUTO | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\MSI\live update 5\Vizor64\InstallUCWrapper.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-04-19 19:46:05 | Computer Name = AUTO | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\MSI\live update 5\Vizor64\TiPreAU.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-04-19 19:46:05 | Computer Name = AUTO | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\MSI\live update 5\Vizor64\VizorShortCut.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-04-19 19:46:36 | Computer Name = AUTO | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\spybot - search & destroy\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program files\spybot - search & destroy\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu "language" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-04-19 19:46:38 | Computer Name = AUTO | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "d:\Orange\installation\Core\InstallDevice64.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-04-19 19:46:39 | Computer Name = AUTO | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "d:\Orange\installation\Core\setupApiWrapper64.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-04-20 18:22:06 | Computer Name = AUTO | Source = Google Update | ID = 20 Description = [ System Events ] Error - 2012-04-20 18:45:19 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-04-20 18:45:23 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-04-20 18:45:23 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-04-20 18:45:25 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-04-20 18:45:25 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-04-20 18:56:18 | Computer Name = AUTO | Source = Service Control Manager | ID = 7034 Description = Usługa AMD External Events Utility niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2012-04-20 18:56:28 | Computer Name = AUTO | Source = DCOM | ID = 10010 Description = Error - 2012-04-20 18:56:33 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-04-20 18:56:33 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-04-20 18:59:44 | Computer Name = AUTO | Source = DCOM | ID = 10010 Description = < End of report >[/log] Z góry dziękuję za okazaną pomoc
Gość komentarz 21 kwietnia 2012 komentarz 21 kwietnia 2012 Uruchom OTL i w oknie Własne opcje skanownia/skrypt wklej: [code]:OTL IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.) FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" :Files C:\Users\Mateusz\AppData\Roaming\Readar_sl.exe C:\Windows\System32\2C0A C:\Windows\System32\0C0A C:\Windows\System32\0C04 C:\Windows\System32\0816 C:\Windows\System32\0804 C:\Windows\System32\0424 C:\Windows\System32\041F C:\Windows\System32\041E C:\Windows\System32\041D C:\Windows\System32\041B C:\Windows\System32\0419 C:\Windows\System32\0416 C:\Windows\System32\0415 C:\Windows\System32\0414 C:\Windows\System32\0413 C:\Windows\System32\0412 C:\Windows\System32\0411 C:\Windows\System32\0410 C:\Windows\System32\040E C:\Windows\System32\040D C:\Windows\System32\040C C:\Windows\System32\040B C:\Windows\System32\040A C:\Windows\System32\0408 C:\Windows\System32\0407 C:\Windows\System32\0406 C:\Windows\System32\0405 C:\Windows\System32\0404 C:\Windows\System32\0401 C:\Windows\tasks\Ad-Aware Update (Weekly).job C:\Windows\tasks\Ad-Aware Update (Daily 4).job C:\Windows\tasks\Ad-Aware Update (Daily 3).job C:\Windows\tasks\Ad-Aware Update (Daily 2).job C:\Windows\tasks\Ad-Aware Update (Daily 1).job :Commands [emptyflash] [emptytemp][/code] Kliknij w [b]Wykonaj skrypt.[/b] Po restarcie OTL wygeneruje log zapisz go i przedstaw. 2. Uruchom [b]AdwCleaner[/b] i zastosuj opcję [b]Delete[/b]. Do pobrania tutaj http://general-changelog-team.fr/outils/289-adwcleaner 3. Wykonaj nowy skan [b]OTL wg tej instrukcji[/b] i przedstaw raporty http://www.fixitpc.pl/topic/61-diagnostyka-ogolne-raporty-systemowe/#1
Evander1991 komentarz 21 kwietnia 2012 Autor komentarz 21 kwietnia 2012 Nie wiem czemu, ale nie mogę odpalić adwcleaner. Wyskakuje mi Error: [quote] AutoIt Error Unable to open the script file [/quote]
Gość komentarz 22 kwietnia 2012 komentarz 22 kwietnia 2012 To wykonaj nowy skan OTL i przedstaw raport
Evander1991 komentarz 22 kwietnia 2012 Autor komentarz 22 kwietnia 2012 (edytowane) Raport z wykonania skryptu: [log]All processes killed ========== OTL ========== HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0F3DC9E0-C459-4a40-BCF8-747BD9322E10} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4a40-BCF8-747BD9322E10}\ deleted successfully. C:\Program Files\Splashtop\Splashtop Connect IE\AddressBarSearch.dll moved successfully. Prefs.js: "qooqlle" removed from browser.search.selectedEngine Prefs.js: "http://www.qooqlle.com/" removed from browser.startup.homepage ========== FILES ========== C:\Users\Mateusz\AppData\Roaming\Readar_sl.exe moved successfully. C:\Windows\System32\2C0A folder moved successfully. C:\Windows\System32\0C0A folder moved successfully. C:\Windows\System32\0C04 folder moved successfully. C:\Windows\System32\0816 folder moved successfully. C:\Windows\System32\0804 folder moved successfully. C:\Windows\System32\0424 folder moved successfully. C:\Windows\System32\041F folder moved successfully. C:\Windows\System32\041E folder moved successfully. C:\Windows\System32\041D folder moved successfully. C:\Windows\System32\041B folder moved successfully. C:\Windows\System32\0419 folder moved successfully. C:\Windows\System32\0416 folder moved successfully. C:\Windows\System32\0415 folder moved successfully. C:\Windows\System32\0414 folder moved successfully. C:\Windows\System32\0413 folder moved successfully. C:\Windows\System32\0412 folder moved successfully. C:\Windows\System32\0411 folder moved successfully. C:\Windows\System32\0410 folder moved successfully. C:\Windows\System32\040E folder moved successfully. C:\Windows\System32\040D folder moved successfully. C:\Windows\System32\040C folder moved successfully. C:\Windows\System32\040B folder moved successfully. C:\Windows\System32\040A folder moved successfully. C:\Windows\System32\0408 folder moved successfully. C:\Windows\System32\0407 folder moved successfully. C:\Windows\System32\0406 folder moved successfully. C:\Windows\System32\0405 folder moved successfully. C:\Windows\System32\0404 folder moved successfully. C:\Windows\System32\0401 folder moved successfully. C:\Windows\tasks\Ad-Aware Update (Weekly).job moved successfully. C:\Windows\tasks\Ad-Aware Update (Daily 4).job moved successfully. C:\Windows\tasks\Ad-Aware Update (Daily 3).job moved successfully. C:\Windows\tasks\Ad-Aware Update (Daily 2).job moved successfully. C:\Windows\tasks\Ad-Aware Update (Daily 1).job moved successfully. ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default User: Default User User: Mateusz ->Flash cache emptied: 566 bytes User: Public Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Mateusz ->Temp folder emptied: 18107442 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 54070439 bytes ->Google Chrome cache emptied: 856432 bytes ->Opera cache emptied: 13941 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 7868 bytes RecycleBin emptied: 282 bytes Total Files Cleaned = 70,00 mb OTL by OldTimer - Version 3.2.40.0 log created on 04222012_000403 Files\Folders moved on Reboot... Registry entries deleted on Reboot.[/log] Ze skanowania: OTL raport: [log]OTL logfile created on: 2012-04-22 08:47:30 - Run 2 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.16562) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,49 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 61,95% Memory free 4,99 Gb Paging File | 3,97 Gb Available in Paging File | 79,54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 58,57 Gb Total Space | 43,49 Gb Free Space | 74,25% Space Free | Partition Type: NTFS Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS Drive E: | 3,66 Gb Total Space | 3,66 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\Programy\OTL.exe PRC - [2012-04-19 09:12:24 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe PRC - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe PRC - [2010-11-15 13:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe PRC - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-06-04 09:50:20 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe PRC - [2009-10-14 16:44:38 | 001,368,064 | ---- | M] (France Telecom SA) -- D:\Orange\Deskboard\Deskboard.exe PRC - [2009-10-14 16:44:38 | 001,110,016 | ---- | M] (France Telecom SA) -- D:\Orange\Phonetools\TextMessaging.exe PRC - [2009-10-14 16:44:38 | 001,007,616 | ---- | M] (France Telecom SA) -- D:\Orange\Connectivity\ConnectivityManager.exe PRC - [2009-10-14 16:44:38 | 000,725,744 | ---- | M] (France Telecom SA) -- D:\Orange\Launcher\Launcher.exe PRC - [2009-10-14 16:44:38 | 000,544,768 | ---- | M] (France Telecom SA) -- D:\Orange\Connectivity\Corecom\CoreCom.exe PRC - [2009-10-14 16:44:38 | 000,245,760 | ---- | M] (France Telecom SA) -- D:\Orange\Systray\SystrayApp.exe PRC - [2009-10-14 16:44:38 | 000,094,208 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe PRC - [2009-10-14 16:44:38 | 000,094,208 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe PRC - [2009-01-26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-04-18 19:24:16 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll MOD - [2010-04-14 03:31:00 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll MOD - [2009-10-14 16:44:38 | 000,708,608 | ---- | M] () -- D:\Orange\Launcher\Plugins\PluginLnhPromptManager2.dll MOD - [2009-10-14 16:44:38 | 000,548,864 | ---- | M] () -- D:\Orange\Launcher\Plugins\PluginLnhHotspotLocator.dll MOD - [2009-10-14 16:44:38 | 000,040,960 | ---- | M] () -- D:\Orange\Launcher\WatchClient.dll MOD - [2009-08-04 11:04:26 | 000,294,912 | ---- | M] () -- D:\Orange\Launcher\Sqlite3.dll MOD - [2009-08-04 11:04:26 | 000,294,912 | ---- | M] () -- D:\Orange\Connectivity\Sqlite3.dll MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll MOD - [2009-06-10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll MOD - [2009-06-10 23:14:46 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll MOD - [2009-06-10 23:14:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService) SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger) SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF) SRV - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE) SRV - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService) SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc) DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce) DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata) DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata) DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4) DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507) DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86) DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3) DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake) DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = Yandex IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKLM\..\SearchScopes\Google: "URL" = [url="http://www.google.ru/search?hl=ru&q=%7BsearchTerms%7D%5C"]http://www.google.ru...={searchTerms}\[/url] IE - HKLM\..\SearchScopes\Wikipedia: "URL" = [url="http://ru.wikipedia.org/wiki/%7BsearchTerms%7D%5C"]http://ru.wikipedia..../{searchTerms}\[/url] IE - HKLM\..\SearchScopes\Yahoo: "URL" = [url="http://ru.search.yahoo.com/search?p=%7BsearchTerms%7D%5C"]http://ru.search.yah...={searchTerms}\[/url] IE - HKLM\..\SearchScopes\Yandex: "URL" = [url="http://www.yandex.ru/yandsearch?stype=&nl=0&text=%7BsearchTerms%7D%5C"]http://www.yandex.ru...={searchTerms}\[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.qooqlle.com/"]http://www.qooqlle.com/[/url] IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = [url="http://www.google.pl/cse?q=%7BsearchTerms%7D&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q=%7BsearchTerms%7D"]http://www.google.pl...q={searchTerms}[/url] IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = [url="http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q=%7BsearchTerms%7D&sa=Search&siteurl=qooqlle.com%2F"]http://www.google.co...=qooqlle.com%2F[/url] IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = [url="http://uk.search.yahoo.com/search?p=%7BsearchTerms%7D&fr=chr-devicevm&type=MMBROWSV"]http://uk.search.yah...m&type=MMBROWSV[/url] IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = [url="http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q=%7BsearchTerms%7D"]http://www.google.co...q={searchTerms}[/url] IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&form=SPLEP1&pc=SPLH"]http://www.bing.com/...=SPLEP1&pc=SPLH[/url] IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012-04-17 12:42:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012-04-17 12:42:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2012-04-17 12:42:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M] [2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions [2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions [2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org [2012-04-22 08:42:05 | 000,001,860 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml [2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} () (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI [2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll [2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-04-19 13:22:10 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml [2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: qooqlle () CHR - default_search_provider: search_url = [url="http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q=%7BsearchTerms%7D&sa=Search&siteurl=qooqlle.com%2F"]http://www.google.co...=qooqlle.com%2F[/url] CHR - default_search_provider: suggest_url = CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\ O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [STCAgent] C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.) O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe () O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.) O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm () O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBA710A7-2EA8-47C7-8C15-F778620E1802}: NameServer = 79.163.127.70 217.116.100.65 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\Shell - "" = AutoRun O33 - MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\Shell\AutoRun\command - "" = F:\setup_homm5.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-04-21 17:20:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Pliki [2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL [2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer [2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet [2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio [2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive [2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games [2012-04-20 00:17:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2012-04-20 00:17:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2012-04-20 00:17:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2012-04-20 00:17:26 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2012-04-20 00:17:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2012-04-20 00:17:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2012-04-20 00:17:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2012-04-20 00:17:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2012-04-20 00:17:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2012-04-20 00:17:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2012-04-20 00:17:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2012-04-20 00:17:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2012-04-20 00:17:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2012-04-20 00:17:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2012-04-20 00:17:23 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2012-04-20 00:17:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2012-04-20 00:17:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2012-04-20 00:17:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2012-04-20 00:17:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2012-04-20 00:17:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2012-04-20 00:17:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2012-04-20 00:17:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2012-04-20 00:17:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2012-04-20 00:17:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2012-04-20 00:17:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2012-04-20 00:17:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2012-04-20 00:17:20 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2012-04-20 00:17:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2012-04-20 00:17:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2012-04-20 00:17:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2012-04-20 00:17:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2012-04-20 00:17:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2012-04-20 00:17:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2012-04-20 00:17:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2012-04-20 00:17:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2012-04-20 00:17:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2012-04-20 00:17:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2012-04-20 00:17:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2012-04-20 00:17:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2012-04-20 00:17:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2012-04-20 00:17:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2012-04-20 00:17:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2012-04-20 00:17:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2012-04-20 00:17:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2012-04-20 00:17:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2012-04-20 00:17:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2012-04-20 00:17:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2012-04-20 00:17:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2012-04-20 00:17:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2012-04-20 00:17:12 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2012-04-20 00:17:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2012-04-20 00:17:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2012-04-20 00:17:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2012-04-20 00:17:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2012-04-20 00:17:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2012-04-20 00:17:09 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2012-04-20 00:17:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2012-04-20 00:17:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2012-04-20 00:17:09 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2012-04-20 00:17:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2012-04-20 00:17:08 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2012-04-20 00:17:08 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2012-04-20 00:17:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2012-04-20 00:17:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2012-04-20 00:17:07 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2012-04-20 00:17:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2012-04-20 00:17:07 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2012-04-20 00:17:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2012-04-20 00:17:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2012-04-20 00:17:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2012-04-20 00:17:04 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2012-04-20 00:17:04 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2012-04-20 00:17:03 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2012-04-20 00:17:03 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2012-04-20 00:17:03 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2012-04-20 00:17:02 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2012-04-20 00:17:01 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft [2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012-04-19 19:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\EACOM [2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images [2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU [2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU [2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter [2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt [2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO [2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer [2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer [2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player [2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs [2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic [2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit [2012-04-19 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2012-04-19 00:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft [2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp [2012-04-18 23:57:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3 [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit [2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit [2012-04-18 23:52:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs [2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera [2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2012-04-18 19:24:16 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-18 19:24:16 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI [2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des [2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys [2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox [2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74 [2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74 [2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird [2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype [2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander [2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER [2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter [2012-04-17 22:02:03 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2012-04-17 22:02:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2012-04-17 22:02:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2012-04-17 22:02:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2012-04-17 22:02:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2012-04-17 21:15:51 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PMB Files [2012-04-17 21:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2012-04-17 21:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe [2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games [2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP [2012-04-17 19:43:56 | 000,035,968 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys [2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012-04-17 19:37:47 | 000,066,688 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_sata.sys [2012-04-17 19:37:47 | 000,033,408 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_xata.sys [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012-04-17 19:37:08 | 000,211,984 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys [2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012-04-17 19:36:37 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll [2012-04-17 19:36:37 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll [2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll [2012-04-17 19:36:36 | 018,388,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll [2012-04-17 19:36:36 | 008,396,800 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys [2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe [2012-04-17 19:36:36 | 000,247,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys [2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe [2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll [2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll [2012-04-17 19:36:36 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll [2012-04-17 19:36:36 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll [2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll [2012-04-17 19:36:36 | 000,013,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll [2012-04-17 19:36:35 | 008,247,296 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll [2012-04-17 19:36:35 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe [2012-04-17 19:36:35 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll [2012-04-17 19:36:35 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll [2012-04-17 19:36:35 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll [2012-04-17 19:26:01 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn0415.exe [2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD [2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2012-04-17 16:05:26 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI [2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012-04-17 16:00:48 | 004,256,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll [2012-04-17 16:00:48 | 004,056,064 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll [2012-04-17 16:00:48 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll [2012-04-17 16:00:48 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe [2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll [2012-04-17 16:00:48 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe [2012-04-17 16:00:48 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll [2012-04-17 16:00:48 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll [2012-04-17 16:00:47 | 004,198,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll [2012-04-17 16:00:47 | 000,726,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll [2012-04-17 16:00:47 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll [2012-04-17 16:00:47 | 000,266,240 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll [2012-04-17 16:00:47 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe [2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics [2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother [2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2012-04-17 15:27:49 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll [2012-04-17 15:27:49 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll [2012-04-17 15:27:48 | 002,285,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2012-04-17 15:27:48 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll [2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2012-04-17 15:27:48 | 000,178,624 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll [2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2012-04-17 15:27:48 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll [2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll [2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll [2012-04-17 15:27:47 | 003,378,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll [2012-04-17 15:27:47 | 001,892,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat [2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2012-04-17 15:27:47 | 001,329,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll [2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll [2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll [2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll [2012-04-17 15:27:47 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll [2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll [2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll [2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll [2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll [2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll [2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll [2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll [2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll [2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll [2012-04-17 15:27:44 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2012-04-17 15:27:44 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2012-04-17 15:27:43 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile [2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2012-04-17 12:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop [2012-04-17 12:41:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} [2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop [2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop [2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software [2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google [2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI [2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI [2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco [2012-04-17 11:47:09 | 001,057,896 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8192ce.sys [2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver [2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys [2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation [2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia [2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros [2012-04-17 11:42:19 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll [2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics [2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot [2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero [2012-04-16 23:31:19 | 003,144,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back [2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games [2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games [2012-04-16 22:02:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2012-04-16 22:02:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2012-04-16 22:02:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2012-04-16 22:02:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design [2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe [2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla [2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower [2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla [2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2012-04-16 21:12:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla [2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar [2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2012-04-16 21:02:32 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 21:02:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2012-04-16 21:02:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real [2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2012-04-16 21:01:25 | 000,839,680 | ---- | C] ([url="http://www.mp3dev.org/"]http://www.mp3dev.org/[/url]) -- C:\Windows\System32\lameACM.acm [2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012-04-16 20:40:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2012-04-16 20:40:31 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia [2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry [2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy [2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange [2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector [2012-04-16 20:00:07 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll [2012-04-16 20:00:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll [2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom [2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities [2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts [2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-04-16 19:56:47 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll [2012-04-16 19:56:47 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe [2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe [2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe [2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs [2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games [2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-04-22 08:55:31 | 003,670,016 | -H-- | M] () -- C:\Users\Mateusz\NTUSER.DAT [2012-04-22 08:48:41 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-04-22 08:48:41 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-04-22 08:41:25 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-22 08:41:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-04-22 08:40:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-04-22 08:33:49 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-22 00:27:54 | 003,531,027 | -H-- | M] () -- C:\Users\Mateusz\AppData\Local\IconCache.db [2012-04-22 00:22:08 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job [2012-04-21 23:58:16 | 002,317,686 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2012-04-21 23:58:16 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-04-21 23:58:16 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat [2012-04-21 23:58:16 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-04-21 23:58:16 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-04-21 23:58:16 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat [2012-04-21 23:58:16 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-04-21 22:33:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-20 18:22:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job [2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat [2012-04-19 13:12:01 | 008,180,224 | RHS- | M] () -- C:\ProgramData\TunesHelper.exe [2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-18 19:33:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-18 19:33:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 20:30:58 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:52:55 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:41:30 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:27 | 000,262,144 | ---- | M] () -- C:\ProgramData\NTUser.dat [2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf [2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012-04-16 23:31:19 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer_.exe.Back.0.219815846169282 [2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:16:57 | 000,051,672 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT [2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 21:12:08 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:02:32 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 21:02:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2012-04-16 21:02:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI [2012-04-16 20:52:57 | 000,000,499 | ---- | M] () -- C:\Windows\win.ini [2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-04-16 20:05:21 | 000,065,536 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [2012-04-16 19:56:36 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll [2012-04-16 19:56:36 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe [2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe [2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe [2012-04-16 19:54:18 | 000,000,020 | -HS- | M] () -- C:\Users\Mateusz\ntuser.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-20 18:17:16 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job [2012-04-20 18:17:16 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job [2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat [2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2012-04-19 13:12:07 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe [2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF [2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap [2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml [2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb [2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012-04-17 12:52:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:52:53 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:52:53 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:41:27 | 000,262,144 | ---- | C] () -- C:\ProgramData\NTUser.dat [2012-04-17 12:41:27 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:40:53 | 000,001,408 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk [2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe [2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf [2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat [2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:14:44 | 003,531,027 | -H-- | C] () -- C:\Users\Mateusz\AppData\Local\IconCache.db [2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 20:11:28 | 000,051,672 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT [2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-04-16 19:54:18 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-04-16 19:54:18 | 000,000,020 | -HS- | C] () -- C:\Users\Mateusz\ntuser.ini [2012-04-16 19:54:17 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-04-16 19:54:17 | 000,065,536 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-04-16 19:54:09 | 003,670,016 | -H-- | C] () -- C:\Users\Mateusz\NTUSER.DAT [2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2010-06-21 13:39:23 | 002,317,686 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [color=#E56717]========== LOP Check ==========[/color] [2012-04-18 23:54:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2012-04-19 01:20:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit [2012-04-19 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2012-04-20 08:00:29 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2012-04-20 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet [2012-04-17 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GHISLER [2012-04-16 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ipla [2012-04-18 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\LolClient [2012-04-18 18:22:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MSI [2012-04-21 00:41:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera [2012-04-17 12:40:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Splashtop [2012-04-20 00:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive [2012-04-17 23:34:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird [2012-04-20 18:22:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job [2012-04-22 00:22:08 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job [2009-07-14 06:53:46 | 000,012,272 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >[/log] Extras raport: [log]OTL Extras logfile created on: 2012-04-22 08:47:30 - Run 2 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.16562) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,49 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 61,95% Memory free 4,99 Gb Paging File | 3,97 Gb Available in Paging File | 79,54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 58,57 Gb Total Space | 43,49 Gb Free Space | 74,25% Space Free | Partition Type: NTFS Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS Drive E: | 3,66 Gb Total Space | 3,66 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "D:\Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "D:\Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [openNew] -- explorer %1 (Microsoft Corporation) Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Connectivity\ConnectivityManager.exe" = D:\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA) "D:\Orange\Connectivity\ConnectivityManager.exe" = D:\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = Live Update 5 "{011A5EF9-3D7D-2F43-F14E-A5E9BC8B0C47}" = AMD Fuel "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam™ "{049155CC-5AB3-296F-5815-CD73A9646E99}" = CCC Help Greek "{08366AE3-72A2-523E-7218-D1B0B8271EBA}" = CCC Help Turkish "{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM) "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 21 "{2812B4B3-A412-7785-1964-4D60340E60A9}" = CCC Help French "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2F173C40-563E-11D4-89C5-0010ADDAAC33}" = EA.com Matchup "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM) "{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10 "{354C5FB7-C8EC-1EC4-BE90-109E048E9C82}" = CCC Help Russian "{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}" = Splashtop Connect IE "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}" = Splashtop Connect for Firefox "{462D8F12-355D-5920-9193-25388DA500DA}" = CCC Help Chinese Traditional "{4A1C03BB-6A5A-B8F8-F910-6791960DC25C}" = Catalyst Control Center Localization All "{4BF35375-9076-1169-6452-EC085410DD0E}" = Catalyst Control Center Profiles Mobile "{4CC4A295-8204-75C9-6E44-E280E661282B}" = CCC Help Korean "{4FD0F94D-0CAB-C85B-FA2C-9586BA0AAE60}" = CCC Help Spanish "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{5332A981-2332-55C4-FE31-7BCAAB16CAE2}" = Catalyst Control Center InstallProxy "{53B04D20-50D5-EA2F-BDFC-BCE332124FED}" = CCC Help Dutch "{53BCB6DB-C944-CE07-BBA7-B8EC2DA228B0}" = CCC Help Swedish "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM) "{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM) "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM) "{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10 "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7A25D130-4EC8-11E1-BEA4-B8AC6F97B88E}" = Google Earth "{7C428915-7C49-E005-8D9C-0AFC3B9E2A55}" = CCC Help English "{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger "{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation Program "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86227080-3ADB-5A9B-BB8A-8CE8CB6429F8}" = CCC Help Chinese Standard "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{885AFEC2-0809-47CE-8B3F-00AEC19DDD5F}" = TSST OEM Content "{89590A73-9AC3-48ED-B83E-6489900DED5A}" = Nero Multimedia Suite 10 Essentials "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{91120415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003 "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10 "{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3 "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update "{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver "{A075239D-F706-B32D-A071-5804AE360AF0}" = CCC Help Finnish "{A10B9E4E-9C40-4491-A3E1-C2B53DAB03C1}" = Facebook Messenger 2.0.4478.0 "{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime "{A2C948AC-CA5B-1921-E1CC-73DAAAD7ED15}" = Catalyst Control Center InstallProxy "{A7CDE866-4E90-D922-89C4-31B836BC6E67}" = CCC Help German "{A83FC388-927A-68E4-72FC-FC54E404B27F}" = CCC Help Japanese "{A860FE72-A9F6-AB3D-09AE-3AA954EA1725}" = CCC Help Norwegian "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3) "{ACC75323-DB4A-4F7F-9AF3-1D1DEFF2D1B5}" = Heroes of Might and Magic V - Tribes of the East "{ACC75323-DB4A-4f7f-9AF3-1D1DEFF2D1B5}_is1" = Heroes of Might and Magic V - Dzikie Hordy "{AD917F8B-197A-07F2-1A6D-EB47FE50143B}" = ccc-utility "{B2F86EAE-18EE-6B39-20D8-C542D841F034}" = CCC Help Thai "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BC5CE684-9D5B-707E-30BC-9275E2B49FA0}" = CCC Help Danish "{BEWINTERNET-PL-IEW}.UninstallSuite" = Orange Free "{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM) "{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM) "{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable "{DC311C01-B1A9-8CAD-F018-9395269654EC}" = CCC Help Polish "{DCFF61CC-B313-37DF-D567-26430CBC8720}" = CCC Help Portuguese "{DE329278-4E61-8A9B-CADA-44AAC9E06C81}" = CCC Help Italian "{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike™ "{DFE4070B-1657-942F-72B1-0057A9A830EF}" = CCC Help Hungarian "{ED20800E-1BFF-E5D6-86DF-2B8015E308E3}" = AMD VISION Engine Control Center "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9 "{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10 "{F49AC447-8ED0-0C8A-8622-4737B2EE4248}" = ATI Catalyst Install Manager "{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM) "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10 "{F627CDBC-8323-4024-9691-A0A6533F43E0}" = ESET NOD32 Antivirus "{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1" = VideoGenie "{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10 "{FDF4B587-4070-4C2A-C3DC-A8F5DB3B6C5B}" = CCC Help Czech "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "ALLPlayer_is1" = ALLPlayer V5.X "AQQ" = WapSter AQQ "BitSpirit_is1" = BitSpirit v3.6.0.550 Stable "CardDetectorHUAWEI1752_1552" = Card Detector for Huawei E1752 and E1552 "CCleaner" = CCleaner "Core Temp" = Core Temp "DAEMON Tools Lite" = DAEMON Tools Lite "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.52 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "foobar2000" = foobar2000 v1.1.11 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "Google Chrome" = Google Chrome "Gpuz" = GPU-Z "HashCheck Shell Extension" = HashCheck Shell Extension (x86-32) "Icy Tower v1.5_is1" = Icy Tower v1.5 "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer "ipla" = ipla 2.3.3 "KLiteCodecPack_is1" = K-Lite Codec Pack 5.6.1 (Full) "Mario Ice Tower" = Mario Ice Tower "Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl) "Mozilla Thunderbird 12.0 (x86 pl)" = Mozilla Thunderbird 12.0 (x86 pl) "NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151) "Opera 11.62.1347" = Opera 11.62 "PokerStars.eu" = PokerStars.eu "RealPlayer 12.0" = RealPlayer "Speccy" = Speccy "Totalcmd" = Total Commander (Remove or Repair) "Winamp" = Winamp "WinRAR archiver" = WinRAR 4.01 (32-bitowy) "YouTube to ALLPlayer_is1" = YouTube to ALLPlayer [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-04-19 19:46:36 | Computer Name = AUTO | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files\spybot - search & destroy\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program files\spybot - search & destroy\DelZip179.dll" w wierszu 8. Wartość "*" atrybutu "language" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-04-19 19:46:38 | Computer Name = AUTO | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "d:\Orange\installation\Core\InstallDevice64.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-04-19 19:46:39 | Computer Name = AUTO | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "d:\Orange\installation\Core\setupApiWrapper64.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-04-20 18:22:06 | Computer Name = AUTO | Source = Google Update | ID = 20 Description = Error - 2012-04-20 18:53:00 | Computer Name = AUTO | Source = Application Hang | ID = 1002 Description = Program OTL.com w wersji 3.2.40.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: d80 Godzina rozpoczęcia: 01cd1f4820da4017 Godzina zakończenia: 10 Ścieżka aplikacji: C:\Users\Mateusz\Downloads\OTL.com Identyfikator raportu: 91cc4cb1-8b3b-11e1-872e-6c626d360c74 Error - 2012-04-20 18:54:15 | Computer Name = AUTO | Source = Application Hang | ID = 1002 Description = Program OTL.com w wersji 3.2.40.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 928 Godzina rozpoczęcia: 01cd1f486ab0d9ee Godzina zakończenia: 15 Ścieżka aplikacji: C:\Users\Mateusz\Downloads\OTL.com Identyfikator raportu: bfba2c9b-8b3b-11e1-872e-6c626d360c74 Error - 2012-04-20 18:56:05 | Computer Name = AUTO | Source = Application Hang | ID = 1002 Description = Program OTL.scr w wersji 3.2.40.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 48c Godzina rozpoczęcia: 01cd1f489d0c84d2 Godzina zakończenia: 72 Ścieżka aplikacji: C:\Users\Mateusz\Downloads\OTL.scr Identyfikator raportu: 003b43c5-8b3c-11e1-872e-6c626d360c74 Error - 2012-04-21 03:07:33 | Computer Name = AUTO | Source = Application Hang | ID = 1002 Description = Program OTL.com w wersji 3.2.40.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: f88 Godzina rozpoczęcia: 01cd1f8d39c4da93 Godzina zakończenia: 10 Ścieżka aplikacji: C:\Users\Mateusz\Downloads\OTL.com Identyfikator raportu: a842d0bb-8b80-11e1-8e43-6c626d360c74 Error - 2012-04-21 03:26:20 | Computer Name = AUTO | Source = Application Hang | ID = 1002 Description = Program OTL.exe w wersji 3.2.40.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: d68 Godzina rozpoczęcia: 01cd1f8fb8276d3a Godzina zakończenia: 19 Ścieżka aplikacji: C:\Users\Mateusz\Downloads\OTL.exe Identyfikator raportu: 46f817ab-8b83-11e1-a98a-6c626d360c74 Error - 2012-04-21 10:23:27 | Computer Name = AUTO | Source = Application Hang | ID = 1002 Description = Program OTL.exe w wersji 3.2.40.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: e5c Godzina rozpoczęcia: 01cd1fca324d863f Godzina zakończenia: 15 Ścieżka aplikacji: C:\Users\Mateusz\Downloads\OTL.exe Identyfikator raportu: 8dc268a7-8bbd-11e1-9111-e0b9a5dc5bb0 [ System Events ] Error - 2012-04-21 11:53:52 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-04-21 11:53:52 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-04-21 11:53:58 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-04-21 11:53:58 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-04-21 11:54:02 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-04-21 11:54:02 | Computer Name = AUTO | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2012-04-21 12:15:29 | Computer Name = AUTO | Source = DCOM | ID = 10010 Description = Error - 2012-04-21 16:16:40 | Computer Name = AUTO | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą SBSD Security Center Service. Error - 2012-04-21 16:16:40 | Computer Name = AUTO | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi SBSD Security Center Service z powodu następującego błędu: %%1053 Error - 2012-04-21 16:58:40 | Computer Name = AUTO | Source = DCOM | ID = 10010 Description = < End of report >[/log]
Gość komentarz 22 kwietnia 2012 komentarz 22 kwietnia 2012 Uruchom OTL i w oknie Własne opcje skanowania/skrypt wklej: [code]:Files C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job :OTL IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yah...={searchTerms}\ IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru...={searchTerms}\ IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found :Commands [emptytemp][/code] Zamknij wszystkie przeglądarki. Jest to konieczne. Następnie kliknij w [b]Wykonaj skrypt.[/b] Zapisz log po usuwaniu i go przedstaw. Odinstaluj [b]Sapybot Search Destroy[/b]. To przestarzały i nie rozwijany program. Wykonaj nowy skan OTL i przedstaw raport. Extras już nie potrzebuję
