OTL logfile created on: 2012-06-08 10:51:45 - Run 4 OTL by OldTimer - Version 3.2.47.0 Folder = C:\!!!_Fix 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,44 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 44,37% Memory free 6,87 Gb Paging File | 4,76 Gb Available in Paging File | 69,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 232,79 Gb Total Space | 66,65 Gb Free Space | 28,63% Space Free | Partition Type: NTFS Drive D: | 298,09 Gb Total Space | 93,66 Gb Free Space | 31,42% Space Free | Partition Type: NTFS Computer Name: ADMIN-W7 | User Name: Janik | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-06-08 10:31:15 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\!!!_Fix\OTL.exe PRC - [2012-06-08 10:19:30 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Users\Janik\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001 PRC - [2012-05-22 09:21:54 | 006,304,256 | ---- | M] (Axence Software, Inc.) -- C:\Program Files (x86)\Axence\NetTools\4.0\NetTools.exe PRC - [2012-05-15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-03-12 14:05:24 | 000,612,760 | ---- | M] (PJLM Software Inc.) -- C:\Program Files (x86)\Print Audit Inc\Facilities Manager\pafmupd.exe PRC - [2012-03-12 14:05:18 | 001,461,656 | ---- | M] (PJLM Software Inc.) -- C:\Program Files (x86)\Print Audit Inc\Facilities Manager\pafmice.exe PRC - [2012-02-13 10:06:56 | 003,481,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-08-30 12:28:14 | 000,079,360 | ---- | M] (Creative Labs) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe PRC - [2011-07-07 09:21:46 | 000,118,024 | ---- | M] (Unizeto Technologies SA) -- C:\Program Files (x86)\Unizeto\proCertum CardManager\cryptoCertumScanner.exe PRC - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe PRC - [2010-11-29 11:14:58 | 000,212,992 | ---- | M] () -- C:\Program Files (x86)\EATON\PersonalSolutionPac\BIL.exe PRC - [2010-11-29 11:14:06 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\EATON\PersonalSolutionPac\RunSC.exe PRC - [2010-11-29 11:13:58 | 000,319,488 | ---- | M] () -- C:\Program Files (x86)\EATON\PersonalSolutionPac\PCtl.exe PRC - [2010-11-29 11:13:52 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\EATON\PersonalSolutionPac\CilUSB.exe PRC - [2010-05-25 10:29:24 | 001,021,952 | -HS- | M] () -- C:\Windows\SysWOW64\winn\winn.exe PRC - [2009-07-08 15:32:50 | 001,233,195 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe PRC - [2009-05-04 19:05:04 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe PRC - [2009-02-23 05:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe PRC - [2008-09-24 17:37:56 | 001,253,376 | ---- | M] () -- C:\Program Files (x86)\EATON\PersonalSolutionPac\mgenetsystray.exe PRC - [2008-08-07 13:49:00 | 000,091,648 | ---- | M] () -- C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe PRC - [2008-06-13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe PRC - [2008-06-13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe PRC - [2008-01-22 11:13:32 | 001,201,448 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2008-01-22 11:13:20 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-06-08 10:19:31 | 000,592,896 | ---- | M] () -- C:\Users\Janik\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0012\~de6248.tmp MOD - [2012-06-08 10:19:30 | 000,697,884 | ---- | M] () -- C:\Users\Janik\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0012\~df394b.tmp MOD - [2012-05-23 03:56:50 | 000,441,880 | ---- | M] () -- C:\Users\Janik\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll MOD - [2012-05-23 03:56:49 | 003,922,456 | ---- | M] () -- C:\Users\Janik\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll MOD - [2012-05-23 03:55:35 | 000,553,496 | ---- | M] () -- C:\Users\Janik\AppData\Local\Google\Chrome\Application\19.0.1084.52\libglesv2.dll MOD - [2012-05-23 03:55:33 | 000,117,784 | ---- | M] () -- C:\Users\Janik\AppData\Local\Google\Chrome\Application\19.0.1084.52\libegl.dll MOD - [2012-05-23 03:55:24 | 000,134,696 | ---- | M] () -- C:\Users\Janik\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll MOD - [2012-05-23 03:55:23 | 000,250,408 | ---- | M] () -- C:\Users\Janik\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll MOD - [2012-05-23 03:55:21 | 002,375,720 | ---- | M] () -- C:\Users\Janik\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll MOD - [2012-05-23 03:06:23 | 008,743,584 | ---- | M] () -- C:\Users\Janik\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll MOD - [2012-05-23 03:06:23 | 008,743,584 | ---- | M] () -- C:\Users\Janik\AppData\Local\Google\Chrome\APPLIC~1\190108~1.52\gcswf32.dll MOD - [2012-05-14 07:30:43 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll MOD - [2012-05-14 07:30:37 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll MOD - [2012-05-14 07:30:35 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll MOD - [2012-05-14 07:30:21 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012-05-14 07:30:18 