OTL logfile created on: 23-06-2012 15:07:08 - Run 1 OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Robert\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd-MM-yyyy 3,48 Gb Total Physical Memory | 1,44 Gb Available Physical Memory | 41,54% Memory free 6,95 Gb Paging File | 4,33 Gb Available in Paging File | 62,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 203,23 Gb Total Space | 145,25 Gb Free Space | 71,47% Space Free | Partition Type: NTFS Drive D: | 392,94 Gb Total Space | 376,63 Gb Free Space | 95,85% Space Free | Partition Type: NTFS Computer Name: RLAP | User Name: Robert | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-06-23 15:03:26 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Downloads\OTL.exe PRC - [2012-06-19 12:02:38 | 001,480,192 | ---- | M] (AIMP DevTeam) -- C:\PROGRA~2\AIMP2\AIMP3.exe PRC - [2012-06-19 00:48:15 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe PRC - [2012-06-18 13:45:13 | 003,491,264 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe PRC - [2012-06-16 12:51:30 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-06-15 12:47:02 | 000,686,280 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe PRC - [2012-05-04 10:12:58 | 010,591,232 | ---- | M] (Creative Team S.A.) -- C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe PRC - [2012-03-26 11:24:58 | 001,516,600 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe PRC - [2012-03-19 13:38:48 | 002,279,296 | ---- | M] (TeamViewer GmbH) -- c:\program files (x86)\teamviewer\version7\TeamViewer_Desktop.exe PRC - [2012-03-19 13:38:46 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe PRC - [2012-03-19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012-03-19 13:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe PRC - [2012-02-22 12:05:22 | 001,770,360 | ---- | M] (IVONA Software Sp. z o.o.) -- C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe PRC - [2012-02-09 15:20:36 | 001,340,264 | ---- | M] (IVONA Software Sp. z o.o.) -- C:\Program Files (x86)\IVONA\IVONA Reader\IVONA Reader.exe PRC - [2012-01-10 19:36:34 | 001,083,264 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe PRC - [2012-01-04 14:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe PRC - [2012-01-04 14:32:10 | 000,126,504 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2012-01-04 14:32:06 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2011-05-20 12:01:06 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2011-03-13 11:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2010-09-17 12:14:50 | 000,098,304 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe PRC - [2010-09-17 12:14:42 | 003,735,552 | ---- | M] (Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe PRC - [2010-08-17 15:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2010-05-25 14:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe PRC - [2010-05-20 16:26:28 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe PRC - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009-12-15 11:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009-06-19 11:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe PRC - [2009-06-15 18:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2009-01-30 00:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe PRC - [2008-12-22 18:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe PRC - [2007-12-18 11:15:00 | 000,104,960 | ---- | M] (ArcSoft) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2007-12-18 11:15:00 | 000,072,192 | ---- | M] (ArcSoft) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-06-19 12:02:39 | 000,443,904 | ---- | M] () -- C:\PROGRA~2\AIMP2\Sqlite3.dll MOD - [2012-06-19 12:02:38 | 001,198,592 | ---- | M] () -- C:\PROGRA~2\AIMP2\Modules\aimp_libvorbis.dll MOD - [2012-06-19 12:02:38 | 000,237,568 | ---- | M] () -- C:\PROGRA~2\AIMP2\Plugins\OptimFROG.dll MOD - [2012-06-19 12:02:38 | 000,054,784 | ---- | M] () -- C:\PROGRA~2\AIMP2\Plugins\aimp_lastfm.dll MOD - [2012-06-19 12:02:37 | 001,794,560 | ---- | M] () -- C:\PROGRA~2\AIMP2\Plugins\PandemicAnalogMeter.dll MOD - [2012-06-19 12:02:37 | 000,026,624 | ---- | M] () -- C:\PROGRA~2\AIMP2\Plugins\Aorta.svp MOD - [2012-06-16 12:51:30 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012-05-04 09:24:38 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll MOD - [2012-05-04 09:16:48 | 000,310,272 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll MOD - [2012-04-30 11:26:10 | 001,178,624 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll MOD - [2012-03-26 11:25:32 | 000,345,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll MOD - [2012-03-26 11:25:32 | 000,282,168 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll MOD - [2012-03-26 11:25:26 | 008,197,176 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll MOD - [2012-03-26 11:25:26 | 002,302,008 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll MOD - [2012-03-26 11:25:24 | 000,027,704 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll MOD - [2012-03-26 11:25:22 | 000,202,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll MOD - [2012-02-09 15:20:42 | 000,029,032 | ---- | M] () -- C:\Program Files (x86)\IVONA\IVONA Reader\IvonaIntegration.dll MOD - [2012-01-10 19:38:40 | 000,423,808 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll MOD - [2012-01-10 19:38:38 | 000,058,240 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll MOD - [2012-01-10 19:38:34 | 000,095,104 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll MOD - [2012-01-10 19:38:32 | 000,272,768 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll MOD - [2012-01-10 19:38:00 | 000,384,896 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QxtCore.dll MOD - [2012-01-10 19:38:00 | 000,165,248 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QxtWeb.dll MOD - [2012-01-10 19:37:58 | 002,557,312 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll MOD - [2012-01-10 19:37:56 | 000,346,496 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll MOD - [2012-01-10 19:37:54 | 010,843,520 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll MOD - [2012-01-10 19:37:48 | 000,196,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll MOD - [2012-01-10 19:37:46 | 001,294,208 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll MOD - [2012-01-10 19:37:44 | 000,682,880 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll MOD - [2012-01-10 19:37:42 | 000,919,936 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll MOD - [2012-01-10 19:37:40 | 000,517,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll MOD - [2012-01-10 19:37:38 | 008,172,928 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll MOD - [2012-01-10 19:37:36 | 002,252,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll MOD - [2012-01-10 19:37:34 | 002,288,512 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll MOD - [2012-01-10 19:37:32 | 000,422,272 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll MOD - [2012-01-10 19:37:22 | 000,202,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll MOD - [2012-01-10 19:37:20 | 000,034,688 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll MOD - [2012-01-10 19:37:18 | 000,032,640 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll MOD - [2012-01-10 19:36:38 | 000,388,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\OviShareLib.dll MOD - [2012-01-10 19:36:24 | 000,437,632 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll MOD - [2012-01-10 19:36:02 | 001,037,696 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Maps Service API.dll MOD - [2012-01-10 19:35:06 | 000,758,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll MOD - [2012-01-05 17:00:24 | 000,112,640 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll MOD - [2011-12-27 18:46:14 | 000,293,888 | ---- | M] () -- C:\Users\Robert\WapSter\AQQ Folder\Profiles\Robert\Plugins\SpellChecker.dll MOD - [2011-09-09 09:58:02 | 006,620,008 | ---- | M] () -- C:\Program Files (x86)\IVONA\IVONA 2 Voice\voices\voice_pl_jacek.dll MOD - [2010-10-08 11:11:52 | 007,979,008 | ---- | M] () -- C:\Program Files (x86)\IVONA\IVONA 2 Voice\Qt_4_6_3_0\x86\QtGui4.dll MOD - [2010-07-14 12:15:42 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\IVONA\IVONA 2 Voice\Qt_4_6_3_0\x86\QtSolutions_MFCMigrationFramework-2.8.dll MOD - [2010-06-17 15:07:06 | 002,203,648 | ---- | M] () -- C:\Program Files (x86)\IVONA\IVONA 2 Voice\Qt_4_6_3_0\x86\QtCore4.dll MOD - [2009-06-19 23:47:52 | 000,293,888 | ---- | M] () -- C:\Users\Robert\WapSter\AQQ Folder\Profiles\JKS\Plugins\SpellChecker.dll MOD - [2009-04-16 02:44:30 | 000,648,704 | ---- | M] () -- C:\Users\Robert\WapSter\AQQ Folder\Profiles\JKS\Plugins\detonator.dll MOD - [2008-11-29 17:18:54 | 000,250,880 | ---- | M] () -- C:\Users\Robert\WapSter\AQQ Folder\Profiles\JKS\Plugins\AQQRadio.dll MOD - [2006-04-25 13:16:54 | 000,033,792 | ---- | M] () -- C:\PROGRA~2\AIMP2\Plugins\Cosmic.svp MOD - [2002-10-03 13:10:56 | 000,073,728 | ---- | M] () -- C:\PROGRA~2\AIMP2\Plugins\PixelBallet.svp MOD - [2001-07-18 19:18:24 | 000,058,368 | ---- | M] () -- C:\PROGRA~2\AIMP2\Plugins\RabbitHole11.svp [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2011-08-11 01:47:10 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2011-08-10 13:58:32 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:[b]64bit:[/b] - [2010-05-20 16:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012-06-16 13:10:28 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-06-16 12:51:30 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-06-05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-03-19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012-01-04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-11-14 11:16:38 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\Robert\AppData\Local\Temp\7zS4C69\hpslpsvc64.dll -- (HPSLPSVC) SRV - [2011-03-13 11:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent) SRV - [2011-03-13 11:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2010-09-17 12:14:50 | 000,098,304 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance) SRV - [2010-09-17 12:14:42 | 003,735,552 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-12-15 11:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009-06-15 18:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007-12-18 11:15:00 | 000,104,960 | ---- | M] (ArcSoft) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-04-23 13:26:26 | 000,154,272 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-11-01 11:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:[b]64bit:[/b] - [2011-11-01 11:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64) DRV:[b]64bit:[/b] - [2011-08-11 02:39:32 | 009,981,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2011-08-11 01:10:06 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2011-08-09 15:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2011-08-04 10:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:[b]64bit:[/b] - [2011-08-04 10:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2011-08-04 10:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:[b]64bit:[/b] - [2011-08-04 10:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF) DRV:[b]64bit:[/b] - [2011-08-02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2011-06-27 02:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2011-06-10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-06-07 07:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2011-03-18 09:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc) DRV:[b]64bit:[/b] - [2011-03-18 09:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30) DRV:[b]64bit:[/b] - [2011-03-13 11:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:[b]64bit:[/b] - [2011-03-13 11:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:[b]64bit:[/b] - [2011-03-13 11:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:[b]64bit:[/b] - [2011-03-13 11:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:[b]64bit:[/b] - [2011-03-13 11:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b]64bit:[/b] - [2011-03-13 11:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:[b]64bit:[/b] - [2011-03-13 11:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-02-25 18:42:18 | 000,016,768 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger) DRV:[b]64bit:[/b] - [2011-01-18 18:16:46 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b]64bit:[/b] - [2010-12-31 19:30:10 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2010-07-01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV:[b]64bit:[/b] - [2010-05-20 16:26:28 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VX1000.sys -- (VX1000) DRV:[b]64bit:[/b] - [2010-04-21 07:02:00 | 000,005,632 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rminiv3.sys -- (mirrorv3) DRV:[b]64bit:[/b] - [2010-02-18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:[b]64bit:[/b] - [2009-10-26 04:43:18 | 000,038,944 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UUSB.sys -- (RTL2832UUSB) DRV:[b]64bit:[/b] - [2009-10-26 04:43:16 | 000,117,152 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA) DRV:[b]64bit:[/b] - [2009-10-05 15:22:20 | 000,044,320 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 02:21:35 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthMtpEnum.sys -- (BthMtpEnum) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2009-02-17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:[b]64bit:[/b] - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:[b]64bit:[/b] - [2007-02-16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV:[b]64bit:[/b] - [2007-02-07 17:51:18 | 000,169,496 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adiusbawx64.sys -- (adiusbaw) DRV - [2011-05-25 20:06:20 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009-10-26 04:43:18 | 000,038,944 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UUSB.sys -- (RTL2832UUSB) DRV - [2009-10-26 04:43:16 | 000,117,152 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys -- (RTL2832UBDA) DRV - [2009-10-05 15:22:20 | 000,044,320 | R--- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) DRV - [2007-02-16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Google " FF - prefs.js..browser.search.order.1: "Google " FF - prefs.js..browser.search.selectedEngine: "Google " FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_10.