Evander1991 komentarz 22 kwietnia 2012 Autor komentarz 22 kwietnia 2012 Raport: [log]All processes killed ========== FILES ========== C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000Core.job moved successfully. C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967404725-468176981-4131090368-1000UA.job moved successfully. ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found. HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Prefs.js: "qooqlle" removed from browser.search.selectedEngine Prefs.js: "http://www.qooqlle.com/" removed from browser.startup.homepage Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Readar_sl deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Mateusz ->Temp folder emptied: 17513832 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 21427360 bytes ->Google Chrome cache emptied: 0 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 456 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 37,00 mb OTL by OldTimer - Version 3.2.40.0 log created on 04222012_162045 Files\Folders moved on Reboot... File move failed. C:\Users\Mateusz\AppData\Local\Temp\BIT20E8.tmp scheduled to be moved on reboot. Registry entries deleted on Reboot...[/log] OTL raport: [log]OTL logfile created on: 2012-04-22 16:27:22 - Run 3 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.16562) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,49 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 64,64% Memory free 4,99 Gb Paging File | 4,02 Gb Available in Paging File | 80,54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 58,57 Gb Total Space | 43,47 Gb Free Space | 74,22% Space Free | Partition Type: NTFS Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\Programy\OTL.exe PRC - [2012-04-20 18:17:12 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe PRC - [2012-04-19 09:12:24 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe PRC - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe PRC - [2010-11-15 13:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe PRC - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-06-04 09:50:20 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe PRC - [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-04-18 19:24:16 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll MOD - [2010-04-14 03:31:00 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll MOD - [2009-06-10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll MOD - [2009-06-10 23:14:46 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll MOD - [2009-06-10 23:14:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger) SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF) SRV - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE) SRV - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService) SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc) DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce) DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata) DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata) DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4) DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507) DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86) DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3) DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake) DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = Yandex IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\Google: "URL" = http://www.google.ru/search?hl=ru&q={searchTerms}\ IE - HKLM\..\SearchScopes\Wikipedia: "URL" = http://ru.wikipedia.org/wiki/{searchTerms}\ IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yahoo.com/search?p={searchTerms}\ IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru/yandsearch?stype=&nl=0&text={searchTerms}\ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012-04-17 12:42:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012-04-17 12:42:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2012-04-17 12:42:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M] [2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions [2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions [2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org [2012-04-22 16:22:57 | 000,001,860 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml [2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} () (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI [2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll [2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-04-19 13:22:10 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml [2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: qooqlle () CHR - default_search_provider: search_url = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F CHR - default_search_provider: suggest_url = CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\ O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.) O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [STCAgent] C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.) O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe () O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.) O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm () O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\Shell - "" = AutoRun O33 - MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\Shell\AutoRun\command - "" = F:\setup_homm5.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-04-21 17:20:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Pliki [2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL [2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer [2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet [2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio [2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive [2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games [2012-04-20 00:17:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2012-04-20 00:17:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2012-04-20 00:17:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2012-04-20 00:17:26 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2012-04-20 00:17:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2012-04-20 00:17:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2012-04-20 00:17:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2012-04-20 00:17:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2012-04-20 00:17:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2012-04-20 00:17:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2012-04-20 00:17:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2012-04-20 00:17:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2012-04-20 00:17:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2012-04-20 00:17:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2012-04-20 00:17:23 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2012-04-20 00:17:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2012-04-20 00:17:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2012-04-20 00:17:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2012-04-20 00:17:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2012-04-20 00:17:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2012-04-20 00:17:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2012-04-20 00:17:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2012-04-20 00:17:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2012-04-20 00:17:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2012-04-20 00:17:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2012-04-20 00:17:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2012-04-20 00:17:20 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2012-04-20 00:17:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2012-04-20 00:17:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2012-04-20 00:17:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2012-04-20 00:17:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2012-04-20 00:17:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2012-04-20 00:17:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2012-04-20 00:17:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2012-04-20 00:17:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2012-04-20 00:17:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2012-04-20 00:17:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2012-04-20 00:17:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2012-04-20 00:17:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2012-04-20 00:17:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2012-04-20 00:17:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2012-04-20 00:17:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2012-04-20 00:17:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2012-04-20 00:17:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2012-04-20 00:17:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2012-04-20 00:17:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2012-04-20 00:17:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2012-04-20 00:17:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2012-04-20 00:17:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2012-04-20 00:17:12 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2012-04-20 00:17:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2012-04-20 00:17:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2012-04-20 00:17:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2012-04-20 00:17:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2012-04-20 00:17:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2012-04-20 00:17:09 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2012-04-20 00:17:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2012-04-20 00:17:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2012-04-20 00:17:09 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2012-04-20 00:17:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2012-04-20 00:17:08 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2012-04-20 00:17:08 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2012-04-20 00:17:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2012-04-20 00:17:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2012-04-20 00:17:07 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2012-04-20 00:17:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2012-04-20 00:17:07 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2012-04-20 00:17:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2012-04-20 00:17:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2012-04-20 00:17:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2012-04-20 00:17:04 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2012-04-20 00:17:04 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2012-04-20 00:17:03 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2012-04-20 00:17:03 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2012-04-20 00:17:03 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2012-04-20 00:17:02 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2012-04-20 00:17:01 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft [2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images [2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU [2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU [2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter [2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt [2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO [2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer [2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer [2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player [2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs [2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic [2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit [2012-04-19 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2012-04-19 00:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft [2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp [2012-04-18 23:57:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3 [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit [2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs [2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera [2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2012-04-18 19:24:16 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-18 19:24:16 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI [2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des [2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys [2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox [2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74 [2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74 [2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird [2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype [2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander [2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER [2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter [2012-04-17 22:02:03 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2012-04-17 22:02:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2012-04-17 22:02:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2012-04-17 22:02:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2012-04-17 22:02:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2012-04-17 21:15:51 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PMB Files [2012-04-17 21:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2012-04-17 21:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe [2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games [2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP [2012-04-17 19:43:56 | 000,035,968 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys [2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012-04-17 19:37:47 | 000,066,688 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_sata.sys [2012-04-17 19:37:47 | 000,033,408 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_xata.sys [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012-04-17 19:37:08 | 000,211,984 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys [2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012-04-17 19:36:37 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll [2012-04-17 19:36:37 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll [2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll [2012-04-17 19:36:36 | 018,388,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll [2012-04-17 19:36:36 | 008,396,800 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys [2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe [2012-04-17 19:36:36 | 000,247,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys [2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe [2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll [2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll [2012-04-17 19:36:36 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll [2012-04-17 19:36:36 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll [2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll [2012-04-17 19:36:36 | 000,013,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll [2012-04-17 19:36:35 | 008,247,296 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll [2012-04-17 19:36:35 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe [2012-04-17 19:36:35 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll [2012-04-17 19:36:35 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll [2012-04-17 19:36:35 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll [2012-04-17 19:26:01 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn0415.exe [2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD [2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2012-04-17 16:05:26 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI [2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012-04-17 16:00:48 | 004,256,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll [2012-04-17 16:00:48 | 004,056,064 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll [2012-04-17 16:00:48 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll [2012-04-17 16:00:48 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe [2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll [2012-04-17 16:00:48 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe [2012-04-17 16:00:48 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll [2012-04-17 16:00:48 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll [2012-04-17 16:00:47 | 004,198,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll [2012-04-17 16:00:47 | 000,726,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll [2012-04-17 16:00:47 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll [2012-04-17 16:00:47 | 000,266,240 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll [2012-04-17 16:00:47 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe [2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics [2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother [2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2012-04-17 15:27:49 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll [2012-04-17 15:27:49 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll [2012-04-17 15:27:48 | 002,285,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2012-04-17 15:27:48 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll [2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2012-04-17 15:27:48 | 000,178,624 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll [2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2012-04-17 15:27:48 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll [2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll [2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll [2012-04-17 15:27:47 | 003,378,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll [2012-04-17 15:27:47 | 001,892,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat [2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2012-04-17 15:27:47 | 001,329,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll [2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll [2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll [2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll [2012-04-17 15:27:47 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll [2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll [2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll [2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll [2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll [2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll [2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll [2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll [2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll [2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll [2012-04-17 15:27:44 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2012-04-17 15:27:44 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2012-04-17 15:27:43 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile [2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2012-04-17 12:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop [2012-04-17 12:41:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} [2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop [2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop [2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software [2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google [2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI [2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI [2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco [2012-04-17 11:47:09 | 001,057,896 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8192ce.sys [2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver [2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys [2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation [2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia [2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros [2012-04-17 11:42:19 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll [2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics [2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot [2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero [2012-04-16 23:31:19 | 003,144,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back [2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games [2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games [2012-04-16 22:02:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2012-04-16 22:02:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2012-04-16 22:02:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2012-04-16 22:02:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design [2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe [2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla [2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower [2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla [2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2012-04-16 21:12:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla [2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar [2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2012-04-16 21:02:32 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 21:02:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2012-04-16 21:02:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real [2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2012-04-16 21:01:25 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm [2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012-04-16 20:40:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2012-04-16 20:40:31 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia [2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry [2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy [2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange [2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector [2012-04-16 20:00:07 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll [2012-04-16 20:00:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll [2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom [2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities [2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts [2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-04-16 19:56:47 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll [2012-04-16 19:56:47 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe [2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe [2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe [2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs [2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games [2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-04-22 16:33:06 | 003,670,016 | -H-- | M] () -- C:\Users\Mateusz\NTUSER.DAT [2012-04-22 16:33:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-22 16:29:35 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-04-22 16:29:35 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-04-22 16:22:19 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-22 16:21:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-04-22 16:21:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-04-22 16:18:44 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-22 09:35:45 | 003,531,115 | -H-- | M] () -- C:\Users\Mateusz\AppData\Local\IconCache.db [2012-04-21 23:58:16 | 002,317,686 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2012-04-21 23:58:16 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-04-21 23:58:16 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat [2012-04-21 23:58:16 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-04-21 23:58:16 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-04-21 23:58:16 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat [2012-04-21 23:58:16 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat [2012-04-19 13:12:01 | 008,180,224 | RHS- | M] () -- C:\ProgramData\TunesHelper.exe [2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-18 19:33:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-18 19:33:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 20:30:58 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:52:55 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:41:30 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:27 | 000,262,144 | ---- | M] () -- C:\ProgramData\NTUser.dat [2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf [2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012-04-16 23:31:19 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer_.exe.Back.0.219815846169282 [2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:16:57 | 000,051,672 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT [2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 21:12:08 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:02:32 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 21:02:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2012-04-16 21:02:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI [2012-04-16 20:52:57 | 000,000,499 | ---- | M] () -- C:\Windows\win.ini [2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-04-16 20:05:21 | 000,065,536 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [2012-04-16 19:56:36 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll [2012-04-16 19:56:36 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe [2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe [2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe [2012-04-16 19:54:18 | 000,000,020 | -HS- | M] () -- C:\Users\Mateusz\ntuser.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat [2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2012-04-19 13:12:07 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe [2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF [2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap [2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml [2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb [2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012-04-17 12:52:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:52:53 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:52:53 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:41:27 | 000,262,144 | ---- | C] () -- C:\ProgramData\NTUser.dat [2012-04-17 12:41:27 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:40:53 | 000,001,408 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk [2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe [2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf [2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat [2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:14:44 | 003,531,115 | -H-- | C] () -- C:\Users\Mateusz\AppData\Local\IconCache.db [2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 20:11:28 | 000,051,672 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT [2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-04-16 19:54:18 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-04-16 19:54:18 | 000,000,020 | -HS- | C] () -- C:\Users\Mateusz\ntuser.ini [2012-04-16 19:54:17 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-04-16 19:54:17 | 000,065,536 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-04-16 19:54:09 | 003,670,016 | -H-- | C] () -- C:\Users\Mateusz\NTUSER.DAT [2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2010-06-21 13:39:23 | 002,317,686 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [color=#E56717]========== LOP Check ==========[/color] [2012-04-18 23:54:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2012-04-19 01:20:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit [2012-04-19 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2012-04-20 08:00:29 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2012-04-20 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet [2012-04-17 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GHISLER [2012-04-16 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ipla [2012-04-18 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\LolClient [2012-04-18 18:22:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MSI [2012-04-21 00:41:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera [2012-04-17 12:40:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Splashtop [2012-04-20 00:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive [2012-04-17 23:34:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird [2009-07-14 06:53:46 | 000,012,800 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >[/log]
Gość komentarz 22 kwietnia 2012 komentarz 22 kwietnia 2012 wejdz w tryb awaryjny Windows. Uruchom OTL i wykonaj ten skrypt [code]:OTL IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O33 - MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\Shell - "" = AutoRun O33 - MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\Shell\AutoRun\command - "" = F:\setup_homm5.exe :Files C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml C:\Program Files\mozilla firefox\searchplugins\v9.xml :Commands [emtytemp][/code] Zapisz rapot z usuwania i napisz jak wyglada sytuacja