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012-05-14 07:30:18 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012-05-14 07:30:10 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2010-05-25 10:29:24 | 001,021,952 | -HS- | M] () -- C:\Windows\SysWOW64\winn\winn.exe MOD - [2009-04-20 11:55:58 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL MOD - [2009-02-06 18:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL MOD - [2008-09-24 17:37:56 | 001,253,376 | ---- | M] () -- C:\Program Files (x86)\EATON\PersonalSolutionPac\mgenetsystray.exe MOD - [2008-08-07 13:49:00 | 000,091,648 | ---- | M] () -- C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011-01-17 20:20:04 | 000,301,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService) SRV:[b]64bit:[/b] - [2011-01-12 16:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV:[b]64bit:[/b] - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2010-11-20 15:25:18 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009-07-14 03:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC) SRV - [2012-06-01 17:37:22 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-05-15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-05-07 07:27:14 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-03-12 14:05:24 | 000,612,760 | ---- | M] (PJLM Software Inc.) [Auto | Running] -- C:\Program Files (x86)\Print Audit Inc\Facilities Manager\pafmupd.exe -- (PAFMICEUpdater) SRV - [2012-03-12 14:05:18 | 001,461,656 | ---- | M] (PJLM Software Inc.) [Auto | Running] -- C:\Program Files (x86)\Print Audit Inc\Facilities Manager\pafmice.exe -- (PAFMICE) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-09-28 09:45:12 | 000,885,160 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe -- (WO_LiveService) SRV - [2011-08-30 12:30:49 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service) SRV - [2011-08-30 12:29:53 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2011-08-30 12:28:14 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service) SRV - [2010-11-29 11:14:06 | 000,126,976 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EATON\PersonalSolutionPac\RunSC.exe -- (EATON Service module) SRV - [2010-11-20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2010-11-20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2010-11-20 14:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2010-11-20 14:17:42 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP) SRV - [2010-06-25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-02-23 05:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) SRV - [2008-06-13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance) SRV - [2008-06-13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance) SRV - [2007-05-31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-05-22 14:26:10 | 000,147,288 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:[b]64bit:[/b] - [2012-04-10 14:39:35 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-15 08:24:47 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-12-21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2010-12-21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2010-12-21 13:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr) DRV:[b]64bit:[/b] - [2010-11-20 15:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm) DRV:[b]64bit:[/b] - [2010-11-20 15:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 13:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:[b]64bit:[/b] - [2010-11-20 13:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr) DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-06-25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:[b]64bit:[/b] - [2009-09-17 13:04:18 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:[b]64bit:[/b] - [2009-08-20 18:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-07-21 14:05:14 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV:[b]64bit:[/b] - [2009-07-21 14:05:14 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV:[b]64bit:[/b] - [2009-07-21 14:05:14 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2008-08-12 10:27:14 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter) DRV:[b]64bit:[/b] - [2007-01-17 16:10:18 | 000,042,752 | ---- | M] (Advanced Card Systems Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\a38usbx64.sys -- (ACSSCR) DRV - [2011-03-08 06:01:06 | 000,012,824 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerProcessMonitor64.sys -- (LiveTunerPM) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2002-01-12 17:30:34 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PortTalk.sys -- (PortTalk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{C147BAB1-2444-4AB2-BE84-9E395B1FD927}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3757402144-1106657414-3796708180-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.gazeta.pl/msn/0,0.html IE - HKU\S-1-5-21-3757402144-1106657414-3796708180-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3757402144-1106657414-3796708180-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=1fa957e0-14da-11e1-97fa-002522d8e2e2&q={searchTerms} IE - HKU\S-1-5-21-3757402144-1106657414-3796708180-1000\..