OTL logfile created on: 2012-06-29 00:54:28 - Run 1 OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Rafał\Downloads\Olt 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,87 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 53,58% Memory free 7,73 Gb Paging File | 5,72 Gb Available in Paging File | 74,05% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 232,65 Gb Total Space | 15,31 Gb Free Space | 6,58% Space Free | Partition Type: NTFS Drive D: | 232,72 Gb Total Space | 34,06 Gb Free Space | 14,63% Space Free | Partition Type: NTFS Computer Name: RAFAŁ-TOSHIBA | User Name: Rafał | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-06-29 00:42:26 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Downloads\Olt\OTL.exe PRC - [2012-06-22 14:44:10 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012-06-13 15:20:09 | 000,686,280 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe PRC - [2012-05-29 14:55:35 | 001,028,776 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Netia\Bezpieczny Internet\Anti-Virus\fssm32.exe PRC - [2012-05-29 14:55:33 | 000,561,832 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Netia\Bezpieczny Internet\Anti-Virus\fsgk32.exe PRC - [2012-02-28 18:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- D:\Program Files (x86)\Hamachi\hamachi-2-ui.exe PRC - [2012-02-28 08:40:27 | 000,307,824 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe PRC - [2011-11-08 15:18:00 | 000,488,104 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Netia\Bezpieczny Internet\Anti-Virus\fsav32.exe PRC - [2011-06-16 09:24:20 | 000,141,824 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe PRC - [2011-06-14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2011-06-08 13:02:00 | 000,633,856 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe PRC - [2011-05-23 20:51:28 | 000,061,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Netia\Bezpieczny Internet\ORSP Client\fsorsp.exe PRC - [2011-01-05 17:09:54 | 000,201,384 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Netia\Bezpieczny Internet\Common\FSM32.EXE PRC - [2011-01-05 17:09:54 | 000,189,096 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Netia\Bezpieczny Internet\Common\FSMA32.EXE PRC - [2011-01-05 17:09:54 | 000,090,792 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Netia\Bezpieczny Internet\Common\FSHDLL32.EXE PRC - [2011-01-05 17:09:06 | 000,221,864 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Netia\Bezpieczny Internet\Anti-Virus\fsgk32st.exe PRC - [2010-10-12 16:54:56 | 003,267,072 | ---- | M] () -- C:\Program Files (x86)\G7-630\G7_8-in-Right.exe PRC - [2010-03-09 02:23:22 | 001,086,760 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe PRC - [2010-02-24 01:54:48 | 002,454,840 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe PRC - [2010-02-22 13:23:50 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe PRC - [2010-01-15 14:08:38 | 000,935,208 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009-12-09 16:21:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009-12-09 16:21:52 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009-07-28 20:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe PRC - [2009-03-10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2007-04-27 08:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe PRC - [2007-04-27 02:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-01-05 17:09:16 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Netia\Bezpieczny Internet\FSGUI\strres.eng MOD - [2011-01-05 17:09:14 | 000,553,640 | ---- | M] () -- C:\Program Files (x86)\Netia\Bezpieczny Internet\FSGUI\gres.dll MOD - [2011-01-05 17:09:12 | 000,443,048 | ---- | M] () -- C:\Program Files (x86)\Netia\Bezpieczny Internet\FSGUI\about.dll MOD - [2011-01-05 17:09:12 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Netia\Bezpieczny Internet\FSGUI\flyerres.eng MOD - [2011-01-05 17:09:12 | 000,090,792 | ---- | M] () -- C:\Program Files (x86)\Netia\Bezpieczny Internet\FSGUI\aboutres.dll MOD - [2011-01-05 17:09:12 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Netia\Bezpieczny Internet\FSGUI\fsavures.eng MOD - [2010-10-12 16:54:56 | 003,267,072 | ---- | M] () -- C:\Program Files (x86)\G7-630\G7_8-in-Right.exe MOD - [2010-10-11 10:13:52 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\G7-630\dll\DLL_MouseDeviceManager.dll MOD - [2010-09-20 14:19:05 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\G7-630\dll\DLL_MouseEventHook.dll MOD - [2010-09-20 14:19:04 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\G7-630\dll\DLL_AnalyzeGesturesInOne.dll MOD - [2010-09-20 14:19:01 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\G7-630\dll\DLL_AnalyzeGesturesInRight.dll MOD - [2010-09-20 14:18:57 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\G7-630\dll\DLL_ZoomControl.dll MOD - [2010-09-20 14:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\G7-630\dll\DLL_ScrollbarControl.dll MOD - [2010-09-20 14:18:50 | 000,117,760 | ---- | M] () -- C:\Program Files (x86)\G7-630\dll\DLL_Wheel4D.dll MOD - [2010-09-08 09:33:21 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\G7-630\Data\K3G\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll MOD - [2010-08-30 09:59:51 | 000,066,048 | ---- | M] () -- C:\Program Files (x86)\G7-630\Data\K3G\Forms\VisualSkin\VisualSkin.dll MOD - [2009-12-17 17:55:54 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\G7-630\Data\K3G\Forms\KeyboardLEDForm\KeyboardLEDForm.dll MOD - [2009-11-30 10:58:29 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\G7-630\Data\K3G\Forms\GetMultiLanguageTexts\GetMultiLanguageTexts.