OTL logfile created on: 2012-03-26 17:59:26 - Run 3
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\Krzysiek\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,98 Gb Total Physical Memory | 2,10 Gb Available Physical Memory | 52,72% Memory free
7,95 Gb Paging File | 5,56 Gb Available in Paging File | 69,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 46,78 Gb Free Space | 47,95% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 44,63 Gb Free Space | 19,17% Space Free | Partition Type: NTFS
Drive E: | 232,89 Gb Total Space | 79,83 Gb Free Space | 34,28% Space Free | Partition Type: NTFS
Drive F: | 232,89 Gb Total Space | 48,25 Gb Free Space | 20,72% Space Free | Partition Type: NTFS
Drive G: | 232,84 Gb Total Space | 1,01 Gb Free Space | 0,43% Space Free | Partition Type: NTFS
Drive H: | 135,23 Gb Total Space | 135,07 Gb Free Space | 99,88% Space Free | Partition Type: NTFS
Drive I: | 7,21 Gb Total Space | 7,21 Gb Free Space | 99,98% Space Free | Partition Type: FAT32
 
Computer Name: KD | User Name: Krzysiek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-03-26 17:06:30 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Krzysiek\Downloads\OTL.exe
PRC - [2012-03-26 08:16:00 | 011,498,968 | ---- | M] (Blizzard Entertainment) -- D:\Gry\World of Warcraft\Launcher.exe
PRC - [2012-03-21 12:33:52 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012-03-20 20:01:05 | 003,242,080 | ---- | M] (GG Network S.A.) -- C:\Users\Krzysiek\AppData\Local\GG\Application\gghub.exe
PRC - [2012-03-20 20:01:05 | 000,047,712 | ---- | M] (GG Network S.A.) -- C:\Users\Krzysiek\AppData\Local\GG\Application\ggapp.exe
PRC - [2012-03-17 03:49:51 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-03-13 16:17:50 | 000,189,924 | ---- | M] (Hyperdesktop) -- C:\Users\Krzysiek\AppData\Roaming\Hyperdesktop\hyperdesktop.exe
PRC - [2012-03-11 20:51:55 | 001,242,448 | ---- | M] (Valve Corporation) -- E:\Steam\Steam.exe
PRC - [2012-02-29 21:21:20 | 003,537,304 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\Xfire.exe
PRC - [2012-02-28 18:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012-02-22 04:31:31 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-01-13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-01-13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-01-06 01:13:52 | 000,336,176 | ---- | M] (Ariolic Software, Ltd. (http://www.ariolic.com)) -- C:\Program Files (x86)\ActiveSMART 2.9\ActiveSMART.exe
PRC - [2011-01-06 01:07:54 | 000,602,416 | ---- | M] (Ariolic Software, Ltd. (http://www.ariolic.com)) -- C:\Program Files (x86)\ActiveSMART 2.9\ASmartService.exe
PRC - [2010-11-17 03:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010-11-06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010-11-06 00:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-03-22 10:33:38 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\bc264c7dba2096c2c88080090bf42600\IAStorUtil.ni.dll
MOD - [2012-03-21 17:38:08 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll
MOD - [2012-03-21 17:38:03 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012-03-21 17:37:47 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012-03-21 17:37:43 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012-03-21 17:37:35 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012-03-21 17:37:32 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012-03-21 17:37:30 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012-03-21 17:37:29 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012-03-21 12:33:52 | 020,297,512 | ---- | M] () -- E:\Steam\bin\libcef.dll
MOD - [2012-03-21 12:33:52 | 001,099,576 | ---- | M] () -- E:\Steam\bin\avcodec-53.dll
MOD - [2012-03-21 12:33:52 | 000,907,048 | ---- | M] () -- E:\Steam\bin\chromehtml.dll
MOD - [2012-03-21 12:33:52 | 000,190,776 | ---- | M] () -- E:\Steam\bin\avformat-53.dll
MOD - [2012-03-21 12:33:52 | 000,123,192 | ---- | M] () -- E:\Steam\bin\avutil-51.dll
MOD - [2012-03-20 20:01:12 | 008,526,720 | ---- | M] () -- C:\Users\Krzysiek\AppData\Local\GG\Application\FMSBWChecker\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
MOD - [2012-03-20 20:01:06 | 001,900,544 | ---- | M] () -- C:\Users\Krzysiek\AppData\Local\GG\Application\xulrunner\mozjs.dll
MOD - [2012-03-17 03:49:51 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012-02-22 13:10:11 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012-02-13 23:51:01 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6aef03034d33721bfbd588d9d7fffe60\IAStorCommon.ni.dll
MOD - [2012-02-13 20:54:32 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2012-02-09 21:05:16 | 000,360,768 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011-04-12 15:21:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010-11-13 04:03:49 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010-03-24 22:17:36 | 008,794,464 | ---- | M] () -- C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll
MOD - [2010-01-30 03:41:12 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011-11-18 23:05:10 | 000,087,040 | ---- | M] (Highresolution Enterprises) [Auto | Running] -- C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe -- (XMouseButton Launcher)
SRV:[b]64bit:[/b] - [2010-08-12 16:00:20 | 000,133,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2007-11-07 10:11:22 | 004,466,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2012-03-21 12:33:52 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-02-28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-02-22 04:31:31 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-02-21 00:26:32 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- D:\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012-02-20 02:11:09 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-01-31 16:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-01-13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-11-24 01:22:00 | 003,976,584 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011-01-06 01:07:54 | 000,602,416 | ---- | M] (Ariolic Software, Ltd. (http://www.ariolic.com)) [Auto | Running] -- C:\Program Files (x86)\ActiveSMART 2.9\ASmartService.exe -- (ActiveSMART Service)
SRV - [2010-11-06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010-10-27 17:18:52 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2011-12-10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2011-09-21 11:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:[b]64bit:[/b] - [2010-12-10 07:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:[b]64bit:[/b] - [2010-12-10 07:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:[b]64bit:[/b] - [2010-11-22 09:09:06 | 000,303,408 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:[b]64bit:[/b] - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010-10-27 16:50:28 | 000,301,680 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2010-10-27 16:50:28 | 000,279,152 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2010-10-27 16:50:28 | 000,203,624 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2010-10-27 16:50:28 | 000,156,520 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2010-10-27 16:50:28 | 000,058,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2010-10-27 16:50:28 | 000,055,336 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:[b]64bit:[/b] - [2010-10-27 16:50:28 | 000,038,248 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2010-10-27 16:50:28 | 000,031,080 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2010-09-21 08:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R)
DRV:[b]64bit:[/b] - [2010-08-10 11:29:16 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006-07-23 16:28:52 | 000,064,880 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\system32.sys -- (hid8101)
DRV - [2004-12-30 14:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2094333606-2318020045-2047369532-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2094333606-2318020045-2047369532-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2094333606-2318020045-2047369532-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Krzysiek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-03-17 03:49:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012-02-13 20:38:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Krzysiek\AppData\Roaming\mozilla\Extensions
[2012-03-25 17:15:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Krzysiek\AppData\Roaming\mozilla\Firefox\Profiles\hb2xg4a6.default\extensions
[2012-02-13 20:57:45 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Krzysiek\AppData\Roaming\mozilla\Firefox\Profiles\hb2xg4a6.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012-03-02 02:08:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Krzysiek\AppData\Roaming\mozilla\Firefox\Profiles\hb2xg4a6.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012-02-13 20:57:45 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Krzysiek\AppData\Roaming\mozilla\Firefox\Profiles\hb2xg4a6.default\extensions\IplextoALL@ALLPlayer.org
[2012-03-09 09:14:40 | 000,000,000 | ---D | M] (Better Battlelog (BBLog)) -- C:\Users\Krzysiek\AppData\Roaming\mozilla\Firefox\Profiles\hb2xg4a6.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack
[2012-02-13 20:57:45 | 000,000,000 | ---D | M] ("Reddit Enhancement Suite") -- C:\Users\Krzysiek\AppData\Roaming\mozilla\Firefox\Profiles\hb2xg4a6.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack
[2012-03-17 03:49:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-03-17 03:49:51 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-01-29 16:18:04 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-01-29 16:18:04 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-01-29 16:18:04 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-01-29 16:18:04 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-01-29 16:18:04 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-01-29 16:18:04 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2012-03-14 16:07:14 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKU\S-1-5-21-2094333606-2318020045-2047369532-1000..\Run: [Hyperdesktop] C:\Users\Krzysiek\AppData\Roaming\Hyperdesktop\hyperdesktop.exe (Hyperdesktop)