Evander1991 komentarz 22 kwietnia 2012 Autor komentarz 22 kwietnia 2012 Niestety dalej nic Oto raport: [log]========== OTL ========== HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Prefs.js: "qooqlle" removed from browser.search.selectedEngine Prefs.js: "http://www.qooqlle.com/" removed from browser.startup.homepage Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Readar_sl deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e0c2a19c-87f1-11e1-9873-b1ddfeffb464}\ not found. File F:\setup_homm5.exe not found. ========== FILES ========== C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml moved successfully. C:\Program Files\mozilla firefox\searchplugins\v9.xml moved successfully. ========== COMMANDS ========== Error: Unable to interpret <[emtytemp]> in the current context! OTL by OldTimer - Version 3.2.40.0 log created on 04222012_194543[/log]OTL skan: [log]OTL logfile created on: 2012-04-22 19:54:19 - Run 4 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.16562) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,49 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 70,08% Memory free 4,99 Gb Paging File | 4,16 Gb Available in Paging File | 83,41% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 58,57 Gb Total Space | 43,37 Gb Free Space | 74,05% Space Free | Partition Type: NTFS Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\Programy\OTL.exe PRC - [2012-04-20 18:17:12 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe PRC - [2012-04-19 09:12:24 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe PRC - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe PRC - [2010-11-15 13:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe PRC - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-06-04 09:50:20 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-04-18 19:24:16 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll MOD - [2010-04-14 03:31:00 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll MOD - [2009-06-10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll MOD - [2009-06-10 23:14:46 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll MOD - [2009-06-10 23:14:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger) SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2011-03-24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF) SRV - [2011-03-22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE) SRV - [2010-11-15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService) SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc) DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce) DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata) DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata) DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4) DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507) DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86) DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3) DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake) DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = Yandex IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\Google: "URL" = http://www.google.ru/search?hl=ru&q={searchTerms}\ IE - HKLM\..\SearchScopes\Wikipedia: "URL" = http://ru.wikipedia.org/wiki/{searchTerms}\ IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yahoo.com/search?p={searchTerms}\ IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru/yandsearch?stype=&nl=0&text={searchTerms}\ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012-04-17 12:42:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012-04-17 12:42:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2012-04-17 12:42:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M] [2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions [2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions [2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org [2012-04-22 19:47:51 | 000,001,860 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml [2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} () (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI [2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll [2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: qooqlle () CHR - default_search_provider: search_url = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F CHR - default_search_provider: suggest_url = CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\ O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.) O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [STCAgent] C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.) O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe () O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.) O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm () O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-04-21 17:20:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Pliki [2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL [2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer [2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet [2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio [2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive [2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games [2012-04-20 00:17:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2012-04-20 00:17:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2012-04-20 00:17:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2012-04-20 00:17:26 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2012-04-20 00:17:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2012-04-20 00:17:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2012-04-20 00:17:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2012-04-20 00:17:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2012-04-20 00:17:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2012-04-20 00:17:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2012-04-20 00:17:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2012-04-20 00:17:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2012-04-20 00:17:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2012-04-20 00:17:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2012-04-20 00:17:23 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2012-04-20 00:17:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2012-04-20 00:17:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2012-04-20 00:17:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2012-04-20 00:17:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2012-04-20 00:17:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2012-04-20 00:17:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2012-04-20 00:17:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2012-04-20 00:17:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2012-04-20 00:17:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2012-04-20 00:17:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2012-04-20 00:17:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2012-04-20 00:17:20 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2012-04-20 00:17:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2012-04-20 00:17:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2012-04-20 00:17:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2012-04-20 00:17:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2012-04-20 00:17:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2012-04-20 00:17:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2012-04-20 00:17:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2012-04-20 00:17:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2012-04-20 00:17:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2012-04-20 00:17:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2012-04-20 00:17:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2012-04-20 00:17:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2012-04-20 00:17:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2012-04-20 00:17:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2012-04-20 00:17:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2012-04-20 00:17:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2012-04-20 00:17:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2012-04-20 00:17:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2012-04-20 00:17:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2012-04-20 00:17:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2012-04-20 00:17:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2012-04-20 00:17:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2012-04-20 00:17:12 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2012-04-20 00:17:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2012-04-20 00:17:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2012-04-20 00:17:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2012-04-20 00:17:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2012-04-20 00:17:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2012-04-20 00:17:09 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2012-04-20 00:17:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2012-04-20 00:17:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2012-04-20 00:17:09 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2012-04-20 00:17:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2012-04-20 00:17:08 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2012-04-20 00:17:08 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2012-04-20 00:17:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2012-04-20 00:17:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2012-04-20 00:17:07 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2012-04-20 00:17:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2012-04-20 00:17:07 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2012-04-20 00:17:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2012-04-20 00:17:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2012-04-20 00:17:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2012-04-20 00:17:04 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2012-04-20 00:17:04 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2012-04-20 00:17:03 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2012-04-20 00:17:03 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2012-04-20 00:17:03 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2012-04-20 00:17:02 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2012-04-20 00:17:01 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft [2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images [2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU [2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU [2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter [2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt [2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO [2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer [2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer [2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player [2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs [2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic [2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit [2012-04-19 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2012-04-19 00:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft [2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp [2012-04-18 23:57:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3 [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit [2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs [2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera [2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2012-04-18 19:24:16 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-18 19:24:16 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI [2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des [2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys [2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox [2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74 [2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74 [2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird [2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype [2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander [2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER [2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter [2012-04-17 22:02:03 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2012-04-17 22:02:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2012-04-17 22:02:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2012-04-17 22:02:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2012-04-17 22:02:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2012-04-17 21:15:51 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PMB Files [2012-04-17 21:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2012-04-17 21:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe [2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games [2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP [2012-04-17 19:43:56 | 000,035,968 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys [2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012-04-17 19:37:47 | 000,066,688 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_sata.sys [2012-04-17 19:37:47 | 000,033,408 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_xata.sys [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012-04-17 19:37:08 | 000,211,984 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys [2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012-04-17 19:36:37 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll [2012-04-17 19:36:37 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll [2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll [2012-04-17 19:36:36 | 018,388,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll [2012-04-17 19:36:36 | 008,396,800 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys [2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe [2012-04-17 19:36:36 | 000,247,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys [2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe [2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll [2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll [2012-04-17 19:36:36 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll [2012-04-17 19:36:36 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll [2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll [2012-04-17 19:36:36 | 000,013,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll [2012-04-17 19:36:35 | 008,247,296 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll [2012-04-17 19:36:35 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe [2012-04-17 19:36:35 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll [2012-04-17 19:36:35 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll [2012-04-17 19:36:35 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll [2012-04-17 19:26:01 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn0415.exe [2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD [2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2012-04-17 16:05:26 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI [2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012-04-17 16:00:48 | 004,256,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll [2012-04-17 16:00:48 | 004,056,064 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll [2012-04-17 16:00:48 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll [2012-04-17 16:00:48 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe [2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll [2012-04-17 16:00:48 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe [2012-04-17 16:00:48 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll [2012-04-17 16:00:48 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll [2012-04-17 16:00:47 | 004,198,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll [2012-04-17 16:00:47 | 000,726,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll [2012-04-17 16:00:47 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll [2012-04-17 16:00:47 | 000,266,240 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll [2012-04-17 16:00:47 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe [2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics [2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother [2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2012-04-17 15:27:49 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll [2012-04-17 15:27:49 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll [2012-04-17 15:27:48 | 002,285,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2012-04-17 15:27:48 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll [2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2012-04-17 15:27:48 | 000,178,624 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll [2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2012-04-17 15:27:48 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll [2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll [2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll [2012-04-17 15:27:47 | 003,378,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll [2012-04-17 15:27:47 | 001,892,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat [2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2012-04-17 15:27:47 | 001,329,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll [2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll [2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll [2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll [2012-04-17 15:27:47 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll [2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll [2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll [2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll [2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll [2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll [2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll [2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll [2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll [2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll [2012-04-17 15:27:44 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2012-04-17 15:27:44 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2012-04-17 15:27:43 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile [2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2012-04-17 12:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop [2012-04-17 12:41:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} [2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop [2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop [2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software [2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google [2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI [2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI [2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco [2012-04-17 11:47:09 | 001,057,896 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8192ce.sys [2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver [2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys [2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation [2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia [2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros [2012-04-17 11:42:19 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll [2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics [2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot [2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero [2012-04-16 23:31:19 | 003,144,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back [2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games [2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games [2012-04-16 22:02:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2012-04-16 22:02:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2012-04-16 22:02:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2012-04-16 22:02:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design [2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe [2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla [2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower [2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla [2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2012-04-16 21:12:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla [2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar [2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2012-04-16 21:02:32 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 21:02:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2012-04-16 21:02:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real [2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2012-04-16 21:01:25 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm [2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012-04-16 20:40:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2012-04-16 20:40:31 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia [2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry [2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy [2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange [2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector [2012-04-16 20:00:07 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll [2012-04-16 20:00:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll [2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom [2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities [2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts [2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-04-16 19:56:47 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll [2012-04-16 19:56:47 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe [2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe [2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe [2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs [2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games [2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-04-22 20:00:11 | 003,670,016 | -H-- | M] () -- C:\Users\Mateusz\NTUSER.DAT [2012-04-22 19:54:45 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-04-22 19:54:45 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-04-22 19:47:22 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-22 19:47:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-04-22 19:47:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-04-22 19:33:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-22 19:25:33 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-21 23:58:16 | 002,317,686 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2012-04-21 23:58:16 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-04-21 23:58:16 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat [2012-04-21 23:58:16 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-04-21 23:58:16 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-04-21 23:58:16 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat [2012-04-21 23:58:16 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat [2012-04-19 13:12:01 | 008,180,224 | RHS- | M] () -- C:\ProgramData\TunesHelper.exe [2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-18 19:33:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-18 19:33:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 20:30:58 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:52:55 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:41:30 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:27 | 000,262,144 | ---- | M] () -- C:\ProgramData\NTUser.dat [2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf [2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012-04-16 23:31:19 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer_.exe.Back.0.219815846169282 [2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:16:57 | 000,051,672 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT [2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 21:12:08 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:02:32 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 21:02:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2012-04-16 21:02:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI [2012-04-16 20:52:57 | 000,000,499 | ---- | M] () -- C:\Windows\win.ini [2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-04-16 20:05:21 | 000,065,536 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [2012-04-16 19:56:36 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll [2012-04-16 19:56:36 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe [2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe [2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe [2012-04-16 19:54:18 | 000,000,020 | -HS- | M] () -- C:\Users\Mateusz\ntuser.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat [2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2012-04-19 13:12:07 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe [2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF [2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap [2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml [2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb [2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012-04-17 12:52:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:52:53 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:52:53 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:41:27 | 000,262,144 | ---- | C] () -- C:\ProgramData\NTUser.dat [2012-04-17 12:41:27 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:40:53 | 000,001,408 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk [2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe [2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf [2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat [2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 20:11:28 | 000,051,672 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT [2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-04-16 19:54:18 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-04-16 19:54:18 | 000,000,020 | -HS- | C] () -- C:\Users\Mateusz\ntuser.ini [2012-04-16 19:54:17 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-04-16 19:54:17 | 000,065,536 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-04-16 19:54:09 | 003,670,016 | -H-- | C] () -- C:\Users\Mateusz\NTUSER.DAT [2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2010-06-21 13:39:23 | 002,317,686 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI < End of report >[/log]
Gość komentarz 22 kwietnia 2012 komentarz 22 kwietnia 2012 W pasek adresów w Firefoxie wpisz [b]about:config > Enter > potwierdź OK[/b] Znajdź na liście następujące wartości: [code]FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"[/code] PPM na wartość wybierasz modyfikuj > wycinasz qooqlle i zostawiasz czyste pole zatwierdzasz OK w drugie wpisujesz strone startową [b]www.google.pl[/b] zatwierdzasz zmainy i sprawdzasz 1
Evander1991 komentarz 22 kwietnia 2012 Autor komentarz 22 kwietnia 2012 1. Jest tylko do wyboru true or false 2. Zmienione Nic to niestety nie dało dalej...