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-03-29 15:40:34 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:[b]64bit:[/b] - [2010-09-22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2010-04-06 15:53:14 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service) SRV:[b]64bit:[/b] - [2010-03-15 09:56:20 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2010-02-23 17:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv) SRV:[b]64bit:[/b] - [2010-02-05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) SRV:[b]64bit:[/b] - [2009-11-05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV:[b]64bit:[/b] - [2009-07-28 14:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2007-03-22 04:26:14 | 000,566,704 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxbxcoms.exe -- (lxbx_device) SRV - [2012-06-27 18:06:19 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-06-22 14:44:10 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012-06-13 15:20:10 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-06-04 21:53:04 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-03-29 15:48:40 | 002,028,864 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012-03-29 15:40:26 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-02-28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files (x86)\Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011-06-08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011-05-23 20:51:28 | 000,061,088 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Netia\Bezpieczny Internet\ORSP Client\fsorsp.exe -- (FSORSPClient) SRV - [2011-02-11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) SRV - [2011-01-05 17:09:54 | 000,189,096 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Netia\Bezpieczny Internet\Common\FSMA32.EXE -- (FSMA) SRV - [2011-01-05 17:09:34 | 000,846,504 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Netia\Bezpieczny Internet\FWES\program\fsdfwd.exe -- (FSDFWD) SRV - [2011-01-05 17:09:06 | 000,221,864 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Netia\Bezpieczny Internet\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-02-25 13:07:14 | 000,196,464 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2010-02-11 02:40:12 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) SRV - [2010-01-28 16:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService) SRV - [2010-01-15 14:08:38 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009-12-09 16:21:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009-12-09 16:21:52 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-03-10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2007-04-27 08:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer) SRV - [2007-04-27 02:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer) SRV - [2007-03-22 04:25:48 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxbxcoms.exe -- (lxbx_device) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-05-09 15:24:42 | 000,055,960 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-10-24 19:24:12 | 000,030,496 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PPFlt.sys -- (PrivacyProtectorMP) DRV:[b]64bit:[/b] - [2011-10-24 19:24:12 | 000,030,496 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PPFlt.sys -- (Passthru) DRV:[b]64bit:[/b] - [2011-05-18 10:14:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:[b]64bit:[/b] - [2011-05-18 10:14:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:[b]64bit:[/b] - [2011-05-18 10:14:16 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:[b]64bit:[/b] - [2011-05-18 10:14:12 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:[b]64bit:[/b] - [2011-05-18 10:09:48 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:[b]64bit:[/b] - [2011-05-18 10:09:48 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-03-01 23:49:41 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2011-01-05 17:09:34 | 000,094,280 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fsdfw.sys -- (FSFW) DRV:[b]64bit:[/b] - [2011-01-05 17:09:26 | 000,046,664 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fses.sys -- (FSES) DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-09-23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:[b]64bit:[/b] - [2010-05-17 05:02:00 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2010-04-27 04:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm) DRV:[b]64bit:[/b] - [2010-04-27 04:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV:[b]64bit:[/b] - [2010-04-27 04:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV:[b]64bit:[/b] - [2010-03-15 10:06:28 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010-03-15 09:00:58 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010-03-10 18:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2010-03-05 11:11:30 | 000,720,952 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDMI64.sys -- (CnxtHdmiAudService) DRV:[b]64bit:[/b] - [2010-02-22 18:03:42 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:[b]64bit:[/b] - [2010-02-03 16:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:[b]64bit:[/b] - [2010-02-03 11:04:00 | 000,060,408 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb) DRV:[b]64bit:[/b] - [2010-02-01 10:29:48 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b]64bit:[/b] - [2010-01-18 17:45:50 | 000,717,368 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:[b]64bit:[/b] - [2010-01-15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009-09-24 17:55:00 | 000,212,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd) DRV:[b]64bit:[/b] - [2009-09-17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:[b]64bit:[/b] - [2009-08-05 12:56:00 | 000,063,856 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd) DRV:[b]64bit:[/b] - [2009-07-30 19:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst) DRV:[b]64bit:[/b] - [2009-07-28 20:02:00 | 000,081,768 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom) DRV:[b]64bit:[/b] - [2009-07-24 