O4 - HKU\S-1-5-21-2094333606-2318020045-2047369532-1000..\Run: [Steam] E:\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2094333606-2318020045-2047369532-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2094333606-2318020045-2047369532-1002..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2094333606-2318020045-2047369532-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2094333606-2318020045-2047369532-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2094333606-2318020045-2047369532-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41CB7C0E-32C8-446D-A8E9-FC4B83D8EA53}: DhcpNameServer = 192.168.1.100
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-03-26 18:37:51 | 000,000,000 | ---D | C] -- C:\FRST
[2012-03-26 17:46:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-03-26 17:44:11 | 000,000,000 | R--D | C] -- C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012-03-26 17:10:33 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\Desktop\logi
[2012-03-26 15:43:10 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-03-26 15:33:07 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Roaming\Malwarebytes
[2012-03-26 15:33:03 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-03-26 15:33:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-03-26 15:33:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-03-26 15:33:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-03-26 15:29:19 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012-03-26 08:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012-03-25 21:47:18 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\riotsGamesLogs
[2012-03-25 21:47:05 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Roaming\LolClient
[2012-03-23 15:34:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cypron Studios
[2012-03-23 15:33:52 | 000,303,616 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2012-03-23 13:28:59 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\Desktop\marbledrop
[2012-03-23 11:46:30 | 003,976,584 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2012-03-23 11:45:46 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2012-03-23 11:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2012-03-23 10:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArchlordX
[2012-03-23 10:53:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Archlord Online
[2012-03-23 09:39:36 | 000,230,920 | ---- | C] (WEBZEN, INC.) -- C:\Windows\SysWow64\EPWZCmnCtrl.dll
[2012-03-23 09:39:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WEBZEN
[2012-03-23 09:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBZEN
[2012-03-22 22:17:25 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Roaming\Dev-Cpp
[2012-03-22 22:17:24 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
[2012-03-22 22:17:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
[2012-03-22 22:17:18 | 000,000,000 | ---D | C] -- C:\Dev-Cpp
[2012-03-22 19:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
[2012-03-22 19:08:34 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\STALKER-STCS
[2012-03-21 18:12:23 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\Documents\Diablo III
[2012-03-21 18:12:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012-03-21 17:32:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012-03-21 17:32:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012-03-21 17:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Beta
[2012-03-21 17:23:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012-03-21 17:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012-03-21 17:01:17 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012-03-21 17:01:17 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-03-21 17:01:17 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-03-21 17:01:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-03-21 17:01:17 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-03-21 17:01:17 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-03-21 17:01:16 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012-03-21 17:01:16 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-03-21 17:01:16 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-03-21 17:01:15 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-03-21 17:01:15 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-03-21 16:59:29 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012-03-21 16:59:29 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012-03-21 16:59:29 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012-03-21 16:59:28 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012-03-21 16:59:25 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012-03-21 16:59:25 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012-03-21 16:59:25 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012-03-15 11:38:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v6.0A