Gość komentarz 23 kwietnia 2012 komentarz 23 kwietnia 2012 Odinstaluj następujace oprogramowanie [b]Splashtop Connect IE Splashtop Connect for Firefox Pando Media Booster[/b] Wykonaj nowy skan OTL i przedstaw log. Spróbujemy jeszcze raz.
Evander1991 komentarz 23 kwietnia 2012 Autor komentarz 23 kwietnia 2012 Odinstalowane. Za chwile dodam do tego postu loga. Co do wyszukiwarek w FF u góry po prawej to wcześniej miałem Google(to normalne), Google(coś co się podszywało pod google) i qooqlle. To fałszywe Google zniknęło po tych naprawach skryptu.OTL raport: [log]OTL logfile created on: 2012-04-23 09:31:47 - Run 5 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.16562) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,49 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 71,12% Memory free 4,99 Gb Paging File | 4,24 Gb Available in Paging File | 84,95% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 58,57 Gb Total Space | 43,28 Gb Free Space | 73,90% Space Free | Partition Type: NTFS Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\Programy\OTL.exe PRC - [2012-04-20 18:17:12 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-06-04 09:50:20 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll MOD - [2010-04-14 03:31:00 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll MOD - [2009-06-10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll MOD - [2009-06-10 23:14:46 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll MOD - [2009-06-10 23:14:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger) SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc) DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce) DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata) DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata) DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4) DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507) DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86) DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3) DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake) DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = Yandex IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\Google: "URL" = http://www.google.ru/search?hl=ru&q={searchTerms}\ IE - HKLM\..\SearchScopes\Wikipedia: "URL" = http://ru.wikipedia.org/wiki/{searchTerms}\ IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yahoo.com/search?p={searchTerms}\ IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru/yandsearch?stype=&nl=0&text={searchTerms}\ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M] [2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions [2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions [2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org [2012-04-23 09:23:37 | 000,001,860 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml [2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} () (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI [2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll [2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: qooqlle () CHR - default_search_provider: search_url = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F CHR - default_search_provider: suggest_url = CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\ O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe () O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm () O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.202.144.12 85.202.144.11 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 85.202.144.12 85.202.144.11 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-04-23 09:27:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2012-04-21 17:20:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Pliki [2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL [2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer [2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet [2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio [2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive [2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games [2012-04-20 00:17:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2012-04-20 00:17:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2012-04-20 00:17:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2012-04-20 00:17:26 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2012-04-20 00:17:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2012-04-20 00:17:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2012-04-20 00:17:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2012-04-20 00:17:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2012-04-20 00:17:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2012-04-20 00:17:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2012-04-20 00:17:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2012-04-20 00:17:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2012-04-20 00:17:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2012-04-20 00:17:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2012-04-20 00:17:23 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2012-04-20 00:17:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2012-04-20 00:17:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2012-04-20 00:17:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2012-04-20 00:17:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2012-04-20 00:17:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2012-04-20 00:17:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2012-04-20 00:17:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2012-04-20 00:17:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2012-04-20 00:17:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2012-04-20 00:17:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2012-04-20 00:17:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2012-04-20 00:17:20 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2012-04-20 00:17:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2012-04-20 00:17:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2012-04-20 00:17:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2012-04-20 00:17:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2012-04-20 00:17:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2012-04-20 00:17:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2012-04-20 00:17:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2012-04-20 00:17:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2012-04-20 00:17:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2012-04-20 00:17:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2012-04-20 00:17:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2012-04-20 00:17:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2012-04-20 00:17:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2012-04-20 00:17:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2012-04-20 00:17:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2012-04-20 00:17:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2012-04-20 00:17:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2012-04-20 00:17:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2012-04-20 00:17:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2012-04-20 00:17:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2012-04-20 00:17:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2012-04-20 00:17:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2012-04-20 00:17:12 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2012-04-20 00:17:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2012-04-20 00:17:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2012-04-20 00:17:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2012-04-20 00:17:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2012-04-20 00:17:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2012-04-20 00:17:09 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2012-04-20 00:17:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2012-04-20 00:17:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2012-04-20 00:17:09 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2012-04-20 00:17:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2012-04-20 00:17:08 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2012-04-20 00:17:08 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2012-04-20 00:17:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2012-04-20 00:17:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2012-04-20 00:17:07 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2012-04-20 00:17:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2012-04-20 00:17:07 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2012-04-20 00:17:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2012-04-20 00:17:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2012-04-20 00:17:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2012-04-20 00:17:04 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2012-04-20 00:17:04 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2012-04-20 00:17:03 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2012-04-20 00:17:03 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2012-04-20 00:17:03 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2012-04-20 00:17:02 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2012-04-20 00:17:01 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft [2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images [2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU [2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU [2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter [2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt [2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO [2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer [2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer [2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player [2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs [2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic [2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit [2012-04-19 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2012-04-19 00:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft [2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp [2012-04-18 23:57:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3 [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit [2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs [2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera [2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2012-04-18 19:24:16 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-18 19:24:16 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI [2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des [2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys [2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox [2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74 [2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74 [2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird [2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype [2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander [2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER [2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter [2012-04-17 22:02:03 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2012-04-17 22:02:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2012-04-17 22:02:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2012-04-17 22:02:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2012-04-17 22:02:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2012-04-17 21:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe [2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games [2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP [2012-04-17 19:43:56 | 000,035,968 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys [2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012-04-17 19:37:47 | 000,066,688 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_sata.sys [2012-04-17 19:37:47 | 000,033,408 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_xata.sys [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012-04-17 19:37:08 | 000,211,984 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys [2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012-04-17 19:36:37 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll [2012-04-17 19:36:37 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll [2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll [2012-04-17 19:36:36 | 018,388,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll [2012-04-17 19:36:36 | 008,396,800 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys [2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe [2012-04-17 19:36:36 | 000,247,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys [2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe [2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll [2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll [2012-04-17 19:36:36 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll [2012-04-17 19:36:36 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll [2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll [2012-04-17 19:36:36 | 000,013,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll [2012-04-17 19:36:35 | 008,247,296 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll [2012-04-17 19:36:35 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe [2012-04-17 19:36:35 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll [2012-04-17 19:36:35 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll [2012-04-17 19:36:35 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll [2012-04-17 19:26:01 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn0415.exe [2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD [2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2012-04-17 16:05:26 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI [2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012-04-17 16:00:48 | 004,256,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll [2012-04-17 16:00:48 | 004,056,064 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll [2012-04-17 16:00:48 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll [2012-04-17 16:00:48 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe [2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll [2012-04-17 16:00:48 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe [2012-04-17 16:00:48 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll [2012-04-17 16:00:48 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll [2012-04-17 16:00:47 | 004,198,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll [2012-04-17 16:00:47 | 000,726,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll [2012-04-17 16:00:47 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll [2012-04-17 16:00:47 | 000,266,240 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll [2012-04-17 16:00:47 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe [2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics [2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother [2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2012-04-17 15:27:49 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll [2012-04-17 15:27:49 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll [2012-04-17 15:27:48 | 002,285,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2012-04-17 15:27:48 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll [2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2012-04-17 15:27:48 | 000,178,624 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll [2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2012-04-17 15:27:48 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll [2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll [2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll [2012-04-17 15:27:47 | 003,378,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll [2012-04-17 15:27:47 | 001,892,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat [2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2012-04-17 15:27:47 | 001,329,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll [2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll [2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll [2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll [2012-04-17 15:27:47 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll [2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll [2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll [2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll [2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll [2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll [2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll [2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll [2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll [2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll [2012-04-17 15:27:44 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2012-04-17 15:27:44 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2012-04-17 15:27:43 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile [2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2012-04-17 12:41:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} [2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop [2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop [2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software [2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google [2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI [2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI [2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco [2012-04-17 11:47:09 | 001,057,896 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8192ce.sys [2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver [2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys [2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation [2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia [2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros [2012-04-17 11:42:19 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll [2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics [2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot [2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero [2012-04-16 23:31:19 | 003,144,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back [2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games [2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games [2012-04-16 22:02:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2012-04-16 22:02:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2012-04-16 22:02:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2012-04-16 22:02:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design [2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe [2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla [2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower [2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla [2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2012-04-16 21:12:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla [2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar [2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2012-04-16 21:02:32 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 21:02:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2012-04-16 21:02:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real [2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2012-04-16 21:01:25 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm [2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012-04-16 20:40:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2012-04-16 20:40:31 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia [2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry [2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy [2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange [2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector [2012-04-16 20:00:07 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll [2012-04-16 20:00:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll [2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom [2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities [2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts [2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-04-16 19:56:47 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll [2012-04-16 19:56:47 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe [2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe [2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe [2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs [2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games [2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-04-23 09:33:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-23 09:32:12 | 003,670,016 | -H-- | M] () -- C:\Users\Mateusz\NTUSER.DAT [2012-04-23 09:30:41 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-04-23 09:30:41 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-04-23 09:23:26 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-23 09:23:09 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-23 09:23:09 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-04-23 09:22:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-04-22 23:42:25 | 001,291,634 | -H-- | M] () -- C:\Users\Mateusz\AppData\Local\IconCache.db [2012-04-22 22:28:52 | 002,317,686 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2012-04-22 22:28:52 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-04-22 22:28:52 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat [2012-04-22 22:28:52 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-04-22 22:28:52 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-04-22 22:28:52 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat [2012-04-22 22:28:52 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat [2012-04-19 13:12:01 | 008,180,224 | RHS- | M] () -- C:\ProgramData\TunesHelper.exe [2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-18 19:33:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-18 19:33:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 20:30:58 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:52:55 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:41:30 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:27 | 000,262,144 | ---- | M] () -- C:\ProgramData\NTUser.dat [2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf [2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012-04-16 23:31:19 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer_.exe.Back.0.219815846169282 [2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:16:57 | 000,051,672 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT [2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 21:12:08 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:02:32 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 21:02:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2012-04-16 21:02:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI [2012-04-16 20:52:57 | 000,000,499 | ---- | M] () -- C:\Windows\win.ini [2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-04-16 20:05:21 | 000,065,536 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [2012-04-16 19:56:36 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll [2012-04-16 19:56:36 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe [2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe [2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe [2012-04-16 19:54:18 | 000,000,020 | -HS- | M] () -- C:\Users\Mateusz\ntuser.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-04-22 21:16:51 | 001,291,634 | -H-- | C] () -- C:\Users\Mateusz\AppData\Local\IconCache.db [2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat [2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2012-04-19 13:12:07 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe [2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF [2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap [2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml [2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb [2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012-04-17 12:52:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:52:53 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:52:53 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:41:27 | 000,262,144 | ---- | C] () -- C:\ProgramData\NTUser.dat [2012-04-17 12:41:27 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe [2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf [2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat [2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 20:11:28 | 000,051,672 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT [2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-04-16 19:54:18 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-04-16 19:54:18 | 000,000,020 | -HS- | C] () -- C:\Users\Mateusz\ntuser.ini [2012-04-16 19:54:17 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-04-16 19:54:17 | 000,065,536 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-04-16 19:54:09 | 003,670,016 | -H-- | C] () -- C:\Users\Mateusz\NTUSER.DAT [2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2010-06-21 13:39:23 | 002,317,686 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [color=#E56717]========== LOP Check ==========[/color] [2012-04-18 23:54:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2012-04-19 01:20:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit [2012-04-19 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2012-04-20 08:00:29 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2012-04-20 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet [2012-04-17 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GHISLER [2012-04-16 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ipla [2012-04-18 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\LolClient [2012-04-18 18:22:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MSI [2012-04-21 00:41:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera [2012-04-23 09:30:27 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Splashtop [2012-04-20 00:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive [2012-04-17 23:34:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird [2009-07-14 06:53:46 | 000,014,120 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >[/log]
Gość komentarz 23 kwietnia 2012 komentarz 23 kwietnia 2012 Uruchom OTL i w oknie Własne opcje skanowania skrypt wklej: [code]:OTL IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found :Files C:\Program Files\Pando Networks C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} :Commands [reboot][/code] Kliknij w [b]Wykonaj skrypt[/b] Przedstawiasz log z usuwania i nowy z opcji Skanuj. [b]2.[/b] Sprawdź, co jest w tych folderze [b]C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[/b] ma atrybut ukryty więc musisz miec właczone pokazywanie ukrytych plików systemowych
