OTL logfile created on: 2012-07-08 12:06:09 - Run 1
OTL by OldTimer - Version 3.2.41.0     Folder = C:\Users\Mateusz\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
4,00 Gb Total Physical Memory | 3,12 Gb Available Physical Memory | 78,09% Memory free
8,00 Gb Paging File | 7,19 Gb Available in Paging File | 89,88% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 274,26 Gb Total Space | 147,27 Gb Free Space | 53,70% Space Free | Partition Type: NTFS
Drive D: | 191,41 Gb Total Space | 49,88 Gb Free Space | 26,06% Space Free | Partition Type: NTFS
Drive H: | 15,03 Gb Total Space | 11,47 Gb Free Space | 76,29% Space Free | Partition Type: FAT32
 
Computer Name: MATEUSZ-PC | User Name: Mateusz | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-07-08 12:05:57 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe
PRC - [2012-06-23 16:57:13 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
PRC - [2012-06-18 20:01:20 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011-09-07 16:48:00 | 012,074,672 | ---- | M] (Mozilla Messaging) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-06-23 16:57:13 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
MOD - [2012-06-18 20:01:19 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011-09-07 16:47:59 | 000,161,968 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
MOD - [2011-09-07 16:47:59 | 000,021,680 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012-03-26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2012-03-26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-06-18 20:01:19 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-09-11 00:53:18 | 000,029,552 | ---- | M] (Gladinet, INC) [Auto | Stopped] -- C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe -- (GladFileMonSvc)
SRV - [2011-08-29 08:24:28 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-09-20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-06-10 06:33:00 | 000,232,960 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2006-09-22 01:33:15 | 000,069,632 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Stopped] -- C:\Windows\SysWow64\Crypserv.exe -- (Crypkey License)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012-03-20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-08-28 21:21:09 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-12-22 15:08:50 | 000,154,256 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-15 07:15:06 | 000,243,216 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scrcamhrdrv_x64.sys -- (PCWinSoft)
DRV:[b]64bit:[/b] - [2010-03-31 15:30:58 | 000,243,200 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:[b]64bit:[/b] - [2010-03-31 15:30:58 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:[b]64bit:[/b] - [2010-03-31 15:30:58 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2009-06-20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-06-02 10:55:20 | 001,207,808 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2009-05-22 16:52:30 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-05-14 03:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006-01-10 04:47:27 | 000,031,846 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysWOW64\Ckldrv.sys -- (NetworkX)
DRV - [2002-07-17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (ASPI)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKCU\..\SearchScopes,DefaultScope = {E5260168-5F51-4080-BF65-FC323F3CCE04}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Searchqu Web Search"
FF - prefs.js..browser.search.order.1: "Searchqu Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com/?st=1"
FF - prefs.js..keyword.URL: "http://www.searchqu.com/web?src=ffb&appid=0&systemid=417&sr=0&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://www.searchqu.com/web?src=ffb&appid=0&systemid=417&sr=0&q="
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-06 18:21:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-18 20:01:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-06-04 11:24:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.11\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011-10-08 15:46:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-06 18:21:25 | 000,000,000 | ---D | M]
 
[2011-10-28 20:08:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions
[2011-08-28 21:27:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012-06-10 07:54:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\d4g60yu8.default\extensions