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_10.0 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-06-19 00:48:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: c:\program files (x86)\Mozilla Firefox\components [2012-06-16 12:51:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: c:\program files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-06-17 21:27:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-02-11 17:07:44 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Robert\AppData\Roaming\IDM\idmmzcc5 [2012-06-17 21:02:04 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Robert\AppData\Roaming\IDM\idmmzcc5 [2012-06-17 21:02:04 | 000,000,000 | ---D | M] [2011-10-30 17:36:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Extensions [2012-06-20 16:54:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\e8fyq4a7.default\extensions [2012-06-16 12:51:42 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\e8fyq4a7.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2011-12-27 13:39:29 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\e8fyq4a7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012-01-29 16:09:31 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\e8fyq4a7.default\extensions\IplextoALL@ALLPlayer.org [2012-04-23 15:02:51 | 000,000,000 | ---D | M] (Wappalyzer) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\e8fyq4a7.default\extensions\wappalyzer@crunchlabz.com [2011-10-31 00:02:58 | 000,001,936 | ---- | M] () -- C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\e8fyq4a7.default\searchplugins\bilety-lotnicze.xml [2012-05-20 15:13:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-05-20 15:13:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-06-17 21:02:04 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\ROBERT\APPDATA\ROAMING\IDM\IDMMZCC5 [2012-05-18 21:39:09 | 000,439,720 | ---- | M] () (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E8FYQ4A7.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}.XPI [2012-06-20 16:54:04 | 000,048,892 | ---- | M] () (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E8FYQ4A7.DEFAULT\EXTENSIONS\{3E9BB2A7-62CA-4EFA-A4E6-F6F6168A652D}.XPI [2011-11-02 22:13:33 | 000,028,993 | ---- | M] () (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E8FYQ4A7.DEFAULT\EXTENSIONS\{75CEEE46-9B64-46F8-94BF-54012DE155F0}.XPI [2012-02-04 13:59:13 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E8FYQ4A7.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012-05-20 03:33:02 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E8FYQ4A7.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI [2011-10-30 23:47:59 | 000,010,043 | ---- | M] () (No name found) -- C:\USERS\ROBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E8FYQ4A7.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI [2012-06-16 12:51:31 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-06-16 12:51:27 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-16 12:51:27 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-16 12:51:27 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-16 12:51:27 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-06-16 12:51:27 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-16 12:51:27 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-12-22 17:11:00 | 000,000,833 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVONA Software Sp. z o.o.) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVONA Software Sp. z o.o.) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVONA Software Sp. z o.o.) O3 - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVONA Software Sp. z o.o.) O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [IR_SERVER] C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe File not found O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000..\Run: [] File not found O4 - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000..\Run: [IVONA ControlCenter] C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe (IVONA Software Sp. z o.o.) O4 - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000..\Run: [IVONA Reader] C:\Program Files (x86)\IVONA\IVONA Reader\IVONA Reader.exe (IVONA Software Sp. z o.o.) O4 - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O4 - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000..