\SearchScopes\{0E7BD495-8C91-4776-8CB8-5CB3C2E22686}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A4107735745&ie=UTF-8&q=&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4107735745&q={searchTerms} IE - HKU\S-1-5-21-3757402144-1106657414-3796708180-1000\..\SearchScopes\{C147BAB1-2444-4AB2-BE84-9E395B1FD927}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH IE - HKU\S-1-5-21-3757402144-1106657414-3796708180-1000\..\SearchScopes\{DCEC8AD0-E5DE-450c-918D-3DD8E857815C}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=PROTOSV IE - HKU\S-1-5-21-3757402144-1106657414-3796708180-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Janik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Janik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-08 09:46:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-05-29 09:46:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-08-30 07:50:56 | 000,000,000 | ---D | M] [2011-09-05 07:38:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\Extensions [2012-05-07 14:11:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\Firefox\Profiles\cuvfkjx3.default\extensions [2012-01-10 15:20:11 | 000,000,000 | ---D | M] (PEKAO S.A. Sign Plugin) -- C:\Users\Janik\AppData\Roaming\mozilla\Firefox\Profiles\cuvfkjx3.default\extensions\SignPlugin@pekao.pl [2012-06-08 09:18:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-06-01 17:38:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-06-01 18:43:14 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-01 18:43:14 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-01 18:43:14 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-01 18:43:14 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-06-01 18:43:14 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-01 18:43:14 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Janik\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Janik\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Janik\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Janik\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Google Update (Enabled) = C:\Users\Janik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: DSL speedtest = C:\Users\Janik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj\1.1_0\ O1 HOSTS File: ([2012-01-26 14:24:22 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [autodetect] C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe () O4 - HKLM..\Run: [AutoRegisterCerts] C:\Program Files (x86)\Unizeto\proCertum CardManager\cryptoCertumScanner.exe (Unizeto Technologies SA) O4 - HKLM..\Run: [CTSyncService] C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe (Creative Technology Ltd) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [pspNetSystray] C:\Program Files (x86)\EATON\PersonalSolutionPac\mgenetsystray.exe () O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd) O4 - HKU\S-1-5-21-3757402144-1106657414-3796708180-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-3757402144-1106657414-3796708180-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-3757402144-1106657414-3796708180-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3757402144-1106657414-3796708180-1002..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3757402144-1106657414-3796708180-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3757402144-1106657414-3796708180-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-3757402144-1106657414-3796708180-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-3757402144-1106657414-3796708180-1000\..Trusted Ranges: Range1 ([http] in Lokalny intranet) O16 - DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} http://10.1.1.108/webrec.cab (DHSurveillanceCtrl Control) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A41} https://www.pekaobiznes24.pl/components/SignActivXPEKAO.cab (SignActivX Control) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C05C5F01-DAF5-4038-A013-67AEE8C6333E}: NameServer = 194.204.152.34,194.204.159.1 O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-06-08 10:31:56 | 000,000,000 | ---D | C] -- C:\!!!_Fix [2012-06-08 07:06:56 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{105165E9-2675-418A-95C3-EDE16B9619D9} [2012-06-08 07:06:35 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{228CD9C6-5F46-41F8-B47B-9C406514C65A} [2012-06-06 07:17:36 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{7F18E3FB-3635-4FEC-A03A-BE365ECEE8A5} [2012-06-06 07:17:25 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{C5D5BFA8-962A-4F19-A68E-8FFD6A0F1BAB} [2012-06-05 07:08:09 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{624AB823-43E6-419A-8B42-B02929710D47} [2012-06-05 07:07:54 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{58B65D79-4601-4ACF-B4C8-3A413BCDE797} [2012-06-04 14:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox [2012-06-04 08:06:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012-06-04 08:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012-06-04 07:08:20 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{48E93713-6AE1-4E69-87A1-F939C5ADFCFF} [2012-06-04 07:08:03 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{190F0A69-6321-45FA-BAA3-0CAB6BB0912B} [2012-06-01 09:35:10 | 000,000,000 | ---D | C] -- C:\!!!