OTL logfile created on: 2012-07-21 10:49:14 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = F:\ Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,92 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 83,86% Memory free 5,83 Gb Paging File | 5,38 Gb Available in Paging File | 92,25% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 116,44 Gb Total Space | 40,05 Gb Free Space | 34,39% Space Free | Partition Type: NTFS Drive D: | 349,32 Gb Total Space | 88,84 Gb Free Space | 25,43% Space Free | Partition Type: NTFS Drive E: | 572,04 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 3,73 Gb Total Space | 0,68 Gb Free Space | 18,09% Space Free | Partition Type: FAT32 Drive K: | 1,84 Gb Total Space | 1,81 Gb Free Space | 98,52% Space Free | Partition Type: FAT Computer Name: CHRISTOMARUNIAK | User Name: ChrisMaruniak | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-21 10:44:10 | 000,595,968 | ---- | M] (OldTimer Tools) -- F:\OTL.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-07-14 03:14:21 | 000,497,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-07-04 03:02:00 | 000,044,544 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL MOD - [2011-03-17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010-10-20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-07-16 08:37:49 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-06-07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-05-11 17:02:38 | 000,034,104 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService) SRV - [2012-04-22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012-03-26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-09-07 15:39:54 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011-07-08 17:53:26 | 000,139,112 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\RapidBoot\HyperW7Svc.exe -- (HyperW7Svc) SRV - [2011-07-04 03:02:00 | 000,292,200 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE -- (DozeSvc) SRV - [2011-07-04 03:02:00 | 000,148,840 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\ThinkPad\Utilities\PWMEWSVC.exe -- (PwmEWSvc) SRV - [2011-06-12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2011-05-31 10:48:36 | 000,059,240 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC) SRV - [2011-05-31 10:48:18 | 000,041,320 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE) SRV - [2011-05-26 08:20:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-05-25 17:07:46 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011-05-02 14:06:34 | 000,936,208 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2011-05-02 13:50:20 | 000,481,552 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2011-04-20 10:04:40 | 000,130,920 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD) SRV - [2011-04-14 13:22:28 | 000,263,528 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Program Files\Lenovo\Access Connections\AcSvc.exe -- (AcSvc) SRV - [2011-04-14 13:22:26 | 000,124,264 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc) SRV - [2011-04-04 10:27:20 | 000,045,496 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE) SRV - [2011-03-29 13:41:08 | 000,064,952 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC) SRV - [2011-03-14 20:04:14 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\System32\SASrv.exe -- (SAService) SRV - [2011-03-02 15:07:36 | 000,443,240 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\Screen Reading Optimizer\SROSVC.exe -- (SROSVC) SRV - [2011-02-07 16:15:38 | 000,210,896 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Services\IPT\jhi_service.exe -- (jhi_service) Intel(R) SRV - [2011-01-17 10:42:04 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2011-01-17 10:42:02 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010-12-17 08:17:54 | 000,190,592 | ---- | M] (Conexant Systems Inc.) [Auto | Stopped] -- C:\Windows\System32\CxAudMsg32.exe -- (CxAudMsg) SRV - [2010-11-29 15:00:10 | 000,121,856 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R) SRV - [2010-04-07 14:37:38 | 000,093,032 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbscan.sys -- (usbscan) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV - [2012-04-22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2012-03-20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2012-01-09 17:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2012-01-09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2012-01-09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2012-01-09 17:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2012-01-09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2012-01-09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011-12-27 03:10:35 | 000,033,080 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psadd.sys -- (psadd) DRV - [2011-10-25 17:09:24 | 000,436,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2011-10-04 19:13:11 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-07-08 17:53:26 | 000,035,176 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Program