OTL logfile created on: 2012-07-04 11:57:59 - Run 2 OTL by OldTimer - Version 3.2.53.1 Folder = J:\ 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,98 Gb Total Physical Memory | 6,33 Gb Available Physical Memory | 79,29% Memory free 15,97 Gb Paging File | 14,12 Gb Available in Paging File | 88,42% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 101,34 Gb Total Space | 18,27 Gb Free Space | 18,03% Space Free | Partition Type: NTFS Drive D: | 830,08 Gb Total Space | 409,32 Gb Free Space | 49,31% Space Free | Partition Type: NTFS Drive E: | 7,26 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive J: | 7,46 Gb Total Space | 7,36 Gb Free Space | 98,72% Space Free | Partition Type: NTFS Computer Name: LANGA_KOMPUTER | User Name: MASTER | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - File not found -- PRC - [2012-07-03 21:38:30 | 000,595,968 | ---- | M] (OldTimer Tools) -- J:\OTL.exe PRC - [2012-06-19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-06-17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe PRC - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2011-01-07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010-10-05 22:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010-10-05 22:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010-03-10 02:38:18 | 000,086,016 | ---- | M] () -- D:\Programy\3ds_max2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe PRC - [2009-12-19 01:06:00 | 000,814,344 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe PRC - [2008-06-12 03:25:18 | 000,037,232 | ---- | M] (Adobe Systems Incorporated) -- D:\Programy\AdobeAcrobat9\Acrobat\acrobat_sl.exe PRC - [2008-06-11 23:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- D:\Programy\AdobeAcrobat9\Acrobat\acrotray.exe PRC - [2007-09-02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2007-09-02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe MOD - [2007-09-02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-04-01 13:41:13 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2010-09-22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2010-04-06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv) SRV:[b]64bit:[/b] - [2009-12-16 16:44:44 | 003,750,400 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms) SRV:[b]64bit:[/b] - [2009-11-16 09:12:56 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV:[b]64bit:[/b] - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-06-26 02:25:09 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-06-19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-01 14:18:37 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012-02-29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-01-05 18:00:32 | 000,096,768 | ---- | M] (iComarch24 S.A.) [Auto | Running] -- C:\Program Files (x86)\iBard24\IBard24Service.exe -- (IB24Service) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-09-27 04:00:24 | 000,089,160 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- D:\Programy\SolidWorks2011\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost) SRV - [2011-06-17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService) SRV - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011-03-10 02:31:07 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service) SRV - [2011-03-07 18:17:54 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService) SRV - [2011-01-07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-10-05 22:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010-10-05 22:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-03-10 02:38:18 | 000,086,016 | ---- | M] () [Auto | Running] -- D:\Programy\3ds_max2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe -- (mi-raysat_3dsmax2011_64) SRV - [2009-12-19 01:06:00 | 000,814,344 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Corporate.10.0) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Stopped] -- D:\Programy\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-07-03 23:54:18 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2012-03-08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2012-03-01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-01-04 16:28:36 | 000,016,640 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtkdrv.sys -- (TrojanKillerDriver) DRV:[b]64bit:[/b] - [2011-03-11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-12 01:10:49 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2010-09-21 10:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:[b]64bit:[/b] - [2010-09-03 07:59:26 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-07-29 01:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb) DRV:[b]64bit:[/b] - [2010-04-27 12:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger) DRV:[b]64bit:[/b] - [2010-01-05 19:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur) DRV:[b]64bit:[/b] - [2009-11-16 09:07:10 | 000,123,200 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr) DRV:[b]64bit:[/b] - [2009-11-16 09:03:42 | 000,136,584 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2009-11-16 08:56:16 | 000,145,336 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon) DRV:[b]64bit:[/b] - [2009-09-21 08:07:26 | 000,071,040 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf) DRV:[b]64bit:[/b] - [2009-08-20 07:02:06 | 000,130,816 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:35:46 | 000,416,768 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187B.sys -- (RTL8187B) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-03-13 10:55:38 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock) DRV:[b]64bit:[/b] - [2008-09-12 10:31:29 | 000,041,216 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus) DRV:[b]64bit:[/b] - [2008-09-12 10:31:29 | 000,016,000 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini) DRV:[b]64bit:[/b] - [2008-09-12 10:31:16 | 000,131,584 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiK0836.sys -- (SaiK0836) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2007-11-07 12:42:28 | 000,104,912 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2417} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{CDD5DFFC-C1DE-4120-A59C-B050B8B424A9}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=616163&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.0.0.10297 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29 FF - prefs.js..browser.startup.homepage: "http://badoo.com/startpage/"user_pref("browser.startup.page",1);user_pref("keyword.URL","http://badoo.com/startpage/?source=bsb&q=");user_pref("keyword.enabled",true);user_pref("browser.search.defaultenginename","Search");user_pref("browser.search.selectedEngine","Search"); FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\MASTER\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\MASTER\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\MASTER\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-26 18:06:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-06-26 18:06:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-04-18 23:29:12 | 000,000,000 | ---D | M] [2012-07-04 11:50:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MASTER\AppData\Roaming\mozilla\Extensions [2012-06-20 23:11:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MASTER\AppData\Roaming\mozilla\Firefox\extensions [2012-06-20 22:54:52 | 000,000,000 | ---D | M] (DVDVideoSoftTB) -- C:\Users\MASTER\AppData\Roaming\mozilla\Firefox\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2012-07-04 11:50:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MASTER\AppData\Roaming\mozilla\Firefox\Profiles\fyolo6by.default\extensions [2012-07-04 11:53:30 | 000,002,023 | ---- | M] () -- C:\Users\MASTER\AppData\Roaming\Mozilla\Firefox\Profiles\fyolo6by.default\searchplugins\badoo.xml [2012-06-26 15:48:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-06-26 01:43:34 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-06-15 02:21:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-11-27 16:01:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011-10-03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2009-10-14 17:21:24 | 000,155,648 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files (x86)\mozilla firefox\plugins\npEModelPlugin.dll [2008-05-15 15:08:16 | 000,086,016 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\NPQUEST3D.DLL [2011-03-07 18:38:34 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2011-03-07 18:38:34 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2011-03-07 18:38:34 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-03-07 