[2012-06-10 07:54:48 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\d4g60yu8.default\extensions\anttoolbar@ant.com
[2011-10-28 20:08:03 | 000,002,520 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\d4g60yu8.default\searchplugins\SearchResults.xml
[2012-04-13 15:13:21 | 000,004,030 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\d4g60yu8.default\searchplugins\sweetim.xml
[2012-04-29 16:57:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011-10-01 16:22:03 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
() (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D4G60YU8.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
() (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D4G60YU8.DEFAULT\EXTENSIONS\FBPHOTOZOOM@INSTALLDADDY.COM.XPI
[2012-06-18 20:01:20 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-06-18 20:01:18 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-06-18 20:01:18 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-18 20:01:18 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-18 20:01:18 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2011-10-28 20:08:03 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
[2012-06-18 20:01:18 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-18 20:01:18 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: SweetIM Search (Enabled)
CHR - default_search_provider: search_url = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={79F964B3-84E4-11E1-9177-0014350013D0}
CHR - default_search_provider: suggest_url = 
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - Extension: YouTube = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.9_0\
CHR - Extension: Gmail = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\BROWSE~1.DLL (Bandoo Media, inc)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\SEARCH~1\BROWSE~1.DLL (Bandoo Media, inc)
O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDF Create 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (DocuCom PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Create 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RpcPing] C:\Users\Mateusz\AppData\Local\Microsoft\Windows\1395\RpcPing.exe ()
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\SEARCH~1\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [ISUSPM] "C:\ProgramData\FLEXnet\Connect\11\isuspm.exe" -scheduler File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nuance PDF Create 7-reminder] "C:\Program Files (x86)\Nuance\PDF Create 7\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Create 7\Ereg\Ereg.ini" File not found
O4 - HKLM..\Run: [OmniPage Preload] C:\Program Files (x86)\Nuance\OmniPage18\OmniPage18.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF7 Registry Controller] C:\Program Files (x86)\Nuance\PDF Create 7\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFCreHook] C:\Program Files (x86)\Nuance\PDF Create 7\pdfcreate7hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe (Creative Team S.A.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [ChomikBox] C:\Program Files (x86)\ChomikBox\chomikbox.exe ( )
O4 - HKCU..\Run: [OpAgent] "OpAgent.exe" /agent File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:[b]64bit:[/b] - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Sothink Flash Downloader For IE - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Sothink Flash Downloader For IE - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Sothink Flash Downloader For IE - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink Flash Downloader For IE - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.4.1/jinstall-1_4_1-windows-i586.cab (Java Plug-in 1.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90866825-CB77-43F4-AE5E-29D5869E978B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CEAEC7A1-1B19-4334-B843-D4F05DDA47E4}: DhcpNameServer = 192.168.1.254
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll) - C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll (Bandoo Media, inc)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll) - C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\datamngr.dll) - C:\PROGRA~2\SEARCH~1\SEARCH~1\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\IEBHO.dll) - C:\PROGRA~2\SEARCH~1\SEARCH~1\IEBHO.dll (Bandoo Media, inc)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2012-04-14 13:39:04 | 000,023,290 | ---- | M] () - C:\AutoEnginuity.log -- [ NTFS ]