_TRACER4GB [2012-06-01 08:00:31 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{A6621FE9-96F4-4866-9622-94FAE4919213} [2012-06-01 08:00:18 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{1A0D8BF1-DEC4-440B-9B9B-F14F3A592033} [2012-05-31 07:31:54 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{8B39093A-7FAE-4970-90EF-E7341D46D3BC} [2012-05-31 07:31:43 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{AB4991C0-F1F5-42D0-B57E-07B023D41648} [2012-05-30 07:03:45 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{4F9253F4-75F1-4FA0-A1CE-0716FDB0CE2E} [2012-05-30 07:03:33 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{615514BB-3604-4AA8-BB6E-5D2A8B143E62} [2012-05-29 10:12:42 | 025,743,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012-05-29 10:12:42 | 025,248,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012-05-29 10:12:42 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012-05-29 10:12:42 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012-05-29 10:12:42 | 015,322,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2012-05-29 10:12:42 | 008,139,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012-05-29 10:12:42 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012-05-29 10:12:42 | 002,881,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012-05-29 10:12:42 | 002,681,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012-05-29 10:12:42 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012-05-29 10:12:42 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012-05-29 10:12:42 | 002,368,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2012-05-29 09:47:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012-05-29 09:47:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle [2012-05-29 09:46:45 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012-05-29 09:46:45 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012-05-29 09:36:52 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{F882CE10-C5AB-4302-93D6-7D7AB78C917B} [2012-05-29 09:36:41 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{34CC86E2-73C4-4CA0-9C68-3A61E95C53D9} [2012-05-29 09:05:04 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{47735FF4-B703-428B-B697-89F354560FF2} [2012-05-29 09:04:50 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{9D746FBE-9AE8-4AF2-ADB2-FA3AF6417AE4} [2012-05-28 06:56:08 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{B6CA826E-7B10-46B4-9B54-8C6EFB92B39E} [2012-05-28 06:55:56 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{EE406DBB-21DB-4DF1-BC5F-C6EB3F885811} [2012-05-25 10:22:02 | 000,000,000 | ---D | C] -- C:\Users\Janik\Desktop\certyfikaty [2012-05-25 07:06:49 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{DC6EA2F7-84E7-44A8-8545-26CBAFABB310} [2012-05-25 07:06:37 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{E082A53F-4F48-4A40-8CC8-627867C3AE1D} [2012-05-24 06:55:47 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{2A42B3C0-AEEC-4270-9C34-89D77853BD0E} [2012-05-24 06:55:36 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{2A446D19-E382-4961-B2E5-50ED26DF4AB9} [2012-05-23 09:12:35 | 000,000,000 | ---D | C] -- C:\KDU [2012-05-23 06:56:35 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{78960739-FD08-4F9C-8375-B0DB9CB68C21} [2012-05-23 06:56:23 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{9C2B0408-B729-4250-9327-71F4F17E1D2A} [2012-05-22 14:26:10 | 000,147,288 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys [2012-05-22 14:25:40 | 000,320,856 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\VBoxNetFltNobj.dll [2012-05-22 13:50:18 | 000,819,712 | ---- | C] (Unizeto Technologies SA) -- C:\Windows\SysNative\crypto3CSP.dll [2012-05-22 13:50:18 | 000,805,888 | ---- | C] (Unizeto Technologies SA) -- C:\Windows\SysNative\cryptoCertum3CSP.dll [2012-05-22 13:50:18 | 000,755,200 | ---- | C] (Unizeto Technologies SA) -- C:\Windows\SysNative\crypto3PKCS.dll [2012-05-22 13:50:18 | 000,750,080 | ---- | C] (Unizeto Technologies SA) -- C:\Windows\SysNative\cryptoCertum3PKCS.dll [2012-05-22 13:50:18 | 000,667,136 | ---- | C] (Unizeto Technologies SA) -- C:\Windows\SysWow64\cryptoCertum3CSP.dll [2012-05-22 13:50:18 | 000,615,936 | ---- | C] (Unizeto Technologies SA) -- C:\Windows\SysWow64\cryptoCertum3PKCS.dll [2012-05-22 13:50:18 | 000,614,912 | ---- | C] (Unizeto Technologies SA) -- C:\Windows\SysWow64\crypto3PKCS.dll [2012-05-22 