11:33:00 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds) DRV:[b]64bit:[/b] - [2009-07-14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:[b]64bit:[/b] - [2009-07-14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM) DRV:[b]64bit:[/b] - [2009-07-13 22:12:00 | 000,019,824 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec) DRV:[b]64bit:[/b] - [2009-07-07 08:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk) DRV:[b]64bit:[/b] - [2009-06-22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect) DRV:[b]64bit:[/b] - [2009-06-19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL) DRV:[b]64bit:[/b] - [2009-06-19 10:00:00 | 000,094,336 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid) DRV:[b]64bit:[/b] - [2009-06-19 09:59:00 | 000,050,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp) DRV:[b]64bit:[/b] - [2009-06-17 12:01:00 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte) DRV:[b]64bit:[/b] - [2009-06-10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-03-27 15:25:10 | 000,027,160 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc) DRV:[b]64bit:[/b] - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:[b]64bit:[/b] - [2007-04-27 08:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64) DRV - [2012-05-29 14:56:06 | 000,199,848 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Netia\Bezpieczny Internet\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper) DRV - [2011-08-18 08:00:26 | 000,042,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts) DRV - [2011-01-05 17:09:48 | 000,060,040 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Netia\Bezpieczny Internet\HIPS\drivers\fshs.sys -- (F-Secure HIPS) DRV - [2011-01-05 17:09:06 | 000,014,904 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Netia\Bezpieczny Internet\Anti-Virus\minifilter\fsvista.sys -- (fsvista) DRV - [2010-11-29 20:27:40 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{986E4A0D-A632-4ED4-9914-CC88A2232BE6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{3A7011D2-933D-4956-8B76-1A8F00EB5B02}: "URL" = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.onet.pl/ IE - HKCU\..\SearchScopes,DefaultScope = {3A7011D2-933D-4956-8B76-1A8F00EB5B02} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_pl IE - HKCU\..\SearchScopes\{F951D138-3488-4B8A-96CA-BC498E93B49F}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaulturl: "Yahoo" FF - prefs.js..browser.search.order.1: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950&ilc=12" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes) FF - HKLM\Software\MozillaPlugins\@vividas.com/npVividasPlayer: D:\Program Files (x86)\Player\npVividasPlayer.dll ( ) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Rafał\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011-07-16 13:42:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-04 21:53:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011-07-16 13:42:19 | 000,000,000 | ---D | M] [2012-06-29 00:27:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Extensions [2012-06-29 00:46:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\a5q596tk.default\extensions [2012-03-24 22:14:32 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\a5q596tk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012-05-12 14:29:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\a5q596tk.default\extensions\IplextoALL@ALLPlayer.org [2012-06-15 23:54:36 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\a5q596tk.default\extensions\OneClickDownload@OneClickDownload.com [2012-06-29 00:27:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-04-14 20:10:09 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} File not found (No name found) -- C:\USERS\RAFAĹ‚\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5Q596TK.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C} [2012-06-04 21:53:05 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-06-04 21:53:02 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2010-09-14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\BearShareWebSearch.xml [2012-06-04 21:53:02 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-04 21:53:02 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-04 21:53:02 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-06-04 21:53:02 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-04 21:53:02 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll File not found O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll File not found O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll File not found O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll () O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - !{5911488E-9D1E-40ec-8CBB-06B231CC153F} - No CLSID value found. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{5911488E-9D1E-40ec-8CBB-06B231CC153F} - No CLSID value found. O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll File not found O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe () O4:[b]64bit:[/b] - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH) O4:[b]64bit:[/b] - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH) O4:[b]64bit:[/b] - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Netia\Bezpieczny Internet\Common\FSM32.EXE (F-Secure Corporation) O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files (x86)\Netia\Bezpieczny Internet\FSGUI\TNBUtil.exe (F-Secure Corporation) O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NBAgent] c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe () O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Users\Rafał\AppData\Local\Akamai\netsession_win.exe" File not found O4 - HKCU..\Run: [ALLUpdate] "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" File not found O4 - HKCU..