Evander1991 komentarz 23 kwietnia 2012 Autor komentarz 23 kwietnia 2012 Raport z wykonania się nie pojawił. Co do pliku jest to plik systemowy powstał dziś rano o 9:30 i jest też drugi bliźniaczo podobny też z tej samej godziny. OTL raport: [log]OTL logfile created on: 2012-04-23 14:32:13 - Run 6 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.16562) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,49 Gb Total Physical Memory | 1,88 Gb Available Physical Memory | 75,38% Memory free 4,99 Gb Paging File | 4,35 Gb Available in Paging File | 87,29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 58,57 Gb Total Space | 42,61 Gb Free Space | 72,74% Space Free | Partition Type: NTFS Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\Programy\OTL.exe PRC - [2012-04-20 18:17:12 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Updater\Updater.exe PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-06-04 09:50:20 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger) SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc) DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce) DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata) DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata) DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4) DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507) DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86) DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3) DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake) DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = Yandex IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\Google: "URL" = http://www.google.ru/search?hl=ru&q={searchTerms}\ IE - HKLM\..\SearchScopes\Wikipedia: "URL" = http://ru.wikipedia.org/wiki/{searchTerms}\ IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yahoo.com/search?p={searchTerms}\ IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru/yandsearch?stype=&nl=0&text={searchTerms}\ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M] [2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions [2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions [2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org [2012-04-23 14:31:00 | 000,001,860 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\searchplugins\search.xml [2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} () (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI [2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll [2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: qooqlle () CHR - default_search_provider: search_url = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F CHR - default_search_provider: suggest_url = CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\ O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe () O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm () O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.202.144.12 85.202.144.11 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 85.202.144.12 85.202.144.11 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-04-23 10:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2012-04-23 09:27:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2012-04-21 17:20:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Pliki [2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL [2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer [2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet [2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio [2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive [2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games [2012-04-20 00:17:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2012-04-20 00:17:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2012-04-20 00:17:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2012-04-20 00:17:26 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2012-04-20 00:17:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2012-04-20 00:17:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2012-04-20 00:17:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2012-04-20 00:17:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2012-04-20 00:17:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2012-04-20 00:17:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2012-04-20 00:17:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2012-04-20 00:17:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2012-04-20 00:17:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2012-04-20 00:17:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2012-04-20 00:17:23 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2012-04-20 00:17:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2012-04-20 00:17:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2012-04-20 00:17:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2012-04-20 00:17:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2012-04-20 00:17:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2012-04-20 00:17:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2012-04-20 00:17:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2012-04-20 00:17:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2012-04-20 00:17:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2012-04-20 00:17:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2012-04-20 00:17:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2012-04-20 00:17:20 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2012-04-20 00:17:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2012-04-20 00:17:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2012-04-20 00:17:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2012-04-20 00:17:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2012-04-20 00:17:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2012-04-20 00:17:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2012-04-20 00:17:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2012-04-20 00:17:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2012-04-20 00:17:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2012-04-20 00:17:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2012-04-20 00:17:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2012-04-20 00:17:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2012-04-20 00:17:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2012-04-20 00:17:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2012-04-20 00:17:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2012-04-20 00:17:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2012-04-20 00:17:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2012-04-20 00:17:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2012-04-20 00:17:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2012-04-20 00:17:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2012-04-20 00:17:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2012-04-20 00:17:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2012-04-20 00:17:12 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2012-04-20 00:17:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2012-04-20 00:17:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2012-04-20 00:17:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2012-04-20 00:17:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2012-04-20 00:17:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2012-04-20 00:17:09 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2012-04-20 00:17:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2012-04-20 00:17:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2012-04-20 00:17:09 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2012-04-20 00:17:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2012-04-20 00:17:08 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2012-04-20 00:17:08 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2012-04-20 00:17:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2012-04-20 00:17:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2012-04-20 00:17:07 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2012-04-20 00:17:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2012-04-20 00:17:07 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2012-04-20 00:17:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2012-04-20 00:17:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2012-04-20 00:17:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2012-04-20 00:17:04 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2012-04-20 00:17:04 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2012-04-20 00:17:03 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2012-04-20 00:17:03 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2012-04-20 00:17:03 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2012-04-20 00:17:02 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2012-04-20 00:17:01 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft [2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images [2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU [2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU [2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter [2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt [2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO [2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer [2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer [2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player [2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs [2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic [2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit [2012-04-19 00:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft [2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp [2012-04-18 23:57:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3 [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit [2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs [2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera [2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2012-04-18 19:24:16 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-18 19:24:16 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI [2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des [2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys [2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox [2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74 [2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74 [2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird [2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype [2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander [2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER [2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter [2012-04-17 22:02:03 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2012-04-17 22:02:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2012-04-17 22:02:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2012-04-17 22:02:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2012-04-17 22:02:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe [2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games [2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP [2012-04-17 19:43:56 | 000,035,968 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys [2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012-04-17 19:37:47 | 000,066,688 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_sata.sys [2012-04-17 19:37:47 | 000,033,408 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_xata.sys [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012-04-17 19:37:08 | 000,211,984 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys [2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012-04-17 19:36:37 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll [2012-04-17 19:36:37 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll [2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll [2012-04-17 19:36:36 | 018,388,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll [2012-04-17 19:36:36 | 008,396,800 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys [2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe [2012-04-17 19:36:36 | 000,247,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys [2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe [2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll [2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll [2012-04-17 19:36:36 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll [2012-04-17 19:36:36 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll [2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll [2012-04-17 19:36:36 | 000,013,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll [2012-04-17 19:36:35 | 008,247,296 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll [2012-04-17 19:36:35 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe [2012-04-17 19:36:35 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll [2012-04-17 19:36:35 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll [2012-04-17 19:36:35 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll [2012-04-17 19:26:01 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn0415.exe [2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD [2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2012-04-17 16:05:26 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI [2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012-04-17 16:00:48 | 004,256,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll [2012-04-17 16:00:48 | 004,056,064 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll [2012-04-17 16:00:48 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll [2012-04-17 16:00:48 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe [2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll [2012-04-17 16:00:48 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe [2012-04-17 16:00:48 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll [2012-04-17 16:00:48 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll [2012-04-17 16:00:47 | 004,198,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll [2012-04-17 16:00:47 | 000,726,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll [2012-04-17 16:00:47 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll [2012-04-17 16:00:47 | 000,266,240 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll [2012-04-17 16:00:47 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe [2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics [2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother [2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2012-04-17 15:27:49 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll [2012-04-17 15:27:49 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll [2012-04-17 15:27:48 | 002,285,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2012-04-17 15:27:48 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll [2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2012-04-17 15:27:48 | 000,178,624 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll [2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2012-04-17 15:27:48 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll [2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll [2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll [2012-04-17 15:27:47 | 003,378,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll [2012-04-17 15:27:47 | 001,892,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat [2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2012-04-17 15:27:47 | 001,329,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll [2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll [2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll [2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll [2012-04-17 15:27:47 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll [2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll [2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll [2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll [2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll [2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll [2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll [2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll [2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll [2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll [2012-04-17 15:27:44 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2012-04-17 15:27:44 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2012-04-17 15:27:43 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile [2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop [2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop [2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software [2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google [2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI [2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI [2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco [2012-04-17 11:47:09 | 001,057,896 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8192ce.sys [2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver [2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys [2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation [2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia [2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros [2012-04-17 11:42:19 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll [2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics [2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot [2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero [2012-04-16 23:31:19 | 003,144,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back [2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games [2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games [2012-04-16 22:02:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2012-04-16 22:02:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2012-04-16 22:02:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2012-04-16 22:02:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design [2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe [2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla [2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower [2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla [2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2012-04-16 21:12:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla [2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar [2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2012-04-16 21:02:32 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 21:02:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2012-04-16 21:02:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real [2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2012-04-16 21:01:25 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm [2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012-04-16 20:40:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2012-04-16 20:40:31 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia [2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry [2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy [2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange [2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector [2012-04-16 20:00:07 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll [2012-04-16 20:00:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll [2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom [2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities [2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts [2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-04-16 19:56:47 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll [2012-04-16 19:56:47 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe [2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe [2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe [2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs [2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games [2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-04-23 14:33:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-23 14:30:34 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-23 14:30:16 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-04-23 14:30:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-04-23 14:29:18 | 003,670,016 | -H-- | M] () -- C:\Users\Mateusz\NTUSER.DAT [2012-04-23 14:29:16 | 001,667,712 | -H-- | M] () -- C:\Users\Mateusz\AppData\Local\IconCache.db [2012-04-23 14:18:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-23 09:30:41 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-04-23 09:30:41 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-04-22 22:28:52 | 002,317,686 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2012-04-22 22:28:52 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-04-22 22:28:52 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat [2012-04-22 22:28:52 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-04-22 22:28:52 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-04-22 22:28:52 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat [2012-04-22 22:28:52 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat [2012-04-19 13:12:01 | 008,180,224 | RHS- | M] () -- C:\ProgramData\TunesHelper.exe [2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-18 19:33:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-18 19:33:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 20:30:58 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:52:55 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:52:55 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:41:30 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:41:30 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:27 | 000,262,144 | ---- | M] () -- C:\ProgramData\NTUser.dat [2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf [2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012-04-16 23:31:19 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer_.exe.Back.0.219815846169282 [2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:16:57 | 000,051,672 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT [2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 21:12:08 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:02:32 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 21:02:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2012-04-16 21:02:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI [2012-04-16 20:52:57 | 000,000,499 | ---- | M] () -- C:\Windows\win.ini [2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-04-16 20:05:21 | 000,524,288 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-04-16 20:05:21 | 000,065,536 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [2012-04-16 19:56:36 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll [2012-04-16 19:56:36 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe [2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe [2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe [2012-04-16 19:54:18 | 000,000,020 | -HS- | M] () -- C:\Users\Mateusz\ntuser.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-04-22 21:16:51 | 001,667,712 | -H-- | C] () -- C:\Users\Mateusz\AppData\Local\IconCache.db [2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat [2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2012-04-19 13:12:07 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe [2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF [2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap [2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml [2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb [2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012-04-17 12:52:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:52:53 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:52:53 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f71-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000002.regtrans-ms [2012-04-17 12:41:28 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TMContainer00000000000000000001.regtrans-ms [2012-04-17 12:41:27 | 000,262,144 | ---- | C] () -- C:\ProgramData\NTUser.dat [2012-04-17 12:41:27 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{f6ee4f64-886b-11e1-aaf1-6c626d360c74}.TM.blf [2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe [2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf [2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat [2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 20:11:28 | 000,051,672 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT [2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-04-16 19:54:18 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-04-16 19:54:18 | 000,000,020 | -HS- | C] () -- C:\Users\Mateusz\ntuser.ini [2012-04-16 19:54:17 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-04-16 19:54:17 | 000,065,536 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-04-16 19:54:09 | 003,670,016 | -H-- | C] () -- C:\Users\Mateusz\NTUSER.DAT [2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2010-06-21 13:39:23 | 002,317,686 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [color=#E56717]========== LOP Check ==========[/color] [2012-04-18 23:54:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2012-04-19 01:20:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit [2012-04-19 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2012-04-20 08:00:29 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2012-04-20 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet [2012-04-17 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GHISLER [2012-04-16 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ipla [2012-04-18 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\LolClient [2012-04-18 18:22:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MSI [2012-04-21 00:41:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera [2012-04-23 09:30:27 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Splashtop [2012-04-20 00:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive [2012-04-17 23:34:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird [2009-07-14 06:53:46 | 000,014,648 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >[/log]
Gość komentarz 23 kwietnia 2012 komentarz 23 kwietnia 2012 (edytowane) [quote]Raport z wykonania się nie pojawił. [/quote] Jest w katalogu [b]C:\OTL[/b] ale na razie zostaw. Uruchom [b]OTL[/b] i wklej skrypt: [code]:OTL FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found :Reg [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="about:blank" :Commands [emptytemp][/code] Klikasz w [b]Wykonaj skrypt[/b]. teraz log z usuwania będzie. Napisz konkretnie jaka strona startowa jest w przgladarce Firefox i czy uzywasz przegladarki Chrome?