\Run: [Odkurzacz-MCD] C:\Program Files (x86)\Odkurzacz\odk_mcd.exe (Franmo Software) O4 - HKU\S-1-5-21-2235639501-3007684480-1806095362-1000..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Robert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:[b]64bit:[/b] - Extra context menu item: Ściągnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8:[b]64bit:[/b] - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Robert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{64EB7665-A2E7-4B11-B310-D74C87366EB0}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{713C7247-60C2-4709-8245-C4EEBC804B24}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-06-23 13:30:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload [2012-06-23 12:06:11 | 000,000,000 | R--D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [2012-06-20 21:55:26 | 000,106,496 | ---- | C] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe [2012-06-20 21:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II [2012-06-20 17:15:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo II [2012-06-19 13:54:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Perfect Copy [2012-06-19 12:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 [2012-06-19 10:21:30 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012-06-19 10:21:30 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012-06-19 10:21:30 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012-06-19 10:21:10 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012-06-19 10:21:10 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012-06-19 10:21:10 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012-06-19 10:20:51 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012-06-19 10:20:51 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012-06-19 00:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared [2012-06-19 00:48:26 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2012-06-19 00:48:17 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll [2012-06-19 00:48:17 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll [2012-06-19 00:48:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2012-06-19 00:48:16 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2012-06-18 16:19:36 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012-06-18 13:46:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft [2012-06-18 13:46:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlySoft [2012-06-17 18:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012-06-17 18:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012-06-17 17:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite [2012-06-17 17:50:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PCSuite [2012-06-17 17:50:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations [2012-06-17 17:29:04 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Games [2012-06-17 14:50:16 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Apple [2012-06-17 14:37:14 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\RealNetworks [2012-06-17 14:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2012-06-17 14:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real [2012-06-17 13:20:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle [2012-06-17 13:19:54 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012-06-17 13:19:54 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012-06-17 13:19:44 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012-06-17 13:19:44 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012-06-16 23:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NPCC3 [2012-06-16 23:01:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NPCC3 [2012-06-16 22:58:56 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012-06-16 22:58:56 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012-06-16 15:04:35 | 000,268,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012-06-16 15:04:22 | 000,189,360 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012-06-16 15:04:22 | 000,188,840 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012-06-16 15:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-06-16 13:24:23 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Macromedia [2012-06-16 12:19:13 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-06-16 12:19:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-06-16 12:19:11 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-06-16 12:19:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-06-16 12:19:09 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-06-16 12:19:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-06-16 12:19:08 