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group) O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [HP Deskjet 3070 B611 series (NET)] C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) O4 - HKCU..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.) O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) O4 - HKCU..\Run: [OscarEditor] C:\Program Files (x86)\G7-630\G7_8-in-Right.exe () O4 - HKCU..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.) O4 - Startup: C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kuma_Tray.lnk = C:\Program Files (x86)\Kuma Games\kgsystray\Kuma_tray.exe () O4 - Startup: C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Driver Parallel Lines.LNK = D:\Program Files (x86)\Ubisoft\Driver Parallel Lines\Register\RegistrationReminder.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8:[b]64bit:[/b] - Extra context menu item: Free YouTube Download - C:\Users\Rafał\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Rafał\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Netia\Bezpieczny Internet\FSPS\program\fslsp_x64.dll (F-Secure Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Netia\Bezpieczny Internet\FSPS\program\fslsp_x64.dll (F-Secure Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Netia\Bezpieczny Internet\FSPS\program\fslsp_x64.dll (F-Secure Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Netia\Bezpieczny Internet\FSPS\program\fslsp_x64.dll (F-Secure Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Netia\Bezpieczny Internet\FSPS\program\fslsp_x64.dll (F-Secure Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Netia\Bezpieczny Internet\FSPS\program\fslsp_x64.dll (F-Secure Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Netia\Bezpieczny Internet\FSPS\program\fslsp_x64.dll (F-Secure Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Netia\Bezpieczny Internet\FSPS\program\fslsp_x64.dll (F-Secure Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Program Files (x86)\Netia\Bezpieczny Internet\FSPS\program\fslsp_x64.dll (F-Secure Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Program Files (x86)\Netia\Bezpieczny Internet\FSPS\program\fslsp_x64.dll (F-Secure Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000021 - C:\Program Files (x86)\Netia\Bezpieczny Internet\FSPS\program\fslsp_x64.dll (F-Secure Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class) O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab (Battlefield Play4Free Updater) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe (Virtools WebPlayer Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6C41B2E-10AC-40B9-8BE9-DEDB3487772E}: DhcpNameServer = 192.168.1.254 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll) - File not found O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll) - File not found O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll) - File not found O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll) - File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{1bdd38e1-4403-11e0-9295-00266c645275}\Shell - "" = AutoRun O33 - MountPoints2\{1bdd38e1-4403-11e0-9295-00266c645275}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-06-29 00:51:57 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Raporty [2012-06-28 21:46:23 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\Norman Malware Cleaner [2012-06-28 17:17:36 | 000,000,000 | ---D | C] -- C:\Users\Rafał\DoctorWeb [2012-06-28 15:50:30 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Malwarebytes [2012-06-28 15:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-06-28 14:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012-06-25 00:14:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012-06-24 23:02:01 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\KF 1033 [2012-06-23 22:18:34 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\{1FA9D29E-959A-4B59-A2B5-82E92010F7C8} [2012-06-23 22:18:05 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\{01F6C190-67F6-4CD5-9DF0-68CA5BE843AD} [2012-06-23 11:42:05 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012-06-23 11:42:05 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012-06-23 11:42:04 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012-06-23 11:41:59 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012-06-23 11:41:59 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012-06-23 11:41:58 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012-06-23 11:41:54 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012-06-23 11:41:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012-06-22 14:42:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012-06-17 17:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst [2012-06-17 17:09:31 | 015,542,216 | ---- | C] (GamersFirst) -- C:\Users\Rafał\Desktop\GamersFirst_LIVE!_Setup_EN.exe [2012-06-16 19:34:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Components [2012-06-16 19:33:32 | 000,286,720 | ---- | C] (Ejay AG) -- C:\Windows\SysWow64\EjWaveEditorCtrl.ocx [2012-06-16 19:33:31 | 000,348,160 | ---- | C] (eJay AG) -- C:\Windows\SysWow64\eJ_UniDialog.ocx [2012-06-16 19:33:31 | 000,077,824 | ---- | C] (eJay Entertainment GmbH) -- C:\Windows\SysWow64\eJ_Enumerator.dll [2012-06-16 19:33:30 | 000,159,744 | ---- | C] (Dart Communications) -- C:\Windows\SysWow64\DartSock.dll [2012-06-16 19:33:30 | 000,106,496 | ---- | C] (Dart Communications) -- C:\Windows\SysWow64\DartWeb.dll [2012-06-16 19:33:30 | 000,100,864 | ---- | C] (zwei) -- C:\Windows\SysWow64\eJ_Explorer.ocx [2012-06-16 19:33:28 | 000,236,032 | ---- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll [2012-06-16 19:33:28 | 000,036,864 | ---- | C] (eJay) -- C:\Windows\SysWow64\eJayWMExport.dll [2012-06-16 19:33:25 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msvbvm50.dll [2012-06-16 19:32:27 | 000,097,280 | ---- | C] (Common Controls Replacement Project (CCRP)) -- C:\Windows\SysWow64\ccrpbds5.dll [2012-06-15 23:54:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload [2012-06-15 18:32:24 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\{4476A73A-6254-4275-97C0-B16FDD78B505} [2012-06-13 14:05:23 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-06-13 14:05:23 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-06-13 14:05:22 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-06-13 14:05:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-06-13 14:05:21 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-06-13 14:05:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-06-13 14:05:21 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012-06-13 14:05:21 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012-06-13 14:05:19 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012-06-13 14:05:19 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-06-13 14:05:19 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-06-13 14:05:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012-06-13 14:05:18 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012-06-13 01:08:58 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012-06-13 01:08:58 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012-06-13 01:08:57 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012-06-13 01:08:22 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012-06-13 01:08:13 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012-06-13 01:08:11 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012-06-13 01:08:00 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012-06-13 01:07:31 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012-06-13 01:07:30 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012-06-12 01:29:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VUGames [2012-06-07 19:01:49 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\Plex [2012-06-07 18:55:05 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plex Media Center [2012-06-07 18:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plex [2012-06-07 16:13:21 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\{DF78754A-8E54-40A3-A59A-F1D92C1DD787} [2012-06-07 16:13:08 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\{BF043571-B135-4755-85F1-F5DA9A5B860F} [2012-06-04 21:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012-06-04 21:53:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012-06-04 07:43:59 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\{F55AC9BC-091C-41BC-B77C-EBF14F352C22} [2012-06-03 17:59:49 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\{7043F1AA-3FDF-4195-A04B-F4609DADDB2D} [2012-06-03 17:59:48 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\{B31A72A5-C4E1-4E31-A358-89B3AE2753D8} [2012-06-03 12:21:07 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\.minecraft [2012-05-31 15:24:41 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\{6ABF6774-8EAA-43D6-9F48-4CB9E9AFA563} [2012-05-31 12:52:52 | 000,143,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iacenc.dll [2012-05-31 11:49:58 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Tank Combat [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-06-29 01:02:58 | 007,077,888 | -HS- | M] () -- C:\Users\Rafał\ntuser.dat [2012-06-29 00:57:00 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job [2012-06-29 00:56:27 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-06-29 00:56:27 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-06-29 00:53:10 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-06-29 00:53:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-06-29 00:49:16 | 000,001,978 | ---- | M] () -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 3070 B611 series (sieć).lnk [2012-06-29 00:47:12 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-06-29 00:47:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-06-29 00:47:00 | 3113,365,504 | -HS- | M] () -- C:\hiberfil.sys [2012-06-29 00:46:29 | 002,739,199 | -H-- | M] () -- C:\Users\Rafał\AppData\Local\IconCache.db [2012-06-29 00:45:41 | 000,609,365 | ---- | M] () -- C:\Users\Rafał\Desktop\adwcleaner.exe [2012-06-29 00:28:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-06-25 19:42:47 | 000,001,100 | ---- | M] () -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Driver Parallel Lines.LNK [2012-06-25 12:18:44 | 000,007,012 | ---- | M] () -- C:\Users\Rafał\Desktop\[kat.ph]killing.floor.update.1033.1034.torrent [2012-06-22 15:32:15 | 000,283,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012-06-22 15:32:15 | 000,283,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-06-22 14:51:34 | 000,283,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012-06-22 14:44:10 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-06-22 12:42:31 | 000,000,272 | ---- | M] () -- C:\Windows\SysWow64\Kolor2.ini [2012-06-22 12:42:31 | 000,000,272 | ---- | M] () -- C:\Windows\SysWow64\Kolor.ini [2012-06-22 12:42:31 | 000,000,033 | ---- | M] () -- C:\Windows\Ustawienia.ini [2012-06-22 12:42:31 | 000,000,018 | ---- | M] () -- C:\Windows\Prog2.ini [2012-06-22 12:42:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Kolor3.ini [2012-06-22 12:42:29 | 000,000,013 | ---- | M] () -- C:\Windows\Prog1.ini [2012-06-17 17:09:41 | 015,542,216 | ---- | M] (GamersFirst) -- C:\Users\Rafał\Desktop\GamersFirst_LIVE!