13:50:18 | 000,064,512 | ---- | C] (Unizeto Technologies SA) -- C:\Windows\SysNative\cryptoUniPKCS.dll [2012-05-22 13:50:18 | 000,060,928 | ---- | C] (Unizeto Technologies SA) -- C:\Windows\SysWow64\cryptoUniPKCS.dll [2012-05-22 13:50:17 | 000,802,816 | ---- | C] (Unizeto Technologies SA) -- C:\Windows\SysWow64\cryptoCertumCSP.dll [2012-05-22 13:50:17 | 000,668,672 | ---- | C] (Unizeto Technologies SA) -- C:\Windows\SysWow64\crypto3CSP.dll [2012-05-22 13:50:17 | 000,580,608 | ---- | C] (Unizeto Technologies SA) -- C:\Windows\SysWow64\cryptoCertumPKCS11.dll [2012-05-22 13:50:17 | 000,196,608 | ---- | C] (OMNIKEY) -- C:\Windows\SysWow64\scardspen_zpl.dll [2012-05-22 13:50:17 | 000,196,608 | ---- | C] (OMNIKEY) -- C:\Windows\SysWow64\scardspen_bpl.dll [2012-05-22 13:50:02 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Roaming\InstallShield [2012-05-22 06:57:02 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{4D807613-A65C-4757-A295-F72811EB4CEC} [2012-05-22 06:56:50 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{B7C5AC22-56DA-4C54-B587-0FA5E223D082} [2012-05-21 11:28:12 | 000,135,168 | ---- | C] (ZTE Corporation) -- C:\Windows\SysNative\drivers\ZTEusbnet.sys [2012-05-21 11:28:12 | 000,119,680 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys [2012-05-21 11:28:12 | 000,119,680 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbnmeaext.sys [2012-05-21 11:28:12 | 000,119,680 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys [2012-05-21 11:28:11 | 000,119,680 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys [2012-05-21 11:28:11 | 000,009,216 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\massfilter.sys [2012-05-21 11:28:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZTEDriver [2012-05-21 11:14:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SupportAppXL [2012-05-21 11:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telstra Turbo Connection Manager [2012-05-21 11:14:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Telstra Turbo Connection Manager [2012-05-21 06:55:45 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{19F0AA3E-840B-4613-9CCA-1EBCAC9FBDDE} [2012-05-21 06:55:33 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{90051B5E-C3DE-4359-B75C-FF3F774DF5EE} [2012-05-18 14:30:14 | 000,000,000 | ---D | C] -- C:\Users\Janik\Desktop\Excell-poradnik [2012-05-18 13:24:26 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{002B4C79-B900-4C3D-8E59-41FB03EDE159} [2012-05-18 13:24:14 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{8F0028F0-86DB-4808-87DA-A1043C74E4E0} [2012-05-17 06:54:58 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{F568FB51-DFAA-4CB1-8AD3-D106A1276073} [2012-05-17 06:54:43 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{EFFD5FB4-4FAA-4222-8A86-550A3781F4A6} [2012-05-16 10:10:08 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2012-05-16 09:05:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EASEUS [2012-05-16 07:03:25 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{7F1416BD-93BD-434D-9BDC-62ED28160E4B} [2012-05-16 07:03:13 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{1E808E34-E253-4744-9422-C8E2DD5934BC} [2012-05-15 06:55:57 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{036CD0CE-D093-4EAC-B18B-8FBAC3698E07} [2012-05-15 06:55:45 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{26FAA23D-0814-477E-BE92-82CD2A90FF5A} [2012-05-14 08:46:22 | 000,000,000 | ---D | C] -- C:\Users\Janik\Desktop\zfss [2012-05-14 07:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012-05-14 07:07:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012-05-14 07:07:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012-05-14 07:05:03 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012-05-14 07:05:00 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012-05-14 07:05:00 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012-05-14 07:04:57 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012-05-14 07:01:37 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{1BA0EF0A-04A7-4004-BF72-2F83D8C36E5A} [2012-05-14 07:01:21 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Local\{DC4320C9-4870-42B5-B78E-C8B4560FAB60} [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-06-08 10:49:30 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-06-08 10:49:30 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-06-08 10:19:14 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2012-06-08 10:19:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-06-08 10:18:57 | 2767,642,624 | -HS- | M] () -- C:\hiberfil.sys [2012-06-08 09:14:01 | 000,002,038 | -H-- | M] () -- C:\Users\Janik\Documents\Default.rdp [2012-06-08 08:45:33 | 000,001,813 | ---- | M] () -- C:\Users\Janik\Desktop\Lex.lnk [2012-06-08 08:45:31 | 000,001,962 | ---- | M] () -- C:\Users\Janik\Desktop\Cogisoft.lnk [2012-06-08 07:27:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-06-08 