[2012-03-15 11:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2012-03-15 11:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\Business Objects
[2012-03-15 11:37:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Business Objects
[2012-03-15 11:37:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\js
[2012-03-15 11:37:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\images
[2012-03-15 11:37:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\html
[2012-03-15 11:37:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\css
[2012-03-15 11:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2012-03-15 11:35:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2012-03-15 11:35:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2012-03-15 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Device Emulator
[2012-03-15 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Device Emulator
[2012-03-15 11:34:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Mobile 5.0 SDK R2
[2012-03-15 11:31:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2008
[2012-03-15 11:31:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PreEmptive Solutions
[2012-03-15 11:30:16 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2012-03-15 11:30:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2012-03-15 11:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2012-03-15 11:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2012-03-15 11:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTML Help Workshop
[2012-03-15 11:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CE Remote Tools
[2012-03-15 11:28:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Web Designer Tools
[2012-03-15 11:11:33 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\Documents\Visual Studio 2008
[2012-03-15 11:11:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2012-03-15 11:11:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1033
[2012-03-14 17:28:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-03-14 16:08:21 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-03-13 16:17:45 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Roaming\Hyperdesktop
[2012-03-11 21:27:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012-03-11 21:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012-03-11 21:26:26 | 006,074,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012-03-11 21:26:26 | 003,089,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012-03-11 21:26:26 | 002,561,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012-03-11 21:26:26 | 000,118,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012-03-11 21:26:26 | 000,063,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012-03-11 21:25:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012-03-11 21:24:54 | 025,541,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012-03-11 21:24:54 | 025,222,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012-03-11 21:24:54 | 019,443,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012-03-11 21:24:54 | 017,642,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012-03-11 21:24:54 | 017,543,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012-03-11 21:24:54 | 015,009,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012-03-11 21:24:54 | 009,717,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012-03-11 21:24:54 | 008,008,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012-03-11 21:24:54 | 007,713,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012-03-11 21:24:54 | 005,892,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012-03-11 21:24:54 | 002,872,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012-03-11 21:24:54 | 002,672,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012-03-11 21:24:54 | 002,660,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012-03-11 21:24:54 | 002,517,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012-03-11 21:24:54 | 002,437,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012-03-11 21:24:54 | 002,301,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012-03-11 21:24:54 | 001,737,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012-03-11 21:24:54 | 001,466,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012-03-11 21:24:54 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012-03-11 21:24:54 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012-03-11 20:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012-03-08 17:44:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012-03-08 00:24:49 | 000,000,000 | ---D | C] -- C:\Downloads
[2012-03-07 23:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
[2012-03-07 22:03:51 | 000,012,880 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\affhdd.sys
[2012-03-07 22:03:51 | 000,011,472 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\affhdd.sys
[2012-03-07 22:03:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Unlock Wizard
[2012-03-07 22:03:51 | 000,000,000 | ---D | C] -- C:\Program Files\HDD Unlock Wizard
[2012-03-07 20:18:22 | 000,000,000 | ---D | C] -- C:\DOS
[2012-03-07 19:59:26 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2012-03-07 19:59:26 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Local\Apps
[2012-03-07 19:52:03 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\Desktop\A bootable USB
[2012-03-07 19:33:42 | 000,000,000 | ---D | C] -- C:\HoN mods
[2012-03-07 19:21:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\ActiveSMART
[2012-03-07 19:21:44 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ActiveSMART 2.9
[2012-03-07 19:21:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ActiveSMART 2.9
[2012-03-07 18:19:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012-03-07 18:19:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012-03-07 18:19:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012-03-07 18:15:51 | 000,000,000 | ---D | C] -- C:\ComboFix_www.INSTALKI.pl_
[2012-03-06 01:49:27 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Roaming\mIRC
[2012-03-06 01:49:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC
[2012-03-03 00:31:27 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\Documents\Electronic Arts
[2012-03-02 23:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2012-03-02 20:32:05 | 000,081,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wyphal.dll
[2012-03-02 20:32:05 | 000,064,880 | ---- | C] (Compuware Corporation) -- C:\Windows\SysWow64\drivers\system32.sys
[2012-03-02 20:32:05 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devcon.exe
[2012-03-02 20:32:05 | 000,000,000 | ---D | C] -- C:\Windows\USB Vibration
[2012-03-02 20:31:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\USB Vibration
[2012-03-02 19:49:23 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Local\Wings of Prey
[2012-03-02 19:47:47 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Local\WOP
[2012-03-02 19:47:47 | 000,000,000 | ---D | C] -- C:\ProgramData\WOP
[2012-03-02 19:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gaijin
[2012-03-02 14:47:25 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\Documents\Agot
[2012-03-01 00:44:08 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Local\Diagnostics
[2012-02-29 23:11:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2012-02-29 18:24:11 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Roaming\GG
[2012-02-29 18:24:10 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG
[2012-02-29 18:24:10 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Local\GG
[2012-02-29 16:30:52 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2012-02-29 16:30:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012-02-29 16:30:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012-02-28 18:04:10 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012-02-28 18:04:10 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012-02-28 18:04:10 | 000,122,904 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012-02-28 18:04:10 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012-02-28 18:04:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2012-02-28 18:02:34 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\Desktop\Nowy folder
[2012-02-27 18:20:19 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\Documents\BFBC2
[2012-02-26 22:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012-02-26 22:00:35 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Local\Adobe
[2012-02-26 22:00:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012-02-26 22:00:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012-02-26 21:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-02-26 21:40:58 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2012-02-26 21:40:57 | 000,000,000 | ---D | C] -- C:\Users\Krzysiek\AppData\Roaming\IrfanView
[2012-02-26 21:40:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2012-02-26 21:27:53 | 005,223,936 | ---- | C] (BioWare) -- C:\Users\Krzysiek\Desktop\MassEffect.exe
[2012-02-26 20:05:14 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2012-02-26 20:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012-02-26 20:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-03-26 17:51:38 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-03-26 17:51:38 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-03-26 17:50:04 | 001,654,830 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-03-26 17:50:04 | 000,734,298 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-03-26 17:50:04 | 000,653,700 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-03-26 17:50:04 | 000,148,818 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-03-26 17:50:04 | 000,121,012 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-03-26 17:44:00 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2012-03-26 17:43:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-03-26 17:43:31 | 3202,998,272 | -HS- | M] () -- C:\hiberfil.sys
[2012-03-26 15:58:48 | 282,159,152 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-03-26 15:33:03 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-03-26 08:23:24 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-03-26 08:17:02 | 000,000,697 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012-03-25 18:12:25 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-03-25 18:12:25 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-03-25 18:12:08 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-03-23 10:55:41 | 000,000,114 | ---- | M] () -- C:\Users\Public\Desktop\ArchlordX.url
[2012-03-23 10:53:47 | 000,000,112 | ---- | M] () -- C:\Users\Public\Desktop\Archlord.url
[2012-03-22 23:37:10 | 000,002,004 | -H-- | M] () -- C:\Users\Krzysiek\Documents\Default.rdp
[2012-03-21 17:34:27 | 000,419,208 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-03-21 17:24:04 | 000,000,896 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III Beta.lnk
[2012-03-20 21:55:35 | 000,035,547 | ---- | M] () -- C:\Users\Krzysiek\Documents\logo zielone.jpg
[2012-03-15 11:37:38 | 000,000,172 | ---- | M] () -- C:\Windows\ODBC.INI
[2012-03-15 11:37:03 | 001,548,506 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-03-14 16:07:14 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012-03-14 14:01:27 | 000,000,051 | ---- | M] () -- C:\Users\Krzysiek\Desktop\Security Shield Support.url
[2012-03-14 14:01:27 | 000,000,048 | ---- | M] () -- C:\Users\Krzysiek\AppData\Local\KD.cfg
[2012-03-13 16:17:45 | 000,000,882 | ---- | M] () -- C:\Users\Krzysiek\Desktop\Hyperdesktop.lnk
[2012-03-11 20:57:23 | 000,001,649 | ---- | M] () -- C:\Users\Krzysiek\Desktop\Heroes of Newerth.lnk
[2012-03-11 20:51:32 | 000,000,538 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012-03-07 23:19:49 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
[2012-03-07 22:03:51 | 000,000,880 | ---- | M] () -- C:\Users\Krzysiek\Desktop\HDD Unlock Wizard.lnk
[2012-03-07 19:59:26 | 000,002,499 | ---- | M] () -- C:\Users\Krzysiek\Desktop\Windows 7 USB DVD Download Tool.lnk
[2012-03-07 19:50:23 | 000,000,661 | ---- | M] () -- C:\Users\Krzysiek\Desktop\A bootable USB.lnk
[2012-03-07 19:21:44 | 000,001,077 | ---- | M] () -- C:\Users\Krzysiek\Desktop\ActiveSMART.lnk
[2012-03-02 19:47:36 | 000,000,862 | ---- | M] () -- C:\Users\Public\Desktop\Wings of Prey.lnk
[2012-03-01 18:53:39 | 001,645,186 | ---- | M] () -- C:\Users\Krzysiek\Documents\2012-03-01.jpg
[2012-03-01 18:48:49 | 000,037,159 | ---- | M] () -- C:\Users\Krzysiek\Documents\asd.jpg
[2012-02-29 23:11:49 | 000,000,631 | ---- | M] () -- C:\Users\Public\Desktop\Dark Crusade.lnk
[2012-02-29 21:49:16 | 000,256,172 | ---- | M] () -- C:\Users\Krzysiek\Documents\Game.jpg
[2012-02-29 21:40:00 | 000,307,708 | ---- | M] () -- C:\Users\Krzysiek\Documents\Men.jpg
[2012-02-29 21:21:24 | 000,042,392 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2012-02-29 21:21:24 | 000,028,056 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2012-02-29 18:24:10 | 000,001,112 | ---- | M] () -- C:\Users\Krzysiek\Desktop\GG.lnk
[2012-02-28 18:04:10 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012-02-28 18:04:10 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012-02-28 18:04:10 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012-02-28 18:04:10 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012-02-26 22:00:10 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012-02-26 21:40:58 | 000,001,894 | ---- | M] () -- C:\Users\Krzysiek\Desktop\IrfanView Thumbnails.lnk
[2012-02-26 21:40:58 | 000,001,002 | ---- | M] () -- C:\Users\Krzysiek\Desktop\IrfanView.lnk
[2012-02-26 20:05:15 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-03-26 15:43:03 | 282,159,152 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-03-26 15:33:03 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-03-26 08:14:59 | 000,000,697 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012-03-23 11:45:45 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2012-03-23 10:55:41 | 000,000,114 | ---- | C] () -- C:\Users\Public\Desktop\ArchlordX.url
[2012-03-23 10:53:47 | 000,000,112 | ---- | C] () -- C:\Users\Public\Desktop\Archlord.url
[2012-03-22 15:44:34 | 000,002,004 | -H-- | C] () -- C:\Users\Krzysiek\Documents\Default.rdp
[2012-03-21 17:23:29 | 000,000,896 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III Beta.lnk
[2012-03-20 21:55:35 | 000,035,547 | ---- | C] () -- C:\Users\Krzysiek\Documents\logo zielone.jpg
[2012-03-15 11:37:38 | 000,000,172 | ---- | C] () -- C:\Windows\ODBC.INI
[2012-03-15 11:37:03 | 001,548,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-03-14 14:01:27 | 000,000,849 | ---- | C] () -- C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall Security Shield.lnk
[2012-03-14 14:01:27 | 000,000,051 | ---- | C] () -- C:\Users\Krzysiek\Desktop\Security Shield Support.url
[2012-03-14 14:01:27 | 000,000,048 | ---- | C] () -- C:\Users\Krzysiek\AppData\Local\KD.cfg
[2012-03-13 16:17:45 | 000,000,882 | ---- | C] () -- C:\Users\Krzysiek\Desktop\Hyperdesktop.lnk
[2012-03-11 21:24:54 | 000,011,770 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012-03-11 20:51:32 | 000,000,538 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012-03-07 23:19:49 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2012-03-07 22:03:51 | 000,000,880 | ---- | C] () -- C:\Users\Krzysiek\Desktop\HDD Unlock Wizard.lnk
[2012-03-07 19:59:26 | 000,002,499 | ---- | C] () -- C:\Users\Krzysiek\Desktop\Windows 7 USB DVD Download Tool.lnk
[2012-03-07 19:52:03 | 001,043,306 | ---- | C] () -- C:\Users\Krzysiek\Desktop\USB.exe
[2012-03-07 19:50:23 | 000,000,661 | ---- | C] () -- C:\Users\Krzysiek\Desktop\A bootable USB.lnk
[2012-03-07 19:21:44 | 000,001,077 | ---- | C] () -- C:\Users\Krzysiek\Desktop\ActiveSMART.lnk
[2012-03-07 18:19:31 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012-03-07 18:19:31 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012-03-07 18:19:31 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012-03-07 18:19:31 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012-03-07 18:19:31 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012-03-02 20:32:05 | 000,155,756 | ---- | C] () -- C:\Windows\SysWow64\wyphal.exe
[2012-03-02 19:47:36 | 000,000,862 | ---- | C] () -- C:\Users\Public\Desktop\Wings of Prey.lnk
[2012-03-01 18:53:33 | 001,645,186 | ---- | C] () -- C:\Users\Krzysiek\Documents\2012-03-01.jpg
[2012-03-01 18:48:49 | 000,037,159 | ---- | C] () -- C:\Users\Krzysiek\Documents\asd.jpg
[2012-02-29 23:11:49 | 000,000,631 | ---- | C] () -- C:\Users\Public\Desktop\Dark Crusade.lnk
[2012-02-29 21:49:13 | 000,256,172 | ---- | C] () -- C:\Users\Krzysiek\Documents\Game.jpg
[2012-02-29 21:39:57 | 000,307,708 | ---- | C] () -- C:\Users\Krzysiek\Documents\Men.jpg
[2012-02-29 21:21:24 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012-02-29 21:21:24 | 000,028,056 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2012-02-29 18:24:10 | 000,001,112 | ---- | C] () -- C:\Users\Krzysiek\Desktop\GG.lnk
[2012-02-26 22:00:10 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012-02-26 22:00:10 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012-02-26 21:40:58 | 000,001,894 | ---- | C] () -- C:\Users\Krzysiek\Desktop\IrfanView Thumbnails.lnk
[2012-02-26 21:40:58 | 000,001,002 | ---- | C] () -- C:\Users\Krzysiek\Desktop\IrfanView.lnk
[2012-02-26 20:05:15 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012-02-22 03:58:39 | 000,282,864 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-02-22 03:58:36 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-02-13 20:20:51 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012-02-13 20:20:50 | 000,028,905 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012-02-13 20:20:50 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2012-02-09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-02-22 00:10:23 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\.minecraft
[2012-02-17 03:40:23 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\DAEMON Tools Lite
[2012-03-23 01:37:18 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\Dev-Cpp
[2012-02-14 01:25:13 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\Gadu-Gadu 10
[2012-02-19 01:23:58 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\GameRanger
[2012-03-26 17:54:02 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\GG
[2012-02-13 21:13:11 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\Highresolution Enterprises
[2012-03-13 16:17:45 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\Hyperdesktop
[2012-03-07 18:10:14 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\IrfanView
[2012-03-25 21:47:05 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\LolClient
[2012-02-14 13:48:03 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\minmaxgames
[2012-03-07 18:10:14 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\NapiProjekt
[2012-02-14 16:17:10 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\Notepad++
[2012-02-21 03:11:39 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\Origin
[2012-02-20 03:38:35 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\ProtectDISC
[2012-02-16 12:44:08 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\pymclevel
[2012-03-07 18:10:14 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\TS3Client
[2012-03-23 17:02:36 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\uTorrent
[2012-02-14 00:08:58 | 000,000,000 | ---D | M] -- C:\Users\Krzysiek\AppData\Roaming\wargaming.net
[2009-07-14 07:08:49 | 000,026,182 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]< C:\Windows\assembly\tmp\*.* >[/color]
[2012-03-26 08:23:03 | 000,002,048 | ---- | M] () -- C:\Windows\assembly\tmp\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}

< End of report >