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012-06-16 12:19:08 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012-06-16 12:19:05 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-06-16 12:19:05 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-06-16 12:19:04 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012-06-16 12:19:04 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012-06-16 12:19:04 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012-06-15 12:55:04 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012-06-15 12:55:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012-06-15 12:55:04 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012-06-15 12:54:40 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012-06-15 12:54:38 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012-06-15 12:54:36 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012-06-15 12:54:31 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012-06-15 12:54:20 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012-06-15 12:54:19 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012-06-07 08:18:01 | 000,154,272 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys [2012-05-29 15:28:59 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\winn [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-06-23 15:21:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-06-23 14:15:46 | 001,549,932 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-06-23 14:15:46 | 000,698,146 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-06-23 14:15:46 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-06-23 14:15:46 | 000,135,224 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-06-23 14:15:46 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-06-23 13:23:00 | 000,128,512 | ---- | M] () -- C:\Users\Robert\Desktop\SAM.Broadcaster.x86.v4.9.1-RES-patch.exe [2012-06-23 12:13:31 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-06-23 12:13:31 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-06-23 12:06:00 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2012-06-23 12:05:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-06-23 12:05:40 | 2800,357,376 | -HS- | M] () -- C:\hiberfil.sys [2012-06-23 02:45:09 | 000,000,600 | ---- | M] () -- C:\Users\Robert\winscp.RND [2012-06-22 16:56:39 | 000,019,862 | ---- | M] () -- C:\Windows\DIIUnin.dat [2012-06-22 16:54:42 | 000,021,840 | ---- | M] () -- C:\Windows\SysWow64\SIntfNT.dll [2012-06-22 16:54:42 | 000,017,212 | ---- | M] () -- C:\Windows\SysWow64\SIntf32.dll [2012-06-22 16:54:42 | 000,012,067 | ---- | M] () -- C:\Windows\SysWow64\SIntf16.dll [2012-06-22 16:21:29 | 000,001,905 | ---- | M] () -- C:\Users\Public\Desktop\Diablo II.lnk [2012-06-22 15:23:49 | 000,000,698 | ---- | M] () -- C:\Users\Robert\Desktop\Facebook.website [2012-06-22 15:23:49 | 000,000,491 | ---- | M] () -- C:\Users\Robert\Desktop\PCWorld.website [2012-06-21 18:57:12 | 000,161,032 | ---- | M] () -- C:\Users\Robert\Desktop\Block'D.jar [2012-06-20 22:30:55 | 000,000,041 | -HS- | M] () -- C:\ProgramData\.zreglib [2012-06-20 21:55:26 | 000,106,496 | ---- | M] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe [2012-06-20 21:55:26 | 000,002,829 | ---- | M] () -- C:\Windows\DIIUnin.pif [2012-06-20 00:24:37 | 021,312,672 | ---- | M] () -- C:\Users\Robert\Desktop\Diablo 2.filmy.sub [2012-06-20 00:24:33 | 000,000,771 | ---- | M] () -- C:\Users\Robert\Desktop\Diablo 2.filmy.ccd [2012-06-20 00:08:29 | 709,085,664 | ---- | M] () -- C:\Users\Robert\Desktop\Diablo 2.gra ccd.img [2012-06-20 00:08:29 | 028,942,272 | ---- | M] () -- C:\Users\Robert\Desktop\Diablo 2.gra ccd.sub [2012-06-20 00:08:25 | 000,000,771 | ---- | M] () -- C:\Users\Robert\Desktop\Diablo 2.gra ccd.ccd [2012-06-19 23:45:15 | 026,439,936 | ---- | M] () -- C:\Users\Robert\Desktop\Diablo 2.sub [2012-06-19 23:45:11 | 000,000,773 | ---- | M] () -- C:\Users\Robert\Desktop\Diablo 2.ccd [2012-06-19 12:02:42 | 000,000,909 | ---- | M] () -- C:\Users\Public\Desktop\AIMP3.lnk [2012-06-19 11:25:46 | 001,629,645 | ---- | M] () -- C:\Users\Robert\Desktop\dom01.jpg [2012-06-19 00:48:42 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2012-06-19 00:48:26 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2012-06-19 00:48:17 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll [2012-06-19 00:48:17 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll [2012-06-19 00:48:16 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2012-06-18 22:23:17 | 000,001,853 | ---- | M] () -- C:\Users\Robert\Desktop\WinSCP.lnk [2012-06-18 17:31:34 | 000,007,341 | ---- | M] () -- C:\Users\Robert\Desktop\djroberto.jpg [2012-06-18 17:30:23 | 000,067,841 | ---- | M] () -- C:\Users\Robert\Desktop\13213065@plugin.gg.aqq.eu_20120618_1_192376b80000d699.jpg [2012-06-18 13:46:19 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\CloneCD.lnk [2012-06-17 18:23:15 | 011,781,834 | R--- | M] () -- C:\Users\Robert\Desktop\b ncn.nbu [2012-06-17 17:50:53 | 000,002,038 | ---- | M] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk [2012-06-17 17:07:01 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk [2012-06-17 13:19:29 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012-06-17 13:19:29 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012-06-17 13:10:49 | 019,988,156 | ---- | M] () -- C:\Users\Robert\Desktop\dorsalis.rar [2012-06-16 23:01:53 | 000,000,909 | ---- | M] () -- C:\Users\Robert\Desktop\NPCC3.lnk [2012-06-16 15:04:05 | 000,955,840 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll [2012-06-16 15:04:05 | 000,839,096 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012-06-16 15:04:05 | 000,268,720 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012-06-16 15:04:05 | 000,189,360 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012-06-16 15:04:05 | 000,188,840 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012-06-16 14:07:20 | 005,011,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-06-16 13:14:16 | 000,104,368 | ---- | M] () -- C:\Users\Robert\Desktop\2922138@plugin.gg.aqq.eu_20120614_1_b6dd8f7c000197b0.jpg [2012-06-16 13:10:28 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-06-16 13:10:28 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-06-07 14:23:37 | 000,067,112 | ---- | M] () -- C:\Users\Robert\Documents\600326_430203213677138_100000623893594_1342296_1523976164_n.jpg [2012-06-07 14:21:35 | 000,068,113 | ---- | M] () -- C:\Users\Robert\Documents\11817_430204627010330_1325319917_n.jpg [2012-06-07 14:20:59 | 000,084,446 | ---- | M] () -- C:\Users\Robert\Documents\375855_430204190343707_86917223_n.jpg [2012-06-07 14:19:24 | 000,095,633 | ---- | M] () -- C:\Users\Robert\Documents\554852_430204517010341_482143361_n.jpg [2012-06-07 14:18:43 | 000,087,437 | ---- | M] () -- C:\Users\Robert\Documents\224995_430203453677114_546914303_n.jpg [2012-06-03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012-06-03 00:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012-06-03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012-06-03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012-06-03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012-06-03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012-06-02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012-06-02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-06-23 13:22:40 | 000,128,512 | ---- | C] () -- C:\Users\Robert\Desktop\SAM.Broadcaster.x86.v4.9.1-RES-patch.exe [2012-06-22 15:21:57 | 000,000,698 | ---- | C] () -- C:\Users\Robert\Desktop\Facebook.website [2012-06-22 15:21:57 | 000,000,491 | ---- | C] () -- C:\Users\Robert\Desktop\PCWorld.website [2012-06-21 18:57:09 | 000,161,032 | ---- | C] () -- C:\Users\Robert\Desktop\Block'D.jar [2012-06-20 21:55:28 | 000,019,862 | ---- | C] () -- C:\Windows\DIIUnin.dat [2012-06-20 21:55:28 | 000,001,905 | ---- | C] () -- C:\Users\Public\Desktop\Diablo II.lnk [2012-06-20 21:55:26 | 000,002,829 | ---- | C] () -- C:\Windows\DIIUnin.pif [2012-06-20 00:21:14 | 021,312,672 | ---- | C] () -- C:\Users\Robert\Desktop\Diablo 2.filmy.sub [2012-06-20 00:21:14 | 000,000,771 | ---- | C] () -- C:\Users\Robert\Desktop\Diablo 2.filmy.ccd [2012-06-19 23:58:02 | 709,085,664 | ---- | C] () -- C:\Users\Robert\Desktop\Diablo 2.gra ccd.img [2012-06-19 23:58:02 | 028,942,272 | ---- | C] () -- C:\Users\Robert\Desktop\Diablo 2.gra ccd.sub [2012-06-19 23:57:56 | 000,000,771 | ---- | C] () -- C:\Users\Robert\Desktop\Diablo 2.gra ccd.ccd [2012-06-19 23:40:55 | 026,439,936 | ---- | C] () -- C:\Users\Robert\Desktop\Diablo 2.sub [2012-06-19 23:40:40 | 000,000,773 | ---- | C] () -- C:\Users\Robert\Desktop\Diablo 2.ccd [2012-06-19 12:02:42 | 000,000,909 | ---- | C] () -- C:\Users\Public\Desktop\AIMP3.lnk [2012-06-19 11:23:33 | 001,629,645 | ---- | C] () -- C:\Users\Robert\Desktop\dom01.jpg [2012-06-19 00:48:42 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2012-06-18 23:20:40 | 000,005,586 | ---- | C] () -- C:\Users\Robert\Desktop\mandriusz.jpg [2012-06-18 17:31:34 | 000,007,341 | ---- | C] () -- C:\Users\Robert\Desktop\djroberto.jpg [2012-06-18 17:28:12 | 000,067,841 | ---- | C] () -- C:\Users\Robert\Desktop\13213065@plugin.gg.aqq.eu_20120618_1_192376b80000d699.jpg [2012-06-18 16:19:52 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll [2012-06-18 16:19:52 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll [2012-06-18 16:19:52 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll [2012-06-18 13:58:40 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2012-06-18 13:46:19 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\CloneCD.lnk [2012-06-17 18:22:07 | 011,781,834 | R--- | C] () -- C:\Users\Robert\Desktop\b ncn.nbu [2012-06-17 17:50:53 | 000,002,038 | ---- | C] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk [2012-06-17 13:10:43 | 019,988,156 | ---- | C] () -- C:\Users\Robert\Desktop\dorsalis.rar [2012-06-16 23:01:53 | 000,000,909 | ---- | C] () -- C:\Users\Robert\Desktop\NPCC3.lnk [2012-06-16 13:14:00 | 000,104,368 | ---- | C] () -- C:\Users\Robert\Desktop\2922138@plugin.gg.aqq.eu_20120614_1_b6dd8f7c000197b0.jpg [2012-06-07 14:23:35 | 000,067,112 | ---- | C] () -- C:\Users\Robert\Documents\600326_430203213677138_100000623893594_1342296_1523976164_n.jpg [2012-06-07 14:21:33 | 000,068,113 | ---- | C] () -- C:\Users\Robert\Documents\11817_430204627010330_1325319917_n.jpg [2012-06-07 14:20:57 | 000,084,446 | ---- | C] () -- C:\Users\Robert\Documents\375855_430204190343707_86917223_n.jpg [2012-06-07 14:19:21 | 000,095,633 | ---- | C] () -- C:\Users\Robert\Documents\554852_430204517010341_482143361_n.jpg [2012-06-07 14:18:28 | 000,087,437 | ---- | C] () -- C:\Users\Robert\Documents\224995_430203453677114_546914303_n.jpg [2012-02-09 21:30:25 | 000,073,832 | R--- | C] () -- C:\Windows\SysWow64\SuperFrameSplitter.dll [2012-02-09 21:30:25 | 000,053,248 | R--- | C] () -- C:\Windows\SysWow64\RTKDABMWare.dll [2012-01-21 17:12:11 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012-01-21 17:12:11 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2011-12-29 22:40:56 | 000,000,600 | ---- | C] () -- C:\Users\Robert\winscp.RND [2011-12-19 16:24:32 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-12-15 15:29:05 | 000,004,438 | ---- | C] () -- C:\Users\Robert\AppData\Local\setup.exe [2011-12-11 17:16:26 | 000,000,046 | ---- | C] () -- C:\Windows\adiras.ini [2011-12-10 14:55:24 | 000,004,427 | ---- | C] () -- C:\Users\Robert\AppData\Local\promo.exe [2011-11-12 21:12:46 | 000,000,600 | ---- | C] () -- C:\Users\Robert\AppData\Local\PUTTY.RND [2011-10-30 16:04:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-10-30 14:51:04 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011-08-10 14:01:46 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [color=#E56717]========== LOP Check ==========[/color] [2012-02-11 19:33:30 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\ESET [2012-06-23 14:50:45 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\AIMP3 [2011-12-19 16:43:22 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\BESTplayer [2012-06-23 03:02:48 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\DMCache [2012-01-01 20:22:38 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\DVDVideoSoft [2011-12-27 13:38:31 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\DVDVideoSoftIEHelpers [2012-02-19 02:10:23 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\EMCO [2012-02-06 12:34:46 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\ESET [2012-01-06 15:31:23 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\GHISLER [2012-06-17 21:01:12 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\IDM [2011-11-26 20:27:14 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\ImgBurn [2011-12-26 19:02:43 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\IrfanView [2012-02-16 18:11:35 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\IsolatedStorage [2011-11-15 20:16:10 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\IVONA ControlCenter [2011-11-15 22:46:43 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\IVONA Reader [2011-11-17 15:22:07 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\jAlbum [2012-06-17 17:57:02 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Nokia [2012-01-06 02:05:11 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Notepad++ [2012-06-22 17:58:55 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\PC Suite [2012-02-29 16:52:36 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Radmin [2012-02-11 16:30:47 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\TeamViewer [2011-11-04 20:12:59 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Thunderbird [2012-02-09 18:25:47 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Tlen.pl [2011-12-19 16:52:33 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\XBMC [2012-02-11 21:28:52 | 000,000,000 | ---D | M] -- C:\Users\xbmc\AppData\Roaming\ESET [2012-06-21 22:40:26 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 24 bytes -> C:\Windows:BE468CF2979276F1 < End of report >