Evander1991 komentarz 23 kwietnia 2012 Autor komentarz 23 kwietnia 2012 Strona startowa ciągle ustawia się na: http://www.qooqlle.com/ Chrome jest zainstalowane, ale sporadycznie używane. Głównie FF. [log]All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully. ========== REGISTRY ========== HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Mateusz ->Temp folder emptied: 18400372 bytes ->Temporary Internet Files folder emptied: 54608 bytes ->FireFox cache emptied: 64484815 bytes ->Google Chrome cache emptied: 0 bytes ->Opera cache emptied: 10405 bytes ->Flash cache emptied: 2351 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 119046867 bytes RecycleBin emptied: 1329601 bytes Total Files Cleaned = 194,00 mb OTL by OldTimer - Version 3.2.40.0 log created on 04232012_163923 Files\Folders moved on Reboot... Registry entries deleted on Reboot...[/log]
Gość komentarz 23 kwietnia 2012 komentarz 23 kwietnia 2012 (edytowane) Skopiuj skrypt do notatnika. Zamknij Firefoxa. Uruchom OTL i wklej skrypt :OTL FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/" O4 - HKLM..\Run: [Readar_sl] %APPDATA%\Readar_sl.exe File not found O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe () :Files C:\Program Files\v9Soft :Commands [emptyflash] [emptytemp] Po usuwaniu. Sprawdź w FF Narzedzia >Opcje >Ogólne jaka jest strona startowa. Wykasuj adres qooqlle jak bedzie i wpisz [b]www.google.pl[/b] Zamknij przegladarke i uruchom ponownie. Sprawdź czy są zmiany. Spróbuj jeszce raz pobrać [b]AdwCleaner[/b] i uruchom go w przy wyłaczonym [b]ESET[/b] daj log z opcji Search
Evander1991 komentarz 23 kwietnia 2012 Autor komentarz 23 kwietnia 2012 W FF jest teraz strona startowa FF(ta domowa). W Operze i Chrome dalej jest qooqlle. Zaraz ściągnę program i spróbuję przeskanować..[log]# AdwCleaner v1.604 - Logfile created 04/23/2012 at 17:31:52 # Updated 23/04/2012 by Xplode # Operating system : Windows 7 Ultimate (32 bits) # User : Mateusz - AUTO # Running from : C:\Users\Mateusz\Downloads\adwcleaner(1).exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** Key Found : HKCU\Software\Conduit Key Found : HKLM\SOFTWARE\Conduit ***** [Registre - GUID] ***** ***** [Internet Browsers] ***** -\\ Internet Explorer v8.0.7601.16562 [OK] Registry is clean. -\\ Mozilla Firefox v11.0 (pl) Profile name : default File : C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\kust2ajc.default\prefs.js [OK] File is clean. -\\ Google Chrome v18.0.1025.162 File : C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. -\\ Opera v11.62.1347.0 File : C:\Users\Mateusz\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] File is clean. ************************* AdwCleaner[R1].txt - [1025 octets] - [23/04/2012 17:31:52] ########## EOF - C:\AdwCleaner[R1].txt - [1153 octets] ##########[/log]
Gość komentarz 23 kwietnia 2012 komentarz 23 kwietnia 2012 [quote]W FF jest teraz strona startowa FF(ta domowa). [/quote] Jak logi pokazywały qooqle? To w końcu jak FF działa normalnie? Pokazuje sie [b]domyślna strona startowa Mozilli[/b]? Tak powinno być jak na obrazku http://imageshack.us/photo/my-images/404/47319540.jpg/ Do zmiany w Chrome trzeba przeprowadzić ręcznie w Opcjach http://img834.imageshack.us/img834/2607/googlez.png A ja sie tutaj poce. Uruchom AdwCleaner i kliknij Delete. Przestaw te strony w innych przegladarkach. Daj log z skanu OTL, jak wszystko zrobisz
Evander1991 komentarz 23 kwietnia 2012 Autor komentarz 23 kwietnia 2012 Pokazuje się tak: http://zapodaj.net/1403d3ad980f.png.html[log]OTL logfile created on: 2012-04-23 18:37:56 - Run 7 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Mateusz\Desktop\Programy Ultimate Edition (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.16562) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,49 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 65,85% Memory free 4,99 Gb Paging File | 4,07 Gb Available in Paging File | 81,53% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 58,57 Gb Total Space | 42,70 Gb Free Space | 72,91% Space Free | Partition Type: NTFS Drive D: | 407,19 Gb Total Space | 369,69 Gb Free Space | 90,79% Space Free | Partition Type: NTFS Computer Name: AUTO | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-04-21 09:22:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\Programy\OTL.exe PRC - [2012-04-20 18:17:12 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe PRC - [2012-04-19 09:12:24 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2012-04-16 21:02:25 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe PRC - [2012-01-03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2011-09-16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe PRC - [2011-07-28 17:35:54 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2010-06-04 09:51:06 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-06-04 09:50:20 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe PRC - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe PRC - [2009-10-14 18:44:40 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe PRC - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-04-19 09:12:23 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-04-18 19:24:16 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll MOD - [2011-07-28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011-07-28 17:42:54 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll MOD - [2010-04-14 03:31:20 | 005,246,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2010-04-14 03:31:20 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2010-04-14 03:31:20 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2010-04-14 03:31:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010-04-14 03:31:20 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2010-04-14 03:31:20 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2010-04-14 03:31:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2010-04-14 03:31:16 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll MOD - [2010-04-14 03:31:14 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll MOD - [2010-04-14 03:31:14 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll MOD - [2010-04-14 03:31:12 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll MOD - [2010-04-14 03:31:00 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll MOD - [2009-06-10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll MOD - [2009-06-10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll MOD - [2009-06-10 23:14:46 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll MOD - [2009-06-10 23:14:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll MOD - [2009-06-10 23:14:44 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-04-18 19:33:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-04-09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-01-03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger) SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2011-07-28 17:42:48 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2011-07-28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010-03-05 16:26:40 | 002,044,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2009-10-14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc) DRV - [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-10-25 09:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2011-10-25 09:57:14 | 000,073,984 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2011-10-06 09:23:50 | 001,057,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce) DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2011-08-04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2011-07-28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011-07-28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011-06-07 06:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2011-04-15 14:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata) DRV - [2011-04-15 14:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata) DRV - [2010-11-29 04:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2010-10-20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4) DRV - [2010-05-10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507) DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86) DRV - [2009-12-30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3) DRV - [2009-08-04 13:04:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake) DRV - [2009-08-04 13:04:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009-06-10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = Yandex IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\Google: "URL" = http://www.google.ru/search?hl=ru&q={searchTerms}\ IE - HKLM\..\SearchScopes\Wikipedia: "URL" = http://ru.wikipedia.org/wiki/{searchTerms}\ IE - HKLM\..\SearchScopes\Yahoo: "URL" = http://ru.search.yahoo.com/search?p={searchTerms}\ IE - HKLM\..\SearchScopes\Yandex: "URL" = http://www.yandex.ru/yandsearch?stype=&nl=0&text={searchTerms}\ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{C0DE4E59-C43E-46a5-B2A6-46952A6BF471}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\{F1CC8CB5-43EC-4142-AE01-80F4208696EB}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms} IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\SearchScopes\Yandex: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH IE - HKU\S-1-5-21-967404725-468176981-4131090368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Bilard\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mateusz\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-19 09:12:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-19 13:33:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-04-17 22:28:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 17:53:41 | 000,000,000 | ---D | M] [2012-04-16 21:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions [2012-04-20 21:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions [2012-04-19 13:23:52 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\kust2ajc.default\extensions\YouTubetoALL@ALLPlayer.org [2012-04-17 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-04-17 22:26:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} () (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KUST2AJC.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI [2012-04-19 09:12:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-12-20 11:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll [2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-04-19 09:12:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-04-19 09:12:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-04-19 09:12:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-04-19 09:12:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-04-19 09:12:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-04-19 09:12:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F CHR - default_search_provider: suggest_url = CHR - Extension: Skype Click to Call = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\ O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-967404725-468176981-4131090368-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-967404725-468176981-4131090368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm () O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.202.144.12 85.202.144.11 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1292A1F1-9F67-4786-A2DF-9668865DF9A2}: DhcpNameServer = 85.202.144.12 85.202.144.11 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-04-23 10:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2012-04-23 09:27:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2012-04-21 17:20:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Pliki [2012-04-21 09:11:23 | 000,000,000 | ---D | C] -- C:\_OTL [2012-04-21 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.ultramixer [2012-04-21 00:05:24 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012-04-20 19:32:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet [2012-04-20 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio [2012-04-20 18:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook [2012-04-20 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Facebook [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive [2012-04-20 00:35:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive [2012-04-20 00:35:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sports Interactive [2012-04-20 00:18:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My Games [2012-04-20 00:17:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2012-04-20 00:17:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2012-04-20 00:17:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2012-04-20 00:17:26 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2012-04-20 00:17:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2012-04-20 00:17:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2012-04-20 00:17:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2012-04-20 00:17:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2012-04-20 00:17:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2012-04-20 00:17:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2012-04-20 00:17:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2012-04-20 00:17:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2012-04-20 00:17:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2012-04-20 00:17:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2012-04-20 00:17:23 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2012-04-20 00:17:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2012-04-20 00:17:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2012-04-20 00:17:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2012-04-20 00:17:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2012-04-20 00:17:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2012-04-20 00:17:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2012-04-20 00:17:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2012-04-20 00:17:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2012-04-20 00:17:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2012-04-20 00:17:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2012-04-20 00:17:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2012-04-20 00:17:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2012-04-20 00:17:20 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2012-04-20 00:17:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2012-04-20 00:17:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2012-04-20 00:17:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2012-04-20 00:17:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2012-04-20 00:17:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2012-04-20 00:17:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2012-04-20 00:17:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2012-04-20 00:17:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2012-04-20 00:17:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2012-04-20 00:17:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2012-04-20 00:17:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2012-04-20 00:17:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2012-04-20 00:17:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2012-04-20 00:17:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2012-04-20 00:17:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2012-04-20 00:17:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2012-04-20 00:17:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2012-04-20 00:17:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2012-04-20 00:17:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2012-04-20 00:17:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2012-04-20 00:17:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2012-04-20 00:17:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2012-04-20 00:17:12 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2012-04-20 00:17:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2012-04-20 00:17:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2012-04-20 00:17:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2012-04-20 00:17:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2012-04-20 00:17:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2012-04-20 00:17:09 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2012-04-20 00:17:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2012-04-20 00:17:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2012-04-20 00:17:09 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2012-04-20 00:17:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2012-04-20 00:17:08 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2012-04-20 00:17:08 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2012-04-20 00:17:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2012-04-20 00:17:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2012-04-20 00:17:07 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2012-04-20 00:17:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2012-04-20 00:17:07 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2012-04-20 00:17:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2012-04-20 00:17:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2012-04-20 00:17:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2012-04-20 00:17:04 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2012-04-20 00:17:04 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2012-04-20 00:17:03 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2012-04-20 00:17:03 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2012-04-20 00:17:03 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2012-04-20 00:17:02 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2012-04-20 00:17:01 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2012-04-20 00:08:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2012-04-20 00:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft [2012-04-19 19:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012-04-19 17:13:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images [2012-04-19 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Chromium [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PokerStars.EU [2012-04-19 13:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU [2012-04-19 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.EU [2012-04-19 13:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2012-04-19 13:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO [2012-04-19 13:23:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLConverter [2012-04-19 13:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\NapiProjekt [2012-04-19 13:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\ALLConverter PRO [2012-04-19 13:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer [2012-04-19 13:22:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ALLPlayer [2012-04-19 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player [2012-04-19 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theorica Divx ;-) Codecs [2012-04-19 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Player Classic [2012-04-19 01:20:24 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit [2012-04-18 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp [2012-04-18 23:57:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2012-04-18 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2012-04-18 23:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Winamp [2012-04-18 23:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2012-04-18 23:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2012-04-18 23:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2012-04-18 23:54:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSpirit v3 [2012-04-18 23:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitSpirit [2012-04-18 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitSpirit [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012-04-18 23:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012-04-18 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\riotsGamesLogs [2012-04-18 19:51:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\LolClient [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Opera [2012-04-18 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Opera [2012-04-18 19:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2012-04-18 19:24:16 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-18 19:24:16 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-18 18:22:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\MSI [2012-04-18 18:17:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-04-18 18:15:52 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des [2012-04-18 18:14:34 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys [2012-04-18 18:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2012-04-18 17:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2012-04-18 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-04-17 23:58:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\DOSBox [2012-04-17 23:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74 [2012-04-17 23:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74 [2012-04-17 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\WapSter [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird [2012-04-17 23:34:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Thunderbird [2012-04-17 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012-04-17 22:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012-04-17 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Skype [2012-04-17 22:25:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-04-17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-04-17 22:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012-04-17 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander [2012-04-17 22:25:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\GHISLER [2012-04-17 22:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-04-17 22:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-04-17 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter [2012-04-17 22:02:03 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2012-04-17 22:02:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2012-04-17 22:02:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2012-04-17 22:02:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2012-04-17 22:02:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2012-04-17 21:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2012-04-17 20:36:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe [2012-04-17 20:09:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft Games [2012-04-17 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP [2012-04-17 19:43:56 | 000,035,968 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys [2012-04-17 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-04-17 19:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012-04-17 19:37:47 | 000,066,688 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_sata.sys [2012-04-17 19:37:47 | 000,033,408 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amd_xata.sys [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012-04-17 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012-04-17 19:37:08 | 000,211,984 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys [2012-04-17 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012-04-17 19:36:37 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll [2012-04-17 19:36:37 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll [2012-04-17 19:36:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll [2012-04-17 19:36:36 | 018,388,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll [2012-04-17 19:36:36 | 008,396,800 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys [2012-04-17 19:36:36 | 000,401,408 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe [2012-04-17 19:36:36 | 000,247,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys [2012-04-17 19:36:36 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe [2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll [2012-04-17 19:36:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll [2012-04-17 19:36:36 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll [2012-04-17 19:36:36 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll [2012-04-17 19:36:36 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll [2012-04-17 19:36:36 | 000,013,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll [2012-04-17 19:36:35 | 008,247,296 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll [2012-04-17 19:36:35 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe [2012-04-17 19:36:35 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll [2012-04-17 19:36:35 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll [2012-04-17 19:36:35 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll [2012-04-17 19:26:01 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn0415.exe [2012-04-17 16:31:48 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2012-04-17 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD [2012-04-17 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2012-04-17 16:05:26 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ATI [2012-04-17 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ATI [2012-04-17 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012-04-17 16:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012-04-17 16:00:48 | 004,256,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll [2012-04-17 16:00:48 | 004,056,064 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll [2012-04-17 16:00:48 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll [2012-04-17 16:00:48 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe [2012-04-17 16:00:48 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll [2012-04-17 16:00:48 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe [2012-04-17 16:00:48 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll [2012-04-17 16:00:48 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll [2012-04-17 16:00:47 | 004,198,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll [2012-04-17 16:00:47 | 000,726,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll [2012-04-17 16:00:47 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll [2012-04-17 16:00:47 | 000,266,240 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll [2012-04-17 16:00:47 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe [2012-04-17 15:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2012-04-17 15:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics [2012-04-17 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2012-04-17 15:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother [2012-04-17 15:28:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2012-04-17 15:27:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2012-04-17 15:27:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2012-04-17 15:27:49 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll [2012-04-17 15:27:49 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll [2012-04-17 15:27:48 | 002,285,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2012-04-17 15:27:48 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2012-04-17 15:27:48 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2012-04-17 15:27:48 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll [2012-04-17 15:27:48 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2012-04-17 15:27:48 | 000,178,624 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll [2012-04-17 15:27:48 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2012-04-17 15:27:48 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2012-04-17 15:27:48 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll [2012-04-17 15:27:48 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll [2012-04-17 15:27:48 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll [2012-04-17 15:27:47 | 003,378,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2012-04-17 15:27:47 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2012-04-17 15:27:47 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll [2012-04-17 15:27:47 | 001,892,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat [2012-04-17 15:27:47 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2012-04-17 15:27:47 | 001,329,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2012-04-17 15:27:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2012-04-17 15:27:47 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2012-04-17 15:27:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2012-04-17 15:27:47 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll [2012-04-17 15:27:47 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll [2012-04-17 15:27:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2012-04-17 15:27:47 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll [2012-04-17 15:27:47 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll [2012-04-17 15:27:47 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2012-04-17 15:27:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2012-04-17 15:27:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2012-04-17 15:27:47 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll [2012-04-17 15:27:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll [2012-04-17 15:27:46 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2012-04-17 15:27:46 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2012-04-17 15:27:45 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2012-04-17 15:27:45 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [2012-04-17 15:27:45 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [2012-04-17 15:27:45 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll [2012-04-17 15:27:45 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [2012-04-17 15:27:45 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll [2012-04-17 15:27:45 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [2012-04-17 15:27:45 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll [2012-04-17 15:27:45 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll [2012-04-17 15:27:45 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll [2012-04-17 15:27:45 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [2012-04-17 15:27:45 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll [2012-04-17 15:27:45 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll [2012-04-17 15:27:45 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll [2012-04-17 15:27:45 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll [2012-04-17 15:27:44 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2012-04-17 15:27:44 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2012-04-17 15:27:43 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2012-04-17 15:27:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012-04-17 15:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012-04-17 15:26:45 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile [2012-04-17 15:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec [2012-04-17 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2012-04-17 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Splashtop [2012-04-17 12:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop [2012-04-17 12:23:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Sunbelt Software [2012-04-17 12:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2012-04-17 12:21:54 | 000,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 12:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-04-17 12:07:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Google [2012-04-17 12:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2012-04-17 12:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2012-04-17 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI [2012-04-17 11:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSI [2012-04-17 11:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco [2012-04-17 11:47:09 | 001,057,896 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8192ce.sys [2012-04-17 11:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver [2012-04-17 11:45:30 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys [2012-04-17 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros WiFi Driver Installation [2012-04-17 11:45:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Macromedia [2012-04-17 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros [2012-04-17 11:42:19 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll [2012-04-17 11:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-04-17 11:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ElevatedDiagnostics [2012-04-17 02:13:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012-04-17 02:12:28 | 000,000,000 | -HSD | C] -- C:\Boot [2012-04-17 01:20:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012-04-16 23:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero [2012-04-16 23:31:19 | 003,144,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.Back [2012-04-16 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft Games [2012-04-16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2012-04-16 22:02:36 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012-04-16 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games [2012-04-16 22:02:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2012-04-16 22:02:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2012-04-16 22:02:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2012-04-16 22:02:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2012-04-16 22:02:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2012-04-16 21:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design [2012-04-16 21:16:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Adobe [2012-04-16 21:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\ipla [2012-04-16 21:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla [2012-04-16 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Ice Tower [2012-04-16 21:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla [2012-04-16 21:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2012-04-16 21:12:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla [2012-04-16 21:10:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Mozilla [2012-04-16 21:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar [2012-04-16 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012-04-16 21:07:58 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2012-04-16 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012-04-16 21:03:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-16 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2012-04-16 21:02:32 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2012-04-16 21:02:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 21:02:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2012-04-16 21:02:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2012-04-16 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2012-04-16 21:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2012-04-16 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Real [2012-04-16 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2012-04-16 21:01:25 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm [2012-04-16 21:01:24 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2012-04-16 21:01:24 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2012-04-16 21:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012-04-16 20:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-04-16 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-04-16 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012-04-16 20:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012-04-16 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2012-04-16 20:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012-04-16 20:40:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2012-04-16 20:40:31 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2012-04-16 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Uczelnia [2012-04-16 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Gry [2012-04-16 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Programy [2012-04-16 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange [2012-04-16 20:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector [2012-04-16 20:00:07 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll [2012-04-16 20:00:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll [2012-04-16 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom [2012-04-16 19:59:58 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2012-04-16 19:59:55 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Searches [2012-04-16 19:57:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-04-16 19:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Identities [2012-04-16 19:56:56 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Contacts [2012-04-16 19:56:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-04-16 19:56:47 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll [2012-04-16 19:56:47 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe [2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe [2012-04-16 19:56:47 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe [2012-04-16 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Ustawienia lokalne [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Temporary Internet Files [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Szablony [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\SendTo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Recent [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\PrintHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\NetHood [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje wideo [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moje obrazy [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Moje dokumenty [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Documents\Moja muzyka [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Menu Start [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Historia [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\AppData\Local\Dane aplikacji [2012-04-16 19:54:18 | 000,000,000 | -HSD | C] -- C:\Users\Mateusz\Cookies [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Temp [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Microsoft [2012-04-16 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Media Center Programs [2012-04-16 19:54:14 | 000,000,000 | --SD | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Pictures [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Music [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Links [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Favorites [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Downloads [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Documents [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Desktop [2012-04-16 19:54:14 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-04-16 19:54:14 | 000,000,000 | -H-D | C] -- C:\Users\Mateusz\AppData [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Videos [2012-04-16 19:54:10 | 000,000,000 | R--D | C] -- C:\Users\Mateusz\Saved Games [2012-04-16 19:52:53 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2012-04-16 19:51:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2012-04-16 19:51:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-04-23 18:42:09 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-04-23 18:42:09 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-04-23 18:35:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-23 18:34:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-04-23 18:33:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-23 18:18:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-23 17:41:36 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-04-23 17:41:36 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat [2012-04-23 17:41:36 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-04-23 17:41:36 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-04-23 17:41:36 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat [2012-04-23 17:41:36 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-04-23 17:37:33 | 000,000,050 | ---- | M] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-21 00:41:22 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-20 00:30:03 | 000,000,572 | ---- | M] () -- C:\Windows\eReg.dat [2012-04-19 00:29:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-19 00:29:01 | 000,002,210 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-18 19:33:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-18 19:33:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-18 18:17:06 | 283,710,259 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 16:22:02 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012-04-17 12:21:52 | 000,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2012-04-17 11:30:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:33 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-04-17 01:37:26 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf [2012-04-17 01:35:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-16 23:31:45 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012-04-16 23:31:19 | 003,144,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer_.exe.Back.0.219815846169282 [2012-04-16 22:20:20 | 000,000,650 | ---- | M] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | M] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:16:17 | 000,246,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 21:12:08 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-04-16 21:07:58 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012-04-16 21:02:32 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2012-04-16 21:02:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2012-04-16 21:02:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2012-04-16 21:02:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2012-04-16 20:55:32 | 000,002,717 | ---- | M] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI [2012-04-16 20:24:24 | 000,000,807 | ---- | M] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 19:59:10 | 000,000,363 | ---- | M] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [2012-04-16 19:56:36 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll [2012-04-16 19:56:36 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe [2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe [2012-04-16 19:56:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-04-21 00:41:22 | 000,001,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012-04-21 00:41:22 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2012-04-19 19:21:46 | 000,000,572 | ---- | C] () -- C:\Windows\eReg.dat [2012-04-19 13:23:07 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2012-04-18 19:24:17 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-18 18:17:06 | 283,710,259 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012-04-18 18:14:33 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012-04-17 23:55:56 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012-04-17 22:28:40 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012-04-17 22:28:40 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF [2012-04-17 22:25:53 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF [2012-04-17 19:37:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012-04-17 19:36:37 | 001,150,656 | ---- | C] () -- C:\Windows\System32\atiumdva.cap [2012-04-17 19:36:36 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2012-04-17 19:36:36 | 000,034,823 | ---- | C] () -- C:\Windows\atiogl.xml [2012-04-17 19:36:35 | 000,185,088 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb [2012-04-17 19:34:34 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2012-04-17 16:32:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-17 16:22:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-04-17 16:00:48 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2012-04-17 15:27:47 | 000,177,052 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012-04-17 12:09:01 | 000,002,210 | ---- | C] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-17 12:07:44 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-17 12:07:42 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-17 11:47:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe [2012-04-17 11:45:30 | 000,461,474 | ---- | C] () -- C:\Windows\System32\netathr.inf [2012-04-17 11:45:30 | 000,070,749 | ---- | C] () -- C:\Windows\System32\athrext.cat [2012-04-17 11:30:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-17 02:12:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012-04-17 02:12:28 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2012-04-17 01:35:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-17 01:15:57 | 000,246,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012-04-16 22:20:20 | 000,000,650 | ---- | C] () -- C:\Users\Mateusz\Desktop\Muzyka.lnk [2012-04-16 22:16:22 | 000,000,641 | ---- | C] () -- C:\Users\Mateusz\Desktop\Filmy.lnk [2012-04-16 21:10:47 | 000,000,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [2012-04-16 21:01:26 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012-04-16 21:01:25 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2012-04-16 21:01:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2012-04-16 21:00:22 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-04-16 21:00:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-16 20:55:32 | 000,002,717 | ---- | C] () -- C:\Users\Mateusz\Desktop\Word 2003.lnk [2012-04-16 20:53:20 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2012-04-16 20:24:24 | 000,000,807 | ---- | C] () -- C:\Users\Mateusz\Desktop\Orange Free.lnk [2012-04-16 19:59:10 | 000,000,363 | ---- | C] () -- C:\Users\Mateusz\Desktop\Komputer.lnk [2012-04-16 19:57:16 | 000,001,430 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2010-08-03 00:05:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2010-08-03 00:05:13 | 000,687,828 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2010-08-03 00:05:13 | 000,131,382 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2010-08-03 00:05:13 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2010-06-25 08:44:03 | 000,080,384 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [color=#E56717]========== LOP Check ==========[/color] [2012-04-18 23:54:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BESTplayer [2012-04-19 01:20:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BitSpirit [2012-04-19 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2012-04-20 08:00:29 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\foobar2000 [2012-04-20 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GanymedeNet [2012-04-17 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GHISLER [2012-04-16 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ipla [2012-04-18 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\LolClient [2012-04-18 18:22:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\MSI [2012-04-21 00:41:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera [2012-04-23 09:30:27 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Splashtop [2012-04-20 00:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sports Interactive [2012-04-17 23:34:49 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird [2009-07-14 06:53:46 | 000,015,704 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >[/log] Wszystko działa poprawnie z tego co widzę chyba.
Gość komentarz 23 kwietnia 2012 komentarz 23 kwietnia 2012 Nie wiem jak ty do tej pory wykonywałeś skrypty. W logu jest wszystko OK. [b]1.[/b] Uruchom OTL i kliknij opcję [b]Sprzatanie[/b]. To usunie program i kwarantannę. [b]2. [/b]Wyczyść foldery [b]Przywracania systemu - instrukcja[/b] http://www.fixitpc.pl/topic/5-dezynfekcja-kroki-finalizujace-temat/page__p__42415#entry42415 [b]3.[/b] Zaktualizuj system. Brak [b]Service pack 1 dla Windows7[/b] http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=c3202ce6-4056-4059-8a1b-3a9b77cdfdda
Evander1991 komentarz 23 kwietnia 2012 Autor komentarz 23 kwietnia 2012 Okey zaraz wszystko zrobię. Dzięki
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.