18:38:34 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011-03-07 18:38:34 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-03-07 18:38:34 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\MASTER\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\MASTER\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\MASTER\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\MASTER\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll CHR - plugin: Skype Click to Call (Enabled) = C:\Users\MASTER\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\npSkypeChromePlugin.dll CHR - plugin: (Enabled) = C:\Users\MASTER\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.11.6.8_0\plugins/np-cwmp.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: EModel scriptable Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npEModelPlugin.dll CHR - plugin: Quest3D Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPQUEST3D.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - Extension: Skype Click to Call = C:\Users\MASTER\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\ O1 HOSTS File: ([2012-03-14 17:53:36 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Programy\AdobeAcrobat9\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Programy\AdobeAcrobat9\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Bonus.SSR.FR10] C:\Program Files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe (ABBYY.) O4 - HKCU..\Run: [AlcoholAutomount] D:\Programy\Alcohol 120\axcmd.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe () O4 - HKCU..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe (Badoo) O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:[b]64bit:[/b] - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.62 62.179.1.63 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72CA2DD9-3535-420A-8B61-6ADA0B96A25A}: DhcpNameServer = 62.179.1.62 62.179.1.63 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82F74349-6397-476C-A24E-A145E075955F}: DhcpNameServer = 62.21.99.95 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB9F04FB-62CB-4CF1-905F-3ECEDC52989C}: DhcpNameServer = 192.168.0.1 192.168.10.98 194.204.159.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-03-28 13:39:59 | 000,000,059 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{952173b6-aa52-11e0-99ef-1c6f658fba76}\Shell - "" = AutoRun O33 - MountPoints2\{952173b6-aa52-11e0-99ef-1c6f658fba76}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{ae5cd3cb-4908-11e0-b49c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{ae5cd3cb-4908-11e0-b49c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Installer_Windows.exe -- [2008-10-07 18:54:56 | 004,833,852 | R--- | M] () O33 - MountPoints2\{f85565f6-4229-11e1-94c9-1c6f658fba76}\Shell - "" = AutoRun O33 - MountPoints2\{f85565f6-4229-11e1-94c9-1c6f658fba76}\Shell\AutoRun\command - "" = H:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-04 11:49:55 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\Mozilla [2012-07-03 21:05:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer [2012-07-03 21:05:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GridinSoft Trojan Killer [2012-07-03 10:10:15 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{3B5EDA53-86B0-4644-B9F0-2AB3CB6AC695} [2012-07-03 10:09:51 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{98DB9077-9A08-40B6-9C63-B9FF2156F1E0} [2012-07-02 22:07:30 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{90A4EC6E-6D5E-4A0D-8D99-7D2D204089AF} [2012-06-30 20:21:40 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{2CD87DED-7C7E-455A-AB04-BD64D2D165C6} [2012-06-28 10:00:36 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{690EEDDF-7825-426B-BAD3-CF69FEEBAA23} [2012-06-27 13:59:03 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{972F95AE-A3CF-4786-9819-402D3E88BEBA} [2012-06-27 13:58:38 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{35771A84-4D52-416F-88E2-E442063BCD3A} [2012-06-27 01:58:23 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{0A6CCD96-E8C3-4AE3-81C4-16C3DBFADEC4} [2012-06-27 01:57:59 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{430D8DEC-9DB3-41CE-9B54-DE0B78AF1576} [2012-06-26 21:05:36 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2012-06-26 21:05:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2012-06-26 21:05:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan [2012-06-26 21:05:35 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012-06-26 18:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quest3D [2012-06-26 18:06:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Quest3D [2012-06-26 18:06:42 | 000,000,000 | ---D | C] -- C:\Program Files\quest3d [2012-06-26 18:06:37 | 000,380,688 | ---- | C] (Act-3D B.V. ) -- C:\Users\MASTER\Desktop\quest3dplayer_4_1_t_install.exe [2012-06-26 13:57:33 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{5F56014E-8FB6-4AED-A899-40724979A92A} [2012-06-26 13:57:13 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{05FED76B-56D4-4E5B-BE6A-0641EE0E4736} [2012-06-26 01:52:33 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{D7415DE8-8315-4C65-A64D-8A2B0B8C954C} [2012-06-26 01:52:17 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{5C06B132-0F0C-45CC-B290-0E070259A783} [2012-06-22 06:55:56 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{9898CD9A-FFC4-4EFE-B007-C68AC3B5C0E1} [2012-06-22 06:55:33 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{00301463-4F39-4052-B10E-13C51C0A4D30} [2012-06-22 00:44:46 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012-06-22 00:44:46 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012-06-22 00:44:46 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012-06-22 00:43:53 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012-06-22 00:43:53 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012-06-22 00:43:53 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012-06-22 00:43:02 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012-06-22 00:43:02 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012-06-21 18:55:18 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{C9E01DBD-0989-4486-9A55-005AFFF47871} [2012-06-21 18:54:55 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{AC0CB951-49FA-406E-B608-A8126DC92869} [2012-06-21 06:54:40 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{0360B0AC-4EC1-4F61-990D-9E3F2E636EEE} [2012-06-21 06:54:17 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{FF4543F4-9719-449A-AC01-DEA767E4CA6A} [2012-06-20 22:59:38 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\DVDVideoSoft_Ltd [2012-06-20 22:54:46 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\CRE [2012-06-20 22:54:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2012-06-20 22:54:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2012-06-20 22:54:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2012-06-20 22:54:02 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Roaming\DVDVideoSoft [2012-06-20 20:39:07 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2012-06-20 18:54:02 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{D17F1BA4-8EF9-4910-AAF1-DD5C9A04C10F} [2012-06-20 18:53:39 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{AFC0815C-9094-4D0C-9540-5FD946BC632A} [2012-06-20 16:18:44 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-06-20 06:53:06 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{A72C2578-3D6E-4BE7-A80F-4DE112C2CDF9} [2012-06-20 06:52:42 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{71AAD96B-08BD-4994-AFE8-1587C799666F} [2012-06-19 18:52:29 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{10E8F72B-462E-472C-AE5D-81583CF217A0} [2012-06-19 18:52:05 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{4117A912-4737-41AE-B4E2-A2C3A2B78F5E} [2012-06-19 06:51:44 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{F5502805-A2C4-4D62-A80D-C074B364C85D} [2012-06-19 06:51:21 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{C7C58181-F550-4A62-A83A-D5A8EEA33B83} [2012-06-18 18:50:57 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{0482C660-1841-4932-83A2-CABE0ACC4A34} [2012-06-18 06:50:44 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{5033606A-17F2-4D23-8806-BFCA673DBFBB} [2012-06-15 12:10:00 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{FF422E66-A91C-4081-B433-5C397998868F} [2012-06-15 00:09:46 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{E37A5835-9748-4B78-BA5D-5FC0F7D6EC56} [2012-06-15 00:09:22 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{4E463CEC-241A-4BCD-A547-987710BB724A} [2012-06-14 12:08:56 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{4B5CA2F9-FDAD-4EB4-B3B7-92FF3E3778B1} [2012-06-14 12:08:43 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{96780FDD-26FC-4D46-805A-3BFC327991D0} [2012-06-14 03:00:39 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-06-14 03:00:38 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-06-14 03:00:38 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-06-14 03:00:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-06-14 03:00:37 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-06-14 03:00:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-06-14 03:00:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-06-14 03:00:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-06-14 03:00:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012-06-14 03:00:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012-06-14 03:00:35 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012-06-14 03:00:35 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012-06-14 03:00:35 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012-06-13 20:09:11 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{3DED97E9-9607-4376-8CE2-109365322BBD} [2012-06-13 20:08:48 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{10D7B24F-A866-428E-994E-69C33D4AA3C5} [2012-06-13 09:23:50 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012-06-13 09:23:50 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012-06-13 09:23:50 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012-06-13 09:23:46 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012-06-13 09:23:45 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012-06-13 09:23:45 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012-06-13 09:23:39 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012-06-13 09:23:37 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012-06-13 09:23:37 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012-06-13 08:08:34 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{DD56ADA4-4DA2-4737-AC14-8F8476711DD6} [2012-06-13 08:08:22 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{095B048E-44C5-4CAA-9D5C-9EB3F2596187} [2012-06-12 12:54:12 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{3403C75F-47FF-4C13-9E16-DE8C829C4482} [2012-06-12 12:53:49 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{0399D7B2-2720-4DFD-8A55-580E0A8AF637} [2012-06-12 00:53:36 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{7C8F73A5-9A0D-4A00-8EF1-37465A2ED2F0} [2012-06-12 00:53:12 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{55C36E66-839E-4CD4-A5AD-6E2D3FFBF425} [2012-06-11 12:52:58 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{58F6E59D-54B3-4BED-9C3D-20633C54AD33} [2012-06-11 12:52:45 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{0014C8E0-C144-4494-9643-0874CD4EE620} [2012-06-06 12:34:55 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{3BA99189-F2B9-459D-9B0F-A004FFCBE310} [2012-06-06 12:34:36 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{E3567F49-AF5D-43B3-975F-3D83F9E5F7FC} [2012-06-05 18:43:18 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{10903728-B0F8-4855-ACA5-BDF68DEE8436} [2012-06-05 18:42:54 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{DA8E4836-4985-4E8D-B3D9-03D4996064F0} [2012-06-05 06:42:28 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{3AB2A7BA-E064-4234-9F2D-3D1DE5794403} [2012-06-05 06:42:05 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{73A2A7E8-ED1C-4E8A-9A70-FED3D5D90B05} [2012-06-04 18:41:39 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{DAA78B41-1542-4D2C-9250-5CD257F64198} [2012-06-04 18:41:18 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\{1B1EFED0-BD52-495F-B229-A7A820ACD1FB} [2 C:\Users\MASTER\Desktop\*.tmp files -> C:\Users\MASTER\Desktop\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-04 11:53:07 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-07-04 11:52:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-04 11:52:48 | 2134,495,231 | -HS- | M] () -- C:\hiberfil.sys [2012-07-04 00:09:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1501973484-1154182231-3761794244-1000UA.job [2012-07-04 00:09:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-07-03 23:54:18 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys [2012-07-03 21:23:09 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk [2012-07-03 20:25:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-07-03 15:39:55 | 006,511,057 | ---- | M] () -- C:\Users\MASTER\Desktop\umowa TEB Akademia_smashing project.pdf [2012-07-03 10:43:27 | 000,152,622 | ---- | M] () -- C:\Users\MASTER\Desktop\eKONTO_61539588_568.pdf [2012-07-03 10:42:34 | 000,078,234 | ---- | M] () -- C:\Users\MASTER\Desktop\eKONTO_61539588_120702_120703.pdf [2012-07-03 10:10:33 | 000,002,412 | ---- | M] () -- C:\Users\MASTER\Desktop\Google Chrome.lnk [2012-07-03 09:47:57 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-03 09:47:56 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-03 02:35:23 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1501973484-1154182231-3761794244-1000Core.job [2012-06-27 12:56:39 | 000,278,731 | ---- | M] () -- C:\Users\MASTER\Desktop\1022012.xps [2012-06-26 21:05:35 | 000,002,170 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-06-26 18:06:34 | 000,380,688 | ---- | M] (Act-3D B.V. ) -- C:\Users\MASTER\Desktop\quest3dplayer_4_1_t_install.exe [2012-06-26 02:25:09 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-06-26 02:25:09 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-06-22 16:17:59 | 000,007,567 | ---- | M] () -- C:\Users\MASTER\Desktop\potwierdzenie GAZ_06.pdf [2012-06-20 23:11:25 | 000,001,130 | ---- | M] () -- C:\Users\MASTER\Desktop\Free Screen To Video.lnk [2012-06-20 23:08:24 | 000,463,895 | ---- | M] () -- C:\Users\MASTER\Desktop\infografika__.png [2012-06-20 22:54:32 | 000,001,371 | ---- | M] () -- C:\Users\MASTER\Desktop\Free Screen Video Recorder.lnk [2012-06-20 22:54:32 | 000,001,243 | ---- | M] () -- C:\Users\MASTER\Desktop\DVDVideoSoft Free Studio.lnk [2012-06-20 22:53:17 | 000,000,083 | ---- | M] () -- C:\Users\MASTER\AppData\Local\X-Plane Installer.prf [2012-06-20 22:44:15 | 001,549,932 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-06-20 22:44:15 | 000,697,896 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-06-20 22:44:15 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-06-20 22:44:15 | 000,135,006 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-06-20 22:44:15 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-06-20 22:32:53 | 000,157,150 | ---- | M] () -- C:\Users\MASTER\Desktop\duplikat_FV_2_05_2012.pdf [2012-06-20 22:32:27 | 000,274,714 | ---- | M] () -- C:\Users\MASTER\Desktop\duplikat.xps [2012-06-19 18:39:55 | 000,015,205 | ---- | M] () -- C:\Users\MASTER\.recently-used.xbel [2012-06-19 15:20:13 | 000,270,487 | ---- | M] () -- C:\Users\MASTER\Desktop\fv_2_06kop.xps [2012-06-19 15:19:57 | 000,270,781 | ---- | M] () -- C:\Users\MASTER\Desktop\fv_2_06org.xps [2012-06-19 13:55:16 | 000,022,575 | ---- | M] () -- C:\Users\MASTER\Desktop\208991_10151018831905743_1850116381_n.jpg [2012-06-19 13:54:37 | 000,011,893 | ---- | M] () -- C:\Users\MASTER\Desktop\598919_10151019022900743_1450662419_n.jpg [2012-06-19 12:24:40 | 000,674,485 | ---- | M] () -- C:\Users\MASTER\Desktop\mcs 001.jpg [2012-06-15 15:24:44 | 000,189,561 | ---- | M] () -- C:\Users\MASTER\Desktop\FV_2_06_2012.pdf [2012-06-15 15:24:10 | 000,270,773 | ---- | M] () -- C:\Users\MASTER\Desktop\FV_2_06_2012.xps [2012-06-15 15:08:59 | 000,270,486 | ---- | M] () -- C:\Users\MASTER\Desktop\fv_2_06_2012 kopiA.xps [2012-06-15 14:05:44 | 001,038,660 | ---- | M] () -- C:\Users\MASTER\Desktop\wz i list OPEK 001.jpg [2012-06-15 13:36:33 | 000,211,732 | ---- | M] () -- C:\Users\MASTER\Desktop\WZ gumet.xps [2012-06-15 13:35:52 | 000,268,163 | ---- | M] () -- C:\Users\MASTER\Desktop\FV_3_06_2012.xps [2012-06-14 22:22:44 | 000,098,525 | ---- | M] () -- C:\Users\MASTER\Desktop\Szczegoly_operacji_2012-06-14.jpg [2012-06-14 20:44:47 | 004,236,344 | ---- | M] () -- C:\Users\MASTER\Desktop\1 Armee Drill1.wmv [2012-06-14 20:17:42 | 000,013,190 | ---- | M] () -- C:\Users\MASTER\Desktop\aaaaa943304163.pdf [2012-06-14 20:17:01 | 000,012,263 | ---- | M] () -- C:\Users\MASTER\Desktop\aaaaaa43304164.pdf [2012-06-14 18:34:54 | 000,052,586 | ---- | M] () -- C:\Users\MASTER\Desktop\Szczegoly_operacji_2012-06-14_18-34-52.pdf [2012-06-14 18:09:32 | 000,187,080 | ---- | M] () -- C:\Users\MASTER\Desktop\gumet.pdf [2012-06-14 18:09:19 | 000,267,813 | ---- | M] () -- C:\Users\MASTER\Desktop\gumet.xps [2012-06-14 03:23:30 | 004,925,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-06-12 12:26:56 | 000,660,467 | ---- | M] () -- C:\Users\MASTER\Desktop\01 001.jpg [2012-06-05 22:30:49 | 000,163,893 | ---- | M] () -- C:\Users\MASTER\Desktop\N011057A.pdf [2012-06-05 13:36:16 | 000,098,814 | ---- | M] () -- C:\Users\MASTER\Desktop\Szczegoly_operacji_2012-06-05.jpg [2012-06-05 13:19:40 | 000,048,056 | ---- | M] () -- C:\Users\MASTER\Desktop\Szczegoly_operacji_2012-06-05_13-19-42.pdf [2012-06-05 13:17:04 | 000,052,971 | ---- | M] () -- C:\Users\MASTER\Desktop\Szczegoly_operacji_2012-06-05_13-17-06.pdf [2 C:\Users\MASTER\Desktop\*.tmp files -> C:\Users\MASTER\Desktop\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-03 21:05:09 | 000,001,143 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Killer.lnk [2012-07-03 15:40:13 | 006,511,057 | ---- | C] () -- C:\Users\MASTER\Desktop\umowa TEB Akademia_smashing project.pdf [2012-07-03 10:43:32 | 000,152,622 | ---- | C] () -- C:\Users\MASTER\Desktop\eKONTO_61539588_568.pdf [2012-07-03 10:42:42 | 000,078,234 | ---- | C] () -- C:\Users\MASTER\Desktop\eKONTO_61539588_120702_120703.pdf [2012-06-27 12:56:38 | 000,278,731 | ---- | C] () -- C:\Users\MASTER\Desktop\1022012.xps [2012-06-26 21:05:35 | 000,002,170 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-06-22 16:18:08 | 000,007,567 | ---- | C] () -- C:\Users\MASTER\Desktop\potwierdzenie GAZ_06.pdf [2012-06-20 23:11:25 | 000,001,130 | ---- | C] () -- C:\Users\MASTER\Desktop\Free Screen To Video.lnk [2012-06-20 23:08:29 | 000,463,895 | ---- | C] () -- C:\Users\MASTER\Desktop\infografika__.png [2012-06-20 22:54:32 | 000,001,371 | ---- | C] () -- C:\Users\MASTER\Desktop\Free Screen Video Recorder.lnk [2012-06-20 22:54:32 | 000,001,243 | ---- | C] () -- C:\Users\MASTER\Desktop\DVDVideoSoft Free Studio.lnk [2012-06-20 22:33:10 | 000,157,150 | ---- | C] () -- C:\Users\MASTER\Desktop\duplikat_FV_2_05_2012.pdf [2012-06-20 22:32:27 | 000,274,714 | ---- | C] () -- C:\Users\MASTER\Desktop\duplikat.xps [2012-06-20 16:18:46 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-06-19 18:39:55 | 000,015,205 | ---- | C] () -- C:\Users\MASTER\.recently-used.xbel [2012-06-19 15:20:13 | 000,270,487 | ---- | C] () -- C:\Users\MASTER\Desktop\fv_2_06kop.xps [2012-06-19 15:19:57 | 000,270,781 | ---- | C] () -- C:\Users\MASTER\Desktop\fv_2_06org.xps [2012-06-19 13:55:18 | 000,022,575 | ---- | C] () -- C:\Users\MASTER\Desktop\208991_10151018831905743_1850116381_n.jpg [2012-06-19 13:54:41 | 000,011,893 | ---- | C] () -- C:\Users\MASTER\Desktop\598919_10151019022900743_1450662419_n.jpg [2012-06-19 12:24:40 | 000,674,485 | ---- | C] () -- C:\Users\MASTER\Desktop\mcs 001.jpg [2012-06-15 15:24:47 | 000,189,561 | ---- | C] () -- C:\Users\MASTER\Desktop\FV_2_06_2012.pdf [2012-06-15 15:08:58 | 000,270,486 | ---- | C] () -- C:\Users\MASTER\Desktop\fv_2_06_2012 kopiA.xps [2012-06-15 15:08:37 | 000,270,773 | ---- | C] () -- C:\Users\MASTER\Desktop\FV_2_06_2012.xps [2012-06-15 14:05:44 | 001,038,660 | ---- | C] () -- C:\Users\MASTER\Desktop\wz i list OPEK 001.jpg [2012-06-15 13:36:32 | 000,211,732 | ---- | C] () -- C:\Users\MASTER\Desktop\WZ gumet.xps [2012-06-15 13:35:51 | 000,268,163 | ---- | C] () -- C:\Users\MASTER\Desktop\FV_3_06_2012.xps [2012-06-14 22:22:44 | 000,098,525 | ---- | C] () -- C:\Users\MASTER\Desktop\Szczegoly_operacji_2012-06-14.jpg [2012-06-14 20:44:47 | 004,236,344 | ---- | C] () -- C:\Users\MASTER\Desktop\1 Armee Drill1.wmv [2012-06-14 20:17:47 | 000,013,190 | ---- | C] () -- C:\Users\MASTER\Desktop\aaaaa943304163.pdf [2012-06-14 20:17:09 | 000,012,263 | ---- | C] () -- C:\Users\MASTER\Desktop\aaaaaa43304164.pdf [2012-06-14 18:34:58 | 000,052,586 | ---- | C] () -- C:\Users\MASTER\Desktop\Szczegoly_operacji_2012-06-14_18-34-52.pdf [2012-06-14 18:08:29 | 000,187,080 | ---- | C] () -- C:\Users\MASTER\Desktop\gumet.pdf [2012-06-14 18:07:52 | 000,267,813 | ---- | C] () -- C:\Users\MASTER\Desktop\gumet.xps [2012-06-12 12:26:56 | 000,660,467 | ---- | C] () -- C:\Users\MASTER\Desktop\01 001.jpg [2012-06-05 22:30:49 | 000,163,893 | ---- | C] () -- C:\Users\MASTER\Desktop\N011057A.pdf [2012-06-05 13:36:15 | 000,098,814 | ---- | C] () -- C:\Users\MASTER\Desktop\Szczegoly_operacji_2012-06-05.jpg [2012-06-05 13:19:42 | 000,048,056 | ---- | C] () -- C:\Users\MASTER\Desktop\Szczegoly_operacji_2012-06-05_13-19-42.pdf [2012-06-05 13:17:07 | 000,052,971 | ---- | C] () -- C:\Users\MASTER\Desktop\Szczegoly_operacji_2012-06-05_13-17-06.pdf [2012-04-22 22:12:22 | 004,424,704 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll [2012-04-09 01:40:36 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2012-04-09 01:39:46 | 000,260,608 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2012-04-09 01:39:32 | 000,158,720 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll [2012-04-09 01:39:32 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll [2012-04-09 01:39:30 | 001,525,248 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll [2012-04-09 01:39:30 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll [2012-04-09 01:39:28 | 000,212,480 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll [2012-04-09 01:39:28 | 000,115,200 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll [2012-04-09 01:39:26 | 000,328,704 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll [2012-04-05 03:45:22 | 000,004,096 | -H-- | C] () -- C:\Users\MASTER\AppData\Local\keyfile3.drm [2012-03-29 16:21:26 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll [2012-03-29 16:21:18 | 006,582,226 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll [2012-03-29 16:21:18 | 001,152,365 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll [2012-03-29 16:21:18 | 000,374,152 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll [2012-03-29 16:21:18 | 000,207,872 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll [2012-03-29 16:21:18 | 000,144,523 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-2.dll [2012-03-24 03:10:11 | 000,003,584 | ---- | C] () -- C:\Users\MASTER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-01-19 05:08:10 | 000,000,083 | ---- | C] () -- C:\Users\MASTER\AppData\Local\X-Plane Installer.prf [2011-12-15 23:49:35 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\Coinstall.dll [2011-12-07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll [2011-09-08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll [2011-09-08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll [2011-09-08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll [2011-09-08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll [2011-09-08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe [2011-09-08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll [2011-09-08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe [2011-09-08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe [2011-09-08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll [2011-09-08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll [2011-08-23 16:03:15 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll [2011-07-20 19:32:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011-05-30 15:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011-05-23 09:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011-03-28 01:41:42 | 000,056,732 | ---- | C] () -- C:\Windows\RFMaxPluginUninstall.exe [2011-03-16 20:34:06 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL [2011-03-10 02:32:18 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI [2011-03-09 18:22:31 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2011-03-07 18:26:59 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-03-07 18:26:59 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-03-07 18:23:20 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe [2011-03-07 17:39:10 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2011-03-07 17:36:53 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2011-03-03 13:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll [2011-03-03 13:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll [2011-03-03 13:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll [2011-02-07 20:00:08 | 000,925,667 | ---- | C] () -- C:\Windows\SysWow64\ffmpegmt.dll [2011-02-07 20:00:08 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll [2011-02-07 20:00:08 | 000,065,024 | ---- | C] () -- C:\Windows\SysWow64\FLT_ffdshow.dll [2010-08-18 21:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini < End of report >