O32 - AutoRun File - [2012-05-15 19:15:34 | 000,048,245 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O33 - MountPoints2\{7747096c-ecb3-11e0-a993-0014350013d0}\Shell - "" = AutoRun
O33 - MountPoints2\{7747096c-ecb3-11e0-a993-0014350013d0}\Shell\AutoRun\command - "" = F:\.\disk1\InstData\VM\setup.exe
O33 - MountPoints2\{a8f4147c-648d-11e1-b116-0014350013d0}\Shell - "" = AutoRun
O33 - MountPoints2\{a8f4147c-648d-11e1-b116-0014350013d0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a8f4147c-648d-11e1-b116-0014350013d0}\Shell\install\command - "" = G:\setup-top_netinfo.EXE
O33 - MountPoints2\{a8f4147c-648d-11e1-b116-0014350013d0}\Shell\readme\command - "" = notepad info.txt
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\G\Shell\install\command - "" = G:\setup-top_netinfo.EXE
O33 - MountPoints2\G\Shell\readme\command - "" = notepad info.txt
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-08 12:05:54 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe
[2012-07-08 09:58:51 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Malwarebytes
[2012-07-08 09:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-07-08 09:58:43 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-07-08 09:58:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-07-08 09:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-07-08 09:57:50 | 010,063,000 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Mateusz\Desktop\mbam-setup-1.61.0.1400.exe
[2012-07-07 22:56:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\hellomoto
[2012-07-05 21:06:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\dokumenty
[2012-07-05 10:22:20 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Zdjęcia Mateusz
[2012-07-04 11:38:13 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.gstreamer-0.10
[2012-07-04 11:28:41 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\ChomikBox
[2012-07-04 11:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl
[2012-07-04 11:28:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ChomikBox
[2012-07-04 11:21:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Dźwięki
[2012-06-29 21:08:40 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\rewire.dll
[2012-06-29 21:08:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VstPlugins
[2012-06-29 21:08:38 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Image-Line
[2012-06-29 21:08:26 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
[2012-06-29 21:08:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outsim
[2012-06-29 21:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image-Line
[2012-06-29 18:40:49 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\PROBA
[2012-06-29 13:21:40 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Bonus_Sound_FX
[2012-06-28 10:07:32 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Poręba
[2012-06-28 10:05:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Wisła Wielka
[2012-06-25 06:57:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Stąporków 2012
[2012-06-24 10:41:23 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\junak
[2012-06-23 16:58:28 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Macromedia
[2012-06-20 08:48:50 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\prak
[2012-06-20 00:07:22 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\zawodowy inf
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-07-08 12:05:57 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe
[2012-07-08 11:57:58 | 001,670,060 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-07-08 11:57:58 | 000,740,070 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-07-08 11:57:58 | 000,654,278 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-07-08 11:57:58 | 000,155,658 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-07-08 11:57:58 | 000,122,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-07-08 11:53:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-07-08 11:53:31 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2012-07-08 11:50:38 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-07-08 11:06:58 | 000,023,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-07-08 11:06:58 | 000,023,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-07-08 09:58:44 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-07-08 09:58:28 | 010,063,000 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Mateusz\Desktop\mbam-setup-1.61.0.1400.exe
[2012-07-08 09:56:39 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl
[2012-07-07 22:36:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-07-05 10:29:29 | 026,901,165 | ---- | M] () -- C:\Users\Mateusz\Desktop\Zdjęcia Mateusz.zip
[2012-07-05 10:12:56 | 151,200,604 | ---- | M] () -- C:\Users\Mateusz\Desktop\projekt_promo.wmv
[2012-07-04 20:38:56 | 002,024,718 | ---- | M] () -- C:\Users\Mateusz\Desktop\czolowka.psd
[2012-07-04 11:28:31 | 000,000,662 | ---- | M] () -- C:\Users\Public\Desktop\ChomikBox.lnk
[2012-07-04 11:27:45 | 027,991,552 | ---- | M] () -- C:\Users\Mateusz\Desktop\ChomikBox.msi
[2012-07-04 11:21:01 | 018,236,371 | ---- | M] () -- C:\Users\Mateusz\Desktop\Dźwięki.zip
[2012-07-03 17:54:12 | 017,498,112 | ---- | M] () -- C:\Users\Mateusz\Desktop\00001 (2).MTS
[2012-07-03 17:53:10 | 018,186,240 | ---- | M] () -- C:\Users\Mateusz\Desktop\00000.MTS
[2012-07-03 09:52:18 | 001,814,332 | ---- | M] () -- C:\Users\Mateusz\Desktop\CCF20120629_00002.jpg
[2012-07-02 09:30:38 | 176,848,896 | ---- | M] () -- C:\Users\Mateusz\Desktop\00001.MTS
[2012-07-02 08:31:57 | 001,680,732 | ---- | M] () -- C:\Users\Mateusz\Desktop\CCF20120629_00001.jpg
[2012-07-02 08:30:42 | 001,016,614 | ---- | M] () -- C:\Users\Mateusz\Desktop\CCF20120629_00000.jpg
[2012-07-01 09:31:57 | 005,360,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-06-30 16:38:52 | 043,580,496 | ---- | M] () -- C:\Users\Mateusz\Desktop\proba.wmv
[2012-06-30 16:38:03 | 019,430,554 | ---- | M] () -- C:\Users\Mateusz\Desktop\Automatic_Fire_02.mov
[2012-06-30 16:36:49 | 022,398,546 | ---- | M] () -- C:\Users\Mateusz\Desktop\proba1.wmv
[2012-06-29 21:08:40 | 000,001,150 | ---- | M] () -- C:\Users\Mateusz\Desktop\FL Studio 10.lnk
[2012-06-29 19:51:54 | 008,901,879 | ---- | M] () -- C:\Users\Mateusz\Desktop\proba_fon.mp4
[2012-06-29 18:41:17 | 022,691,827 | ---- | M] () -- C:\Users\Mateusz\Desktop\PROBA.zip
[2012-06-29 13:58:58 | 019,578,732 | ---- | M] () -- C:\Users\Mateusz\Desktop\proba_ostateczna.wmv
[2012-06-29 13:51:02 | 000,026,624 | ---- | M] () -- C:\Users\Mateusz\Desktop\proba1.VSP
[2012-06-29 13:36:01 | 003,306,030 | ---- | M] () -- C:\Users\Mateusz\Desktop\Strefa - Wojna.mp3
[2012-06-29 11:45:48 | 000,000,151 | ---- | M] () -- C:\Windows\PhotoSnapViewer.INI
[2012-06-27 10:10:38 | 001,062,346 | ---- | M] () -- C:\Users\Mateusz\Desktop\skanowanie0059.jpg
[2012-06-27 10:09:21 | 001,318,956 | ---- | M] () -- C:\Users\Mateusz\Desktop\skanowanie0057.jpg
[2012-06-25 07:20:31 | 000,951,784 | ---- | M] () -- C:\Users\Mateusz\Desktop\program_3_festiwal_filmow_mlodziezowych_-18.pdf
[2012-06-25 07:00:45 | 001,184,687 | ---- | M] () -- C:\Users\Mateusz\Desktop\1.jpg
[2012-06-25 07:00:10 | 000,830,118 | ---- | M] () -- C:\Users\Mateusz\Desktop\2.jpg
[2012-06-25 06:59:27 | 000,083,608 | ---- | M] () -- C:\Users\Mateusz\Desktop\2.pdf
[2012-06-25 06:59:10 | 000,082,835 | ---- | M] () -- C:\Users\Mateusz\Desktop\1.pdf
[2012-06-20 08:48:36 | 005,548,234 | ---- | M] () -- C:\Users\Mateusz\Desktop\prak.rar
[2012-06-20 00:07:15 | 003,823,202 | ---- | M] () -- C:\Users\Mateusz\Desktop\zawodowy inf.rar
[2012-06-16 16:35:30 | 000,165,665 | ---- | M] () -- C:\Users\Mateusz\Desktop\Bez nazwy 1.jpg
[2012-06-16 16:24:25 | 000,008,345 | ---- | M] () -- C:\Users\Mateusz\Desktop\f_w_35318_47e8e.jpg
[2012-06-16 16:22:17 | 000,020,488 | ---- | M] () -- C:\Users\Mateusz\Desktop\krecik.jpg
[2012-06-16 16:20:55 | 000,018,057 | ---- | M] () -- C:\Users\Mateusz\Desktop\Reksio_Biegnie.gif
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-07-08 09:58:44 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-07-08 09:56:39 | 000,000,011 | R--- | C] () -- C:\Windows\amunres.lsl
[2012-07-05 10:25:34 | 026,901,165 | ---- | C] () -- C:\Users\Mateusz\Desktop\Zdjęcia Mateusz.zip
[2012-07-05 10:02:41 | 151,200,604 | ---- | C] () -- C:\Users\Mateusz\Desktop\projekt_promo.wmv
[2012-07-04 20:38:54 | 002,024,718 | ---- | C] () -- C:\Users\Mateusz\Desktop\czolowka.psd
[2012-07-04 16:57:48 | 017,498,112 | ---- | C] () -- C:\Users\Mateusz\Desktop\00001 (2).MTS
[2012-07-04 16:57:45 | 018,186,240 | ---- | C] () -- C:\Users\Mateusz\Desktop\00000.MTS
[2012-07-04 11:28:31 | 000,000,662 | ---- | C] () -- C:\Users\Public\Desktop\ChomikBox.lnk
[2012-07-04 11:26:03 | 027,991,552 | ---- | C] () -- C:\Users\Mateusz\Desktop\ChomikBox.msi
[2012-07-04 11:19:50 | 018,236,371 | ---- | C] () -- C:\Users\Mateusz\Desktop\Dźwięki.zip
[2012-07-02 09:34:57 | 176,848,896 | ---- | C] () -- C:\Users\Mateusz\Desktop\00001.MTS
[2012-07-02 08:30:49 | 001,814,332 | ---- | C] () -- C:\Users\Mateusz\Desktop\CCF20120629_00002.jpg