Files\Lenovo\RapidBoot\PHCORE.sys -- (PHCORE) DRV - [2011-07-04 03:02:00 | 000,025,968 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\DOZEHDD.SYS -- (DozeHDD) DRV - [2011-07-04 03:02:00 | 000,013,424 | ---- | M] (Lenovo Group Limited) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\TPPWR32V.SYS -- (TPPWRIF) DRV - [2011-06-01 13:37:10 | 010,562,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-06-01 13:37:10 | 000,020,328 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvpciflt.sys -- (nvpciflt) DRV - [2011-05-25 17:22:00 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdxc86.sys -- (risdxc) DRV - [2011-05-01 14:32:08 | 007,513,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNs32.sys -- (NETwNs32) ___ Intel(R) DRV - [2011-03-29 19:14:08 | 000,122,992 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ApsX86.sys -- (Shockprf) DRV - [2011-03-29 19:12:16 | 000,020,592 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ApsHM86.sys -- (TPDIGIMN) DRV - [2011-03-04 18:14:34 | 000,132,096 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\5U877.sys -- (5U877) DRV - [2011-02-09 14:49:54 | 001,281,152 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService) DRV - [2011-02-08 12:01:36 | 000,262,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1c6232.sys -- (e1cexpress) Intel(R) DRV - [2010-11-29 14:59:32 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\TurboB.sys -- (TurboB) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-10-19 16:33:40 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI) Intel(R) DRV - [2010-09-07 14:09:06 | 000,013,680 | ---- | M] (Lenovo Group Limited) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi) DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-07-14 01:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM) DRV - [2009-03-13 13:47:26 | 000,012,560 | ---- | M] (UPEK Inc.) [Kernel | Auto | Stopped] -- C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp) SMI Helper Driver (smihlp) DRV - [2008-12-18 11:13:18 | 000,025,680 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\eusk2par.sys -- (eusk2par) DRV - [2007-03-13 11:27:00 | 000,047,648 | ---- | M] (Hitachi Semiconductor and Devices Sales Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CESG502.sys -- (PVUSB) DRV - [2006-10-13 03:21:00 | 000,020,512 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\TVicPort.sys -- (TVicPort) DRV - [2006-02-23 01:30:00 | 000,391,300 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM303.sys -- (ZSMC303) VIMICRO USB PC Camera (VC0303) DRV - [2005-09-23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\URLSearchHook: {90eee664-34b1-422a-a782-779af65cdf6d} - C:\Program Files\IncrediMail_MediaBar_4\tbIncr.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1330375183_962095 IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/idg/idg_1330375183_962095 IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\..\URLSearchHook: {90eee664-34b1-422a-a782-779af65cdf6d} - C:\Program Files\IncrediMail_MediaBar_4\tbIncr.dll (Conduit Ltd.) IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\..\SearchScopes,DefaultScope = {C4C6DC8D-956E-4F84-BB39-7B81E3F1F2A7} IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\..\SearchScopes\{0F5C56C0-8FF1-4F4C-8232-ECF721F7FFD6}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\..\SearchScopes\{C4C6DC8D-956E-4F84-BB39-7B81E3F1F2A7}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/mb59/?search={searchTerms}&loc=search_box&u=92823033613142253 IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.startup.homepage: "pl.v9.com/idg/idg_1330375183_962095" FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ChrisMaruniak\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ChrisMaruniak\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ChrisMaruniak\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ChrisMaruniak\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-28 20:34:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-11 14:08:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-07-11 14:08:17 | 000,000,000 | ---D | M] [2012-01-12 03:36:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ChrisMaruniak\AppData\Roaming\Mozilla\Extensions [2012-04-28 20:33:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ChrisMaruniak\AppData\Roaming\Mozilla\Firefox\Profiles\mbn2z03x.default\extensions [2012-04-28 20:33:11 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\ChrisMaruniak\AppData\Roaming\Mozilla\Firefox\Profiles\mbn2z03x.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-10-29 09:53:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-09-17 23:10:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011-10-29 09:53:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011-09-28 20:34:24 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2011-08-12 07:57:31 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-08-12 05:16:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\ChrisMaruniak\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\ChrisMaruniak\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\ChrisMaruniak\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - Extension: YouTube = C:\Users\ChrisMaruniak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\ChrisMaruniak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: DealPly = C:\Users\ChrisMaruniak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\ CHR - Extension: AdBlock = C:\Users\ChrisMaruniak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.37_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\ChrisMaruniak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: Gmail = C:\Users\ChrisMaruniak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (IncrediMail MediaBar 4 Toolbar) - {90eee664-34b1-422a-a782-779af65cdf6d} - C:\Program Files\IncrediMail_MediaBar_4\tbIncr.dll (Conduit Ltd.) O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 4 Toolbar) - {90eee664-34b1-422a-a782-779af65cdf6d} - C:\Program Files\IncrediMail_MediaBar_4\tbIncr.dll (Conduit Ltd.) O4 - HKLM..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe (Lenovo) O4 - HKLM..\Run: [BigDog303] C:\Windows\VM303_STI.EXE (Vimicro) O4 - HKLM..\Run: [IMSS] C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation) O4 - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited) O4 - HKLM..\Run: [RotateImage] C:\Program Files\Integrated Camera Driver\RCIMGDIR.exe (Ricoh co.,Ltd.) O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000..\Run: [] File not found O4 - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) O4 - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000..\Run: [SkyDrive] C:\Users\ChrisMaruniak\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000..\Run: [TaskSchdPS] C:\Users\ChrisMaruniak\AppData\Local\Microsoft\Windows\2060\TaskSchdPS.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000..\RunOnce: [Uninstall C:\Users\ChrisMaruniak\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ChrisMaruniak\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525" File not found O4 - HKU\S-1-5-21-4066401421-2991672529-3505365138-1000..\RunOnce: [Uninstall C:\Users\ChrisMaruniak\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ChrisMaruniak\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710" File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Subskrybuj w MoneyRss - C:\Program Files\MoneyRss\add_feed.htm () O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} http://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab (IASRunner Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.250.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF5100B9-86DD-41F8-9A05-657C7E834010}: DhcpNameServer = 192.168.250.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\Windows\system32\nvinit.dll) - C:\Windows\System32\nvinit.dll (NVIDIA Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\psfus: DllName - (C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll) - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{e3ef794a-e391-11e0-8dc1-ccaf78f0b4bd}\Shell - "" = AutoRun O33 - MountPoints2\{e3ef794a-e391-11e0-8dc1-ccaf78f0b4bd}\Shell\AutoRun\command - "" = F:\NokiaPCIA_Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-21 10:23:09 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\AppData\Roaming\hellomoto [2012-07-20 16:36:44 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\Desktop\portfel [2012-07-18 15:33:19 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\Desktop\Torba Tom Ford [2012-07-18 00:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\tmp [2012-07-18 00:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\hps [2012-07-18 00:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FOTOJOKER Fotoswiat [2012-07-18 00:42:50 | 000,000,000 | ---D | C] -- C:\Program Files\Fotojoker [2012-07-16 11:54:35 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\Desktop\Zdjęcia [2012-07-16 08:43:17 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\.jenny [2012-07-15 13:40:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2012-07-15 13:06:26 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\AppData\Roaming\SpeedyPC Software [2012-07-15 13:06:26 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\AppData\Roaming\DriverCure [2012-07-15 13:06:07 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software [2012-07-15 09:30:16 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\AppData\Local\{B211D556-A690-4ABF-9D0A-C4F9C119CC02} [2012-07-15 09:29:53 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\AppData\Local\{F07DBBF2-B7D0-4128-B3F5-4A2A79A47EB1} [2012-07-14 21:29:23 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\AppData\Local\{9AB6F8D3-3564-464A-A75E-128775EDE528} [2012-07-14 21:29:00 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\AppData\Local\{82E9E140-7018-476C-92CB-BDEBD60C46E6} [2012-07-13 10:23:59 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\MyConnection PC [2012-07-13 10:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyConnection PC Lite Edition [2012-07-13 10:23:57 | 000,000,000 | ---D | C] -- C:\