_Setup_EN.exe [2012-06-13 15:20:09 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-06-13 15:20:09 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-06-13 14:48:12 | 000,435,400 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-06-13 14:27:06 | 001,780,354 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-06-13 14:27:06 | 000,771,136 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-06-13 14:27:06 | 000,683,666 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-06-13 14:27:06 | 000,170,800 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-06-13 14:27:06 | 000,134,778 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-06-12 01:54:40 | 000,001,130 | ---- | M] () -- C:\Users\Rafał\Desktop\SWAT 4.lnk [2012-06-12 00:53:39 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl [2012-06-08 23:53:58 | 000,008,704 | ---- | M] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-06-08 21:01:36 | 000,030,496 | ---- | M] () -- C:\Users\Rafał\Desktop\[BitNova.info]swat_4_+_syndykat_pl_dvd_._iso_alien.torrent [2012-06-03 01:26:45 | 000,000,780 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk [2012-06-03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012-06-03 00:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012-06-03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012-06-03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012-06-03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012-06-03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012-06-02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012-06-02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-06-29 00:45:39 | 000,609,365 | ---- | C] () -- C:\Users\Rafał\Desktop\adwcleaner.exe [2012-06-29 00:35:00 | 002,739,199 | -H-- | C] () -- C:\Users\Rafał\AppData\Local\IconCache.db [2012-06-25 19:42:47 | 000,001,100 | ---- | C] () -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Driver Parallel Lines.LNK [2012-06-25 12:18:43 | 000,007,012 | ---- | C] () -- C:\Users\Rafał\Desktop\[kat.ph]killing.floor.update.1033.1034.torrent [2012-06-22 12:42:31 | 000,000,272 | ---- | C] () -- C:\Windows\SysWow64\Kolor2.ini [2012-06-22 12:42:31 | 000,000,272 | ---- | C] () -- C:\Windows\SysWow64\Kolor.ini [2012-06-22 12:42:31 | 000,000,033 | ---- | C] () -- C:\Windows\Ustawienia.ini [2012-06-22 12:42:31 | 000,000,018 | ---- | C] () -- C:\Windows\Prog2.ini [2012-06-22 12:42:31 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Kolor3.ini [2012-06-22 12:42:29 | 000,000,013 | ---- | C] () -- C:\Windows\Prog1.ini [2012-06-16 19:33:29 | 000,029,696 | ---- | C] () -- C:\Windows\SysWow64\pthread.dll [2012-06-16 19:33:28 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\eJayxWaveDest.ax [2012-06-16 19:33:27 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\eJayxQuell.ax [2012-06-12 01:54:40 | 000,001,130 | ---- | C] () -- C:\Users\Rafał\Desktop\SWAT 4.lnk [2012-06-12 00:53:39 | 000,000,011 | R--- | C] () -- C:\Windows\amunres.lsl [2012-06-08 21:01:36 | 000,030,496 | ---- | C] () -- C:\Users\Rafał\Desktop\[BitNova.info]swat_4_+_syndykat_pl_dvd_._iso_alien.torrent [2012-04-27 20:03:52 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Roaming\wklnhst.dat [2012-03-11 00:30:39 | 000,149,132 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2012-01-31 17:46:59 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{5B2AE172-6076-45B9-8EAD-824958ECE8A3} [2012-01-13 00:37:59 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{4ACE4E51-7D9C-47C9-B75B-51DFD241D500} [2012-01-08 16:14:57 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{5B148EC1-6B2F-4E48-B054-B0252B2EEE63} [2012-01-06 12:49:38 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{788605F3-DBDC-4D4E-ABAE-9D48F14053EB} [2012-01-02 21:10:33 | 002,484,592 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_p4f.exe [2011-12-24 18:25:16 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{8236329A-9F47-477B-B232-0B9A507ACD85} [2011-12-19 22:23:10 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{C2E15A1F-1BEC-4B88-9631-AD5E31960438} [2011-12-19 21:06:23 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{40C83712-7A0C-430E-BB70-548D7D838F10} [2011-12-18 19:23:32 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{45F08D17-D1E1-4D2F-9572-C9E6A91E22C5} [2011-12-13 17:56:07 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{DD1CCC89-60B1-4C9E-8FD8-DE423E97C0A4} [2011-12-13 17:54:02 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{D56B3ECC-7ABE-4968-B3AC-1C7F0F943454} [2011-12-10 21:25:46 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{4E7D992F-FA3B-478A-AD95-C2D88F812AAB} [2011-11-29 21:27:26 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{CEBBDDFE-F925-4DAE-8BFD-B62F19B29FF4} [2011-11-19 19:31:45 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{73E723D5-AC83-4E38-8C65-698B7567EC9E} [2011-11-19 18:29:26 | 000,073,615 | ---- | C] () -- C:\Windows\hpqins16.dat [2011-11-19 18:03:04 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2011-11-10 20:32:34 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{445D1A22-82EE-4A6F-8DF5-6ED57C338E22} [2011-10-24 18:35:17 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{DFA23351-C061-426D-953E-3CDB5C303810} [2011-10-21 22:44:29 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{76C1C080-473F-4F00-94E8-261A391D76AC} [2011-10-18 16:36:18 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-10-18 16:36:15 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-10-18 16:36:10 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011-10-18 16:36:10 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011-10-11 17:36:06 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{4CEF8A84-C619-4DEE-B03B-6E9063A93942} [2011-10-07 22:28:35 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2011-10-07 22:24:36 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys [2011-09-28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011-08-23 21:00:40 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll [2011-08-23 21:00:40 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll [2011-08-10 22:17:28 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{5899850F-5929-4EFE-B686-3445AE72CFD8} [2011-08-04 01:12:18 | 000,283,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-08-04 01:12:18 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-08-04 01:12:17 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011-07-18 18:59:06 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{FEE6DFE6-16A6-4863-98D3-1193892AA7A5} [2011-06-25 18:45:15 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{CF92BCCE-6D6E-4C16-B28C-0A10243C19A6} [2011-06-24 14:47:20 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{8DB80EA1-5BC6-479B-B872-5FB159343413} [2011-06-16 15:09:32 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{16FF92E4-D5EE-4655-88BF-ADE282FADD98} [2011-06-02 21:41:51 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{D2B5C9AC-D4F7-49C2-B949-9B6C941F2EA2} [2011-06-01 14:02:15 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{D3A42F8B-1056-4937-A028-2FF76AD6006E} [2011-05-31 08:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll [2011-05-31 08:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll [2011-05-27 09:49:51 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{6B5AABB3-D66F-416B-9403-1EF5E92C88A6} [2011-05-24 14:36:07 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{28F7F010-936C-4DE2-967A-401C86F9592F} [2011-05-19 12:54:52 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{B009E055-A615-435B-84A1-2007A67CC634} [2011-05-13 00:05:00 | 000,000,000 | ---- | C] () -- C:\Users\Rafał\AppData\Local\{0D454D48-A801-4218-BD4E-26D44314DB4D} [2011-04-07 16:27:50 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011-03-11 01:48:53 | 000,007,597 | ---- | C] () -- C:\Users\Rafał\AppData\Local\Resmon.ResmonCfg [2011-03-08 12:06:47 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxpmui.dll [2011-03-08 12:06:47 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxinpa.dll [2011-03-08 12:06:47 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxiesc.dll [2011-03-08 12:06:47 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxbxcomx.dll [2011-03-08 12:06:47 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\lxbxinst.dll [2011-03-08 12:06:46 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxserv.dll [2011-03-08 12:06:46 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxusb1.dll [2011-03-08 12:06:46 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxhbn3.dll [2011-03-08 12:06:46 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxcomc.dll [2011-03-08 12:06:46 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxlmpm.dll [2011-03-08 12:06:46 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxcoms.exe [2011-03-08 12:06:46 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxcomm.dll [2011-03-08 12:06:46 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxih.exe [2011-03-08 12:06:46 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxcfg.exe [2011-03-08 12:06:46 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxppls.exe [2011-03-08 12:06:46 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxprox.dll [2011-03-08 12:06:46 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbxpplc.dll [2011-02-28 17:46:14 | 000,524,288 | -HS- | C] () -- C:\Users\Rafał\ntuser.dat{6b32b645-4346-11e0-9f35-00266c645275}.TMContainer00000000000000000002.regtrans-ms [2011-02-28 17:46:14 | 000,524,288 | -HS- | C] () -- C:\Users\Rafał\ntuser.dat{6b32b645-4346-11e0-9f35-00266c645275}.TMContainer00000000000000000001.regtrans-ms [2011-02-28 17:46:14 | 000,065,536 | -HS- | C] () -- C:\Users\Rafał\ntuser.dat{6b32b645-4346-11e0-9f35-00266c645275}.TM.blf [2011-02-24 19:03:35 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\PCProxyOff.ini [2011-02-24 19:03:19 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\VistaInfo32.dll [2011-02-06 15:24:45 | 000,000,093 | ---- | C] () -- C:\Users\Rafał\AppData\Local\fusioncache.dat [2011-01-15 19:35:11 | 000,524,288 | -HS- | C] () -- C:\Users\Rafał\NTUSER.DAT{a8cde0ab-20cd-11e0-ab89-00266c645275}.TMContainer00000000000000000002.regtrans-ms [2011-01-15 19:35:11 | 000,524,288 | -HS- | C] () -- C:\Users\Rafał\NTUSER.DAT{a8cde0ab-20cd-11e0-ab89-00266c645275}.TMContainer00000000000000000001.regtrans-ms [2011-01-15 19:35:11 | 000,065,536 | -HS- | C] () -- C:\Users\Rafał\NTUSER.DAT{a8cde0ab-20cd-11e0-ab89-00266c645275}.TM.blf [2010-12-27 20:46:23 | 006,814,952 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe [2010-12-27 20:46:23 | 000,017,772 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat [2010-12-12 18:17:36 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll [2010-12-05 16:45:16 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\emfxp.dll [2010-12-05 16:45:16 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\unpdf.exe [2010-11-02 16:43:29 | 000,008,704 | ---- | C] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-10-30 18:06:36 | 000,042,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys [2010-10-30 18:06:10 | 001,736,326 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010-10-30 15:13:01 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat [2010-10-30 15:13:01 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat [2010-10-30 15:13:01 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat [2010-10-30 15:13:01 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat [2010-10-30 15:13:01 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat [2010-10-30 15:13:01 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat [2010-10-30 15:13:01 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat [2010-10-30 15:13:01 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat [2010-10-30 15:13:01 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat [2010-10-30 15:13:01 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat [2010-10-30 15:13:01 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat [2010-10-30 15:13:01 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat [2010-10-30 15:13:01 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat [2010-10-30 15:13:01 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat [2010-10-30 15:13:01 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat [2010-10-30 15:13:01 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat [2010-10-30 15:13:01 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat [2010-10-30 15:13:01 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat [2010-10-30 15:13:01 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2010-10-30 10:58:49 | 000,113,856 | ---- | C] () -- C:\Users\Rafał\AppData\Local\GDIPFONTCACHEV1.DAT [2010-10-30 10:54:52 | 000,000,020 | -HS- | C] () -- C:\Users\Rafał\ntuser.ini [2010-10-30 10:54:51 | 007,077,888 | -HS- | C] () -- C:\Users\Rafał\ntuser.dat [2010-10-30 10:54:51 | 000,524,288 | -HS- | C] () -- C:\Users\Rafał\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010-10-30 10:54:51 | 000,524,288 | -HS- | C] () -- C:\Users\Rafał\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010-10-30 10:54:51 | 000,065,536 | -HS- | C] () -- C:\Users\Rafał\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [color=#E56717]========== LOP Check ==========[/color] [2012-06-25 18:57:17 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\.minecraft [2011-05-08 19:39:42 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\ACD Systems [2011-08-18 14:36:30 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\AIMP3 [2011-09-10 23:46:31 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\AutoUpdate [2011-07-02 23:05:44 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\BHOTS [2011-03-01 23:50:58 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\DAEMON Tools Lite [2012-01-28 22:25:20 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\DBV [2012-03-24 22:14:51 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\DVDVideoSoft [2012-03-24 22:14:29 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\DVDVideoSoftIEHelpers [2010-12-01 21:21:36 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Encyklopedia2005 [2012-03-03 19:54:23 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\EurekaLog [2010-11-08 13:13:31 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\F-Secure [2012-02-21 19:05:41 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\flightgear.org [2011-04-07 22:16:25 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\fltk.org [2010-10-30 20:54:11 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gadu-Gadu 10 [2011-04-19 19:08:37 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\GanymedeNet [2012-04-27 20:15:37 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Hex-Rays [2012-06-29 00:49:27 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\ipla [2012-02-18 21:04:37 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Kuma Games [2011-02-15 00:15:18 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Leadertech [2012-03-10 22:33:44 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\LolClient [2011-10-08 11:16:18 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\ML [2011-09-24 01:16:04 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\MoreTerra [2012-03-18 18:51:52 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Mount&Blade Warband [2012-04-02 17:17:34 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Mount&Blade With Fire and Sword [2012-01-22 16:39:39 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\NapiProjekt [2011-12-29 00:52:02 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Need for Speed World [2011-07-16 15:33:35 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Nokia [2011-07-16 15:33:36 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Nokia Ovi Suite [2010-10-30 20:50:07 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\OpenFM [2011-04-17 22:03:44 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\OwnRooms [2011-07-04 01:17:47 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\PC Suite [2011-03-27 09:38:11 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Pipeliner.5A8F60606AB9E68112BC6FCD53E816B203E65DCC.1 [2011-09-16 21:13:51 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\pymclevel [2011-10-08 13:05:00 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Samsung [2011-02-05 17:43:29 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Screaming Bee [2012-04-15 18:03:46 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Soldat [2012-05-28 16:52:52 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Subversion [2012-05-31 11:49:58 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Tank Combat [2012-04-27 20:03:57 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Template [2011-10-18 21:04:35 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Toshiba [2011-02-20 22:25:05 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\TuneUp Software [2012-01-16 20:39:27 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Unity [2012-06-25 12:56:59 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\uTorrent [2012-05-17 13:45:14 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Visan [2011-05-14 23:47:50 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\wargaming.net [2010-11-11 00:30:43 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\WinBatch [2011-10-23 21:36:28 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Windows Live Writer [2012-06-06 18:18:43 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2011-10-08 18:18:40 | 000,000,000 | ---D | M](C:\Users\Rafał\Documents\?? ???) -- C:\Users\Rafał\Documents\넥슨 플러그 [2010-11-03 23:32:35 | 000,000,000 | ---D | C](C:\Users\Rafał\Documents\?? ???) -- C:\Users\Rafał\Documents\넥슨 플러그 < End of report >