[2012-07-02 08:30:45 | 001,680,732 | ---- | C] () -- C:\Users\Mateusz\Desktop\CCF20120629_00001.jpg
[2012-07-01 10:05:38 | 001,016,614 | ---- | C] () -- C:\Users\Mateusz\Desktop\CCF20120629_00000.jpg
[2012-06-30 16:46:05 | 037,157,290 | ---- | C] () -- C:\Users\Mateusz\Desktop\Explosion_01.mov
[2012-06-30 14:41:53 | 000,001,367 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS5.5.lnk
[2012-06-30 14:41:08 | 000,001,277 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mocha for After Effects CS5.5.lnk
[2012-06-30 14:40:47 | 000,001,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
[2012-06-30 14:40:23 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS5.5.lnk
[2012-06-30 14:38:54 | 000,001,282 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
[2012-06-30 14:38:32 | 000,001,541 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit 2.6.lnk
[2012-06-30 14:36:41 | 000,001,383 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
[2012-06-30 14:36:28 | 000,001,555 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
[2012-06-29 21:08:40 | 000,001,150 | ---- | C] () -- C:\Users\Mateusz\Desktop\FL Studio 10.lnk
[2012-06-29 19:50:54 | 008,901,879 | ---- | C] () -- C:\Users\Mateusz\Desktop\proba_fon.mp4
[2012-06-29 18:41:15 | 022,691,827 | ---- | C] () -- C:\Users\Mateusz\Desktop\PROBA.zip
[2012-06-29 13:56:25 | 019,578,732 | ---- | C] () -- C:\Users\Mateusz\Desktop\proba_ostateczna.wmv
[2012-06-29 13:51:50 | 022,398,546 | ---- | C] () -- C:\Users\Mateusz\Desktop\proba1.wmv
[2012-06-29 13:51:01 | 000,026,624 | ---- | C] () -- C:\Users\Mateusz\Desktop\proba1.VSP
[2012-06-29 13:42:25 | 043,580,496 | ---- | C] () -- C:\Users\Mateusz\Desktop\proba.wmv
[2012-06-29 13:32:49 | 003,306,030 | ---- | C] () -- C:\Users\Mateusz\Desktop\Strefa - Wojna.mp3
[2012-06-29 13:07:12 | 018,919,369 | ---- | C] () -- C:\Users\Mateusz\Desktop\Automatic_Fire_03.mov
[2012-06-29 13:07:12 | 010,716,618 | ---- | C] () -- C:\Users\Mateusz\Desktop\Automatic_Fire_04.mov
[2012-06-29 13:07:11 | 019,430,554 | ---- | C] () -- C:\Users\Mateusz\Desktop\Automatic_Fire_02.mov
[2012-06-29 13:07:10 | 013,404,253 | ---- | C] () -- C:\Users\Mateusz\Desktop\Automatic_Fire_05.mov
[2012-06-29 13:07:10 | 009,497,269 | ---- | C] () -- C:\Users\Mateusz\Desktop\Automatic_Fire_01.mov
[2012-06-27 10:10:46 | 001,318,956 | ---- | C] () -- C:\Users\Mateusz\Desktop\skanowanie0057.jpg
[2012-06-27 10:10:46 | 001,062,346 | ---- | C] () -- C:\Users\Mateusz\Desktop\skanowanie0059.jpg
[2012-06-25 07:20:31 | 000,951,784 | ---- | C] () -- C:\Users\Mateusz\Desktop\program_3_festiwal_filmow_mlodziezowych_-18.pdf
[2012-06-25 07:00:44 | 001,184,687 | ---- | C] () -- C:\Users\Mateusz\Desktop\1.jpg
[2012-06-25 07:00:08 | 000,830,118 | ---- | C] () -- C:\Users\Mateusz\Desktop\2.jpg
[2012-06-25 06:59:27 | 000,083,608 | ---- | C] () -- C:\Users\Mateusz\Desktop\2.pdf
[2012-06-25 06:59:08 | 000,082,835 | ---- | C] () -- C:\Users\Mateusz\Desktop\1.pdf
[2012-06-20 08:47:48 | 005,548,234 | ---- | C] () -- C:\Users\Mateusz\Desktop\prak.rar
[2012-06-20 00:07:05 | 003,823,202 | ---- | C] () -- C:\Users\Mateusz\Desktop\zawodowy inf.rar
[2012-06-16 16:35:29 | 000,165,665 | ---- | C] () -- C:\Users\Mateusz\Desktop\Bez nazwy 1.jpg
[2012-06-16 16:24:25 | 000,008,345 | ---- | C] () -- C:\Users\Mateusz\Desktop\f_w_35318_47e8e.jpg
[2012-06-16 16:22:13 | 000,020,488 | ---- | C] () -- C:\Users\Mateusz\Desktop\krecik.jpg
[2012-06-16 16:20:53 | 000,018,057 | ---- | C] () -- C:\Users\Mateusz\Desktop\Reksio_Biegnie.gif
[2012-06-14 18:37:28 | 042,369,024 | ---- | C] () -- C:\Users\Mateusz\Desktop\00034.MTS
[2012-06-04 11:25:27 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2012-05-13 09:41:47 | 000,000,403 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2012-05-12 16:03:28 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2012-05-10 14:31:37 | 000,000,017 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\resmon.resmoncfg
[2012-04-13 17:17:18 | 000,000,047 | ---- | C] () -- C:\Windows\Crypkey.ini
[2012-04-13 17:17:14 | 000,031,846 | ---- | C] () -- C:\Windows\SysWow64\Ckldrv.sys
[2012-04-13 17:17:14 | 000,027,648 | R--- | C] () -- C:\Windows\Setup_ck.exe
[2012-04-13 17:17:14 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll
[2012-04-13 17:17:14 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe
[2012-02-06 19:20:27 | 002,255,360 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll
[2012-02-06 19:20:27 | 000,395,776 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2012-02-06 19:20:27 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012-02-06 19:20:27 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2012-01-19 23:25:11 | 000,962,560 | ---- | C] () -- C:\Windows\tesseract.exe
[2011-12-25 22:20:39 | 001,689,186 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-12-24 20:36:51 | 000,011,820 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\JunkAtx.bin
[2011-12-10 22:25:17 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\{492DB754-2823-4053-B71B-9FC409F3D2DA}
[2011-11-11 23:52:12 | 000,000,022 | -HS- | C] () -- C:\Users\Mateusz\AppData\Roaming\Sys2662.Config.Repository.bin
[2011-09-24 20:12:03 | 000,006,656 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-09-18 17:00:28 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2011-09-16 19:54:53 | 000,230,175 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011-09-16 19:54:53 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2011-09-11 11:49:37 | 000,000,088 | RHS- | C] () -- C:\ProgramData\7B27567883.sys
[2011-08-29 09:30:25 | 000,008,144 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011-08-29 09:30:25 | 000,000,088 | RHS- | C] () -- C:\ProgramData\D78EF4F84C.sys
[2011-08-28 21:25:58 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-08-28 21:25:58 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011-08-28 21:25:57 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011-08-28 21:25:57 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011-08-28 21:25:57 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011-08-28 20:35:00 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011-08-28 20:34:52 | 000,015,613 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-11-12 15:01:13 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Artisteer
[2012-06-29 11:28:32 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Audacity
[2012-02-06 18:21:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools
[2011-10-01 20:50:05 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2011-08-28 21:32:37 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Dev-Cpp
[2012-05-30 21:13:46 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Digiarty
[2012-07-05 23:45:46 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\FileZilla
[2011-12-25 19:39:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\FreeScreenToVideo
[2012-03-11 11:29:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Gadu-Gadu
[2012-02-06 18:21:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\GHISLER
[2012-07-07 22:56:10 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\hellomoto
[2012-05-13 09:41:29 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Nuance
[2012-01-02 21:03:45 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\OpenOffice.org
[2011-08-29 23:00:35 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\PACE Anti-Piracy
[2009-04-01 19:55:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ScanMaster-ELM
[2012-05-13 09:45:00 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ScanSoft
[2011-08-29 13:04:59 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Sony
[2011-08-29 23:01:10 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011-08-28 21:27:23 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Thunderbird
[2012-01-15 16:38:52 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Ulead Systems
[2012-02-25 13:03:56 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Unigraphics Solutions
[2012-06-12 12:55:56 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\uTorrent
[2012-05-13 09:46:15 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Zeon
[2012-06-25 06:53:52 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2011-09-24 15:19:29 | 000,000,000 | ---D | M](C:\Users\Mateusz\AppData\Roaming\???????sAppData) -- C:\Users\Mateusz\AppData\Roaming\敎潲䍄敔灭慬整sAppData
[2011-09-24 15:19:29 | 000,000,000 | ---D | M](C:\Users\Mateusz\AppData\Roaming\???????sAppData) -- C:\Users\Mateusz\AppData\Roaming\敎潲䍄敔灭慬整sAppData
[2011-09-16 22:04:07 | 000,000,000 | ---D | C](C:\Users\Mateusz\AppData\Roaming\???????sAppData) -- C:\Users\Mateusz\AppData\Roaming\敎潲䍄敔灭慬整sAppData
(C:\Users\Mateusz\AppData\Roaming\???????sAppData) -- C:\Users\Mateusz\AppData\Roaming\敎潲䍄敔灭慬整sAppData
 
[color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color]
[C:\Windows\system64] -> \systemroot\system32 -> Mount Point
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:820563D3

< End of report >