07:15:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3757402144-1106657414-3796708180-1000UA.job [2012-06-08 07:13:24 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3757402144-1106657414-3796708180-1000Core.job [2012-06-06 11:21:04 | 000,000,918 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2012-05-30 10:35:42 | 001,751,528 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-05-30 10:35:42 | 000,774,508 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-05-30 10:35:42 | 000,683,278 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-05-30 10:35:42 | 000,167,192 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-05-30 10:35:42 | 000,130,274 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-05-29 09:46:30 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012-05-29 09:46:30 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012-05-23 14:16:29 | 000,003,473 | ---- | M] () -- C:\fraglist.luar [2012-05-22 14:26:10 | 000,147,288 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys [2012-05-22 14:25:40 | 000,320,856 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\VBoxNetFltNobj.dll [2012-05-22 07:58:16 | 000,128,211 | ---- | M] () -- C:\Users\Janik\Desktop\spis telefonów.pdf [2012-05-21 11:14:36 | 000,001,944 | ---- | M] () -- C:\Users\Public\Desktop\Telstra Turbo Connection Manager.lnk [2012-05-15 12:48:00 | 025,743,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012-05-15 12:48:00 | 025,248,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012-05-15 12:48:00 | 019,607,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012-05-15 12:48:00 | 018,044,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012-05-15 12:48:00 | 017,551,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012-05-15 12:48:00 | 015,322,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2012-05-15 12:48:00 | 008,139,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012-05-15 12:48:00 | 005,982,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012-05-15 12:48:00 | 002,881,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012-05-15 12:48:00 | 002,741,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2012-05-15 12:48:00 | 002,681,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012-05-15 12:48:00 | 002,524,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012-05-15 12:48:00 | 002,445,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012-05-15 12:48:00 | 002,368,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2012-05-15 12:48:00 | 001,738,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2012-05-15 12:48:00 | 001,468,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll [2012-05-15 12:48:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012-05-15 12:48:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012-05-15 12:48:00 | 000,014,324 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2012-05-15 11:29:46 | 002,561,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2012-05-15 11:29:46 | 000,118,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2012-05-15 11:29:46 | 000,063,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2012-05-15 11:29:25 | 003,149,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2012-05-15 11:28:42 | 006,151,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2012-05-14 07:25:44 | 000,467,776 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-05-09 15:04:48 | 000,128,173 | ---- | M] () -- C:\Users\Janik\Desktop\Oracle Database Appliance.htm [2012-05-09 15:04:36 | 000,133,378 | ---- | M] () -- C:\Users\Janik\Desktop\x86 Servers Product Family Oracle.htm [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-06-06 11:20:39 | 000,000,918 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012-06-05 09:06:57 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl [2012-05-23 14:16:29 | 000,003,473 | ---- | C] () -- C:\fraglist.luar [2012-05-22 13:50:17 | 000,000,136 | ---- | C] () -- C:\Windows\SysWow64\cryptoCertumCSP.sig [2012-05-22 07:58:16 | 000,128,211 | ---- | C] () -- C:\Users\Janik\Desktop\spis telefonów.pdf [2012-05-21 11:14:33 | 000,001,944 | ---- | C] () -- C:\Users\Public\Desktop\Telstra Turbo Connection Manager.lnk [2012-05-09 15:04:48 | 000,128,173 | ---- | C] () -- C:\Users\Janik\Desktop\Oracle Database Appliance.htm [2012-05-09 15:04:36 | 000,133,378 | ---- | C] () -- C:\Users\Janik\Desktop\x86 Servers Product Family Oracle.htm [2012-04-13 11:57:09 | 000,001,473 | ---- | C] () -- C:\Users\Janik\AppData\Local\recently-used.xbel [2012-03-21 10:49:33 | 000,002,984 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2012-03-21 10:49:33 | 000,000,088 | RHS- | C] () -- C:\ProgramData\0724D1882B.sys [2012-02-08 14:36:29 | 000,707,504 | ---- | C] () -- C:\Users\Janik\AppData\Local\unins000.exe [2012-02-08 14:36:29 | 000,011,761 | ---- | C] () -- C:\Users\Janik\AppData\Local\unins000.msg [2012-02-08 14:36:29 | 000,002,177 | ---- | C] () -- C:\Users\Janik\AppData\Local\unins000.dat [2012-01-30 14:06:33 | 001,730,128 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-01-16 13:18:56 | 000,000,600 | ---- | C] () -- C:\Users\Janik\AppData\Local\PUTTY.RND [2012-01-12 14:23:04 | 000,716,813 | ---- | C] () -- C:\Windows\unins000.exe [2012-01-12 14:23:04 | 000,167,521 | ---- | C] () -- C:\Windows\unins000.dat [2011-12-07 13:31:13 | 000,000,179 | ---- | C] () -- C:\Windows\fileinfo.ini [2011-11-21 08:42:47 | 000,000,926 | ---- | C] () -- C:\Windows\CDRipper.ini [2011-10-13 14:22:08 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI [2011-09-01 08:14:34 | 000,000,339 | ---- | C] () -- C:\Users\Janik\AppData\Roaming\Drives Meter_Settings.ini [2011-09-01 08:12:18 | 000,000,294 | ---- | C] () -- C:\Users\Janik\AppData\Roaming\Network Meter_Settings.ini [2011-09-01 08:11:36 | 000,000,412 | ---- | C] () -- C:\Users\Janik\AppData\Roaming\All CPU Meter_Settings.ini [2011-08-31 13:50:13 | 000,007,597 | ---- | C] () -- C:\Users\Janik\AppData\Local\resmon.resmoncfg [2011-08-30 12:31:21 | 000,002,265 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini [2011-08-30 12:31:21 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini [2011-08-30 12:31:21 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini [2011-08-30 12:30:55 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2011-08-30 12:30:55 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2011-08-30 10:47:27 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\t2embed.dll [2010-06-25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [color=#E56717]========== LOP Check ==========[/color] [2012-06-08 09:41:02 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Maxthon3 [2012-06-08 09:41:02 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Maxthon3 [2012-02-27 10:16:30 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\AIMP [2012-04-26 07:25:30 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Ashampoo [2012-04-11 13:19:40 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Cream Software [2012-03-30 13:14:54 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\CrystalIdea Software [2012-03-05 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\DAEMON Tools Lite [2011-08-30 14:23:09 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\DeviceVm [2012-02-08 15:05:31 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2012-03-22 14:19:12 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\e-Kiosk Reader [2012-01-03 09:04:53 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\e-pity [2012-02-20 09:18:18 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Gadu-Gadu 10 [2012-04-12 15:11:22 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\GG [2011-08-31 14:33:24 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\GHISLER [2012-04-13 07:35:39 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\gtk-2.0 [2012-01-18 12:36:21 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\HD Tune Pro [2011-10-24 15:14:40 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\iPlus [2011-09-06 08:07:30 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\IrfanView [2012-04-13 11:55:51 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\iSpy [2012-04-13 11:49:58 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\iSpyServer [2012-04-10 11:55:36 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\LibreOffice [2012-04-19 14:18:54 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\OE PowerTool [2011-09-02 10:51:33 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\OpenOffice.org [2012-02-15 10:26:37 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Opera [2011-09-27 10:19:23 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\PandoraRecovery [2011-11-28 12:48:36 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\PomocnikPlatnika [2012-01-13 13:43:55 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Scribus [2012-03-28 11:57:52 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Softinterface, Inc [2011-11-23 08:12:02 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Softland [2011-11-21 09:02:02 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Splashtop [2012-03-21 12:25:24 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\TeamViewer [2012-04-10 15:27:43 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\TrueCrypt [2011-11-17 14:38:12 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Unizeto [2011-09-15 07:39:45 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\WA-PRO [2011-09-06 07:32:37 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Windows Live Writer [2012-01-30 10:03:43 | 000,000,000 | -HSD | M] -- C:\Users\Janik\AppData\Roaming\winn [2012-05-09 08:32:44 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Wireshark [2011-09-02 13:10:21 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\WKPolska [2012-03-06 12:47:31 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\YCanPDF [2012-06-08 10:29:29 | 000,029,158 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >