OTL logfile created on: 2012-05-01 01:54:27 - Run 1 OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Łukasz\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,64 Gb Available Physical Memory | 66,02% Memory free 7,99 Gb Paging File | 6,29 Gb Available in Paging File | 78,68% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,65 Gb Total Space | 27,90 Gb Free Space | 28,57% Space Free | Partition Type: NTFS Drive D: | 368,10 Gb Total Space | 134,35 Gb Free Space | 36,50% Space Free | Partition Type: NTFS Drive E: | 1,57 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 4,52 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ŁUKASZ-KOMPUTER | User Name: Łukasz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-05-01 01:32:24 | 000,116,648 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\GUMAA91.tmp\GoogleUpdate.exe PRC - [2012-05-01 01:32:18 | 000,739,640 | ---- | M] (Google Inc.) -- C:\Users\Łukasz\AppData\Local\Apps\2.0\JJDBWC2W.VJM\XDDQZKDH.1P0\inst...app_4fe91ede9f9bdca3_0001.0003_8224b51b98388e3b\GoogleUpdateSetup.exe PRC - [2012-05-01 00:59:26 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe PRC - [2012-04-20 17:19:34 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2012-03-11 01:16:56 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\steam.exe PRC - [2012-02-23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe PRC - [2011-09-23 19:08:19 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011-09-23 19:01:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011-09-23 12:38:21 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010-03-04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe PRC - [2009-10-09 19:12:16 | 000,741,376 | ---- | M] () -- C:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe PRC - [2009-10-05 20:01:30 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe PRC - [2009-09-25 16:59:18 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2009-08-04 18:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe PRC - [2009-08-04 18:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe PRC - [2009-07-08 02:53:36 | 000,472,112 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe PRC - [2009-07-07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe PRC - [2009-07-07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe PRC - [2009-04-09 02:38:52 | 000,024,635 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe PRC - [2006-12-19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-04-20 17:19:33 | 020,297,512 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\libcef.dll MOD - [2012-04-20 17:19:31 | 000,907,048 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\chromehtml.dll MOD - [2012-04-20 17:19:31 | 000,190,776 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avformat-53.dll MOD - [2012-04-20 17:19:31 | 000,123,192 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avutil-51.dll MOD - [2012-04-20 17:19:30 | 001,099,576 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avcodec-53.dll MOD - [2011-06-24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011-06-24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2009-10-09 19:12:16 | 000,741,376 | ---- | M] () -- C:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe MOD - [2009-07-30 19:15:32 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll MOD - [2009-07-13 17:37:04 | 000,152,112 | ---- | M] () -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll MOD - [2009-07-13 17:37:04 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-02-03 06:17:10 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-04-20 17:19:34 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-09-23 19:08:19 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011-09-23 19:01:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-03-04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2009-10-05 20:01:30 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe -- (Marvell RAID) SRV - [2009-08-04 18:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService) SRV - [2009-07-07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-04-09 02:38:52 | 000,024,635 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe -- (MRUWebService) SRV - [2006-12-19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-18 13:08:55 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:[b]64bit:[/b] - [2012-02-15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2011-10-18 03:43:44 | 000,095,928 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV:[b]64bit:[/b] - [2011-09-16 00:55:03 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:[b]64bit:[/b] - [2011-09-16 00:55:03 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-03-13 02:26:14 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2010-03-13 02:26:14 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2010-02-28 13:41:01 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2010-02-03 06:55:18 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010-02-03 05:23:58 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010-01-28 16:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009-11-12 14:48:56 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen) DRV:[b]64bit:[/b] - [2009-10-26 16:54:22 | 000,032,768 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:[b]64bit:[/b] - [2009-10-10 00:55:56 | 000,022,568 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons) DRV:[b]64bit:[/b] - [2009-09-25 16:58:32 | 000,178,688 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:[b]64bit:[/b] - [2009-09-25 16:58:24 | 000,073,728 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:[b]64bit:[/b] - [2009-08-20 18:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-07 14:48:44 | 000,035,376 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\purendis.sys -- (purendis) DRV:[b]64bit:[/b] - [2009-07-07 14:48:44 | 000,033,328 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\pnarp.sys -- (pnarp) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009-11-12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.v9.com/?utm_source=b&utm_medium=iob IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.v9.com/?utm_source=b&utm_medium=iob IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.v9.com/?utm_source=b&utm_medium=iob IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.v9.com/?utm_source=b&utm_medium=iob IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{11060273-6BA2-4a0c-94DB-8694D72E2465}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM IE - HKCU\..\SearchScopes\{2A50308B-4235-4592-AE01-8024212D676C}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A4067623346&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346 IE - HKCU\..\SearchScopes\{30864F69-A25E-4570-8BCA-5E07FADF2770}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms} IE - HKCU\..\SearchScopes\{C1DF2986-7D3D-463F-AFC5-5082B8BDECC2}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Łukasz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Łukasz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) [2012-05-01 01:20:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011-02-07 20:00:32 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-04-29 11:50:51 | 000,002,415 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\v9.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\\u0141ukasz\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\\u0141ukasz\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\\u0141ukasz\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.190.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U19 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\\u0141ukasz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: YouTube = C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Szukaj w Google = C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Gmail = C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2010-03-06 03:50:10 | 000,380,343 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 www.123fporn.info O1 - Hosts: 13101 more lines... O2 - BHO: (V9BHOLoader) - {4DE0953E-490E-4D6F-BDDA-0516C372F3AF} - C:\Windows\SysWOW64\v9loader.dll (Beijing Elex Technology Co., Ltd) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (V9-ToolBar) - {742E70CF-7770-412d-86CB-230B322E807C} - C:\Windows\SysWOW64\v9-toolbar.dll (FOF_SILENT Beijing Elex Technology Co., Ltd) O3 - HKCU\..\Toolbar\WebBrowser: (V9-ToolBar) - {742E70CF-7770-412D-86CB-230B322E807C} - C:\Windows\SysWOW64\v9-toolbar.dll (FOF_SILENT Beijing Elex Technology Co., Ltd) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [MRUTray] C:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe () O4 - HKLM..\Run: [nmapp] C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKCU..\Run: [Steam] D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Trusted sites) O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1B88D32E-4681-4B38-8032-5DB25898E802}: DhcpNameServer = 212.76.34.50 212.76.34.49 O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-25 10:30:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-06-21 15:45:00 | 000,000,044 | ---- | M] () - E:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2011-02-28 11:38:07 | 000,000,073 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{156fef1a-3164-11df-b3b9-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{156fef1a-3164-11df-b3b9-806e6f6e6963}\Shell\AutoRun\command - "" = F:\install.exe -- [2011-02-28 11:38:08 | 003,179,816 | R--- | M] (MiTAC International Corporation) O33 - MountPoints2\{50f13955-245e-11df-9bf8-6cf04902e729}\Shell - "" = AutoRun O33 - MountPoints2\{50f13955-245e-11df-9bf8-6cf04902e729}\Shell\AutoRun\command - "" = K:\OriginInstaller.exe O33 - MountPoints2\{e8d3f744-2402-11df-8382-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{e8d3f744-2402-11df-8382-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2011-06-21 15:45:00 | 000,355,920 | ---- | M] (Valve Corporation) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-05-01 01:32:42 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-05-01 01:31:12 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Apps [2012-05-01 01:31:11 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Deployment [2012-05-01 01:20:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group [2012-05-01 01:20:32 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2012-05-01 01:00:32 | 000,000,000 | ---D | C] -- C:\_OTL [2012-05-01 00:59:23 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe [2012-04-30 12:57:54 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Desktop\PayU_files [2012-04-30 10:17:52 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Desktop\kickoff [2012-04-29 12:05:38 | 000,024,408 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe [2012-04-29 11:50:51 | 000,551,936 | ---- | C] (FOF_SILENT Beijing Elex Technology Co., Ltd) -- C:\Windows\SysWow64\v9-toolbar.dll [2012-04-29 11:50:51 | 000,434,080 | ---- | C] (Beijing Elex Technology Co., Ltd) -- C:\Windows\SysWow64\v9loader.dll [2012-04-08 20:16:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012-04-08 19:08:32 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Desktop\Borixon_-_Kolejna_Czesc [2012-04-08 19:03:23 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Desktop\VA-Droga_Do_Odkupienia-PL-2012 [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-05-01 01:32:42 | 000,002,328 | ---- | M] () -- C:\Users\Łukasz\Desktop\Google Chrome.lnk [2012-05-01 01:30:07 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3476508730-2921113983-1971021170-1000UA.job [2012-05-01 01:20:32 | 000,001,268 | ---- | M] () -- C:\Users\Łukasz\Desktop\Revo Uninstaller.lnk [2012-05-01 01:18:36 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-05-01 01:18:36 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-05-01 01:11:25 | 000,157,184 | ---- | M] () -- C:\Windows\za_mv_raid.ev [2012-05-01 01:11:25 | 000,000,096 | ---- | M] () -- C:\Windows\za_mv_seqnum.ev [2012-05-01 01:11:22 | 000,000,008 | ---- | M] () -- C:\Windows\mvraidver.dat [2012-05-01 01:11:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-05-01 01:11:05 | 3217,678,336 | -HS- | M] () -- C:\hiberfil.sys [2012-05-01 01:04:29 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012-05-01 00:59:26 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe [2012-05-01 00:38:17 | 000,580,883 | ---- | M] () -- C:\Users\Łukasz\Desktop\adwcleaner.exe [2012-04-30 20:29:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3476508730-2921113983-1971021170-1000Core.job [2012-04-30 12:57:54 | 000,009,411 | ---- | M] () -- C:\Users\Łukasz\Desktop\PayU.htm [2012-04-30 10:29:38 | 001,586,452 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-04-30 10:29:38 | 000,710,122 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-04-30 10:29:38 | 000,627,416 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-04-30 10:29:38 | 000,141,734 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-04-30 10:29:38 | 000,111,652 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-04-29 11:50:48 | 000,001,166 | ---- | M] () -- C:\Users\Łukasz\Desktop\Internet Explorer.lnk [2012-04-08 20:16:36 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-05-01 01:32:42 | 000,002,328 | ---- | C] () -- C:\Users\Łukasz\Desktop\Google Chrome.lnk [2012-05-01 01:20:32 | 000,001,268 | ---- | C] () -- C:\Users\Łukasz\Desktop\Revo Uninstaller.lnk [2012-05-01 00:38:14 | 000,580,883 | ---- | C] () -- C:\Users\Łukasz\Desktop\adwcleaner.exe [2012-04-30 12:57:53 | 000,009,411 | ---- | C] () -- C:\Users\Łukasz\Desktop\PayU.htm [2012-04-29 11:50:48 | 000,001,166 | ---- | C] () -- C:\Users\Łukasz\Desktop\Internet Explorer.lnk [2012-04-08 20:16:36 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011-07-26 20:18:45 | 000,003,654 | ---- | C] () -- C:\Windows\SysWow64\drivers\Sonyhcp.dll [2011-07-09 07:32:57 | 000,005,632 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-07 20:02:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011-01-27 21:16:40 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempPa3176.html [2011-01-27 21:16:40 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempto3176.html [2011-01-06 22:21:13 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempqB5428.html [2011-01-06 22:21:13 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempxu5428.html [2010-11-12 12:04:50 | 000,000,032 | -HS- | C] () -- C:\Users\Łukasz\AppData\Roaming\{F7D92AAA-C97A-488c-BC14-C061CF39647F}.dat [2010-10-26 22:38:58 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempQf4176.html [2010-10-26 22:38:58 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempTE4176.html [2010-10-24 15:32:33 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempks4644.html [2010-10-24 15:32:33 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemprC4644.html [2010-10-08 21:45:38 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempoL4636.html [2010-10-08 21:45:38 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempTZ4636.html [2010-10-01 22:52:08 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempND6716.html [2010-10-01 22:52:08 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempFS6716.html [2010-09-26 22:55:06 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempjj1552.html [2010-09-26 22:55:06 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempiR1552.html [2010-09-26 11:07:33 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemptGs988.html [2010-09-26 11:07:33 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempwEL988.html [2010-09-19 17:20:44 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYJ5504.html [2010-09-19 17:20:44 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempoR5504.html [2010-09-12 22:39:27 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempic4292.html [2010-09-12 22:39:27 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempMs4292.html [2010-09-12 14:40:47 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempgs5460.html [2010-09-12 14:40:47 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempvF5460.html [2010-08-29 12:13:52 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempbZ5456.html [2010-08-29 12:13:52 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYv5456.html [2010-08-28 11:28:08 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempZR5812.html [2010-08-28 11:28:08 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempxn5812.html [2010-08-23 20:51:54 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYa6156.html [2010-08-23 20:51:54 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempnX6156.html [2010-08-15 23:56:04 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempaRT528.html [2010-08-15 23:56:04 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempQPE528.html [2010-08-15 23:54:27 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempPP6168.html [2010-08-15 23:54:27 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempwV6168.html [2010-07-28 21:42:43 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempba6448.html [2010-07-28 21:42:43 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempbN6448.html [2010-07-22 21:21:17 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempaC5804.html [2010-07-22 21:21:17 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempSZ5804.html [2010-07-13 21:38:35 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempee4208.html [2010-07-13 21:38:35 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXX4208.html [2010-07-05 23:00:21 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempFJ7760.html [2010-07-05 23:00:21 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempcH7760.html [2010-07-02 22:48:07 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempCT5964.html [2010-07-02 22:48:07 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempAl5964.html [2010-06-21 23:02:13 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempJC5912.html [2010-06-21 23:02:13 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGa5912.html [2010-06-21 18:51:53 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempbM6104.html [2010-06-21 18:51:53 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempnZ6104.html [2010-06-20 21:41:38 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempHD5976.html [2010-06-20 21:41:38 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempcT5976.html [2010-06-20 12:53:14 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGGw180.html [2010-06-20 12:53:14 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempzDg180.html [2010-06-19 12:18:04 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempJJ5360.html [2010-06-19 12:18:04 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempVL5360.html [2010-06-06 08:54:14 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempiy5180.html [2010-06-06 08:54:14 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Temppu5180.html [2010-06-04 22:00:27 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempac1640.html [2010-06-04 22:00:27 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempvP1640.html [2010-06-04 13:35:00 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempoZ3856.html [2010-06-04 13:35:00 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempzg3856.html [2010-06-04 11:42:11 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempZc5044.html [2010-06-04 11:42:11 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXf5044.html [2010-06-03 20:55:49 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempiz5052.html [2010-06-03 20:55:49 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempsu5052.html [2010-06-03 12:32:02 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempVn4720.html [2010-06-03 12:32:02 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempos4720.html [2010-06-03 00:57:34 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempZt1612.html [2010-06-03 00:57:34 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempCh1612.html [2010-06-02 11:47:34 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempRA3740.html [2010-06-02 11:47:34 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempQX3740.html [2010-06-01 23:52:36 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempSn6028.html [2010-06-01 23:52:36 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempuV6028.html [2010-06-01 09:55:51 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempQr4384.html [2010-06-01 09:55:51 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempfs4384.html [2010-05-31 14:57:38 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempke5020.html [2010-05-31 14:57:38 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempSC5020.html [2010-05-26 19:51:33 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemphB2536.html [2010-05-26 19:51:33 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGx2536.html [2010-05-25 17:06:21 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempcx2272.html [2010-05-25 17:06:21 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempAs2272.html [2010-05-24 16:38:44 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempuJ4772.html [2010-05-24 16:38:44 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXT4772.html [2010-05-23 21:52:07 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempCR5128.html [2010-05-23 21:52:07 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Temptp5128.html [2010-05-22 01:49:35 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempxh5824.html [2010-05-22 01:49:35 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Temprx5824.html [2010-05-20 21:12:45 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempii5824.html [2010-05-20 21:12:45 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempZd5824.html [2010-05-17 18:43:58 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempWs4564.html [2010-05-17 18:43:58 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempfS4564.html [2010-05-17 15:54:20 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempuK4804.html [2010-05-17 15:54:20 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempIC4804.html [2010-05-17 10:15:40 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempRk4028.html [2010-05-17 10:15:40 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXh4028.html [2010-05-16 15:33:45 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempvD4580.html [2010-05-16 15:33:45 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempPI4580.html [2010-05-15 11:28:28 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempDE3196.html [2010-05-15 11:28:28 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempoX3196.html [2010-05-14 22:44:32 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempgo3744.html [2010-05-14 22:44:32 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempkO3744.html [2010-05-13 19:45:47 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempaT2848.html [2010-05-13 19:45:47 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempqu2848.html [2010-05-13 12:42:47 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Temppa1644.html [2010-05-13 12:42:47 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGa1644.html [2010-05-13 03:10:57 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGZ1480.html [2010-05-13 03:10:57 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempZQ1480.html [2010-05-12 20:04:51 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempFV6088.html [2010-05-12 20:04:51 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempPu6088.html [2010-05-12 19:59:55 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempKr3684.html [2010-05-12 19:59:55 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempAh3684.html [2010-05-11 16:20:48 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempJmx376.html [2010-05-11 16:20:48 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempNgg376.html [2010-05-10 19:40:33 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempDy2696.html [2010-05-10 19:40:33 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempwc2696.html [2010-05-10 11:00:50 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempMQ2832.html [2010-05-10 11:00:50 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempdM2832.html [2010-05-09 20:01:42 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempLD4176.html [2010-05-09 20:01:42 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempCv4176.html [2010-05-09 10:31:27 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempyO4908.html [2010-05-09 10:31:27 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempNs4908.html [2010-05-08 23:05:25 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempAW2992.html [2010-05-08 23:05:25 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempsD2992.html [2010-05-04 20:37:44 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempyi4732.html [2010-05-04 20:37:44 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Temppp4732.html [2010-05-04 00:30:46 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempjI5256.html [2010-05-04 00:30:46 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempSa5256.html [2010-05-03 13:55:37 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempZp3576.html [2010-05-03 13:55:37 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempCj3576.html [2010-05-02 18:21:04 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempdI2792.html [2010-05-02 18:21:04 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempzL2792.html [2010-05-02 11:21:22 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempWV3964.html [2010-05-02 11:21:22 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempDY3964.html [color=#E56717]========== LOP Check ==========[/color] [2012-05-01 01:05:02 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Azureus [2010-04-07 13:31:22 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Canneverbe Limited [2012-04-29 12:05:54 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DAEMON Tools Lite [2010-03-04 23:42:38 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\F-Secure [2010-02-28 04:42:53 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Gadu-Gadu 10 [2011-12-17 23:33:44 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\IObit [2010-02-28 15:09:30 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\IrfanView [2010-10-01 22:52:05 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Leadertech [2010-03-22 19:27:20 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\OpenFM [2012-03-11 01:29:35 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Sports Interactive [2011-12-17 19:56:51 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Teleca [2010-03-01 21:55:09 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\X-Setup Pro [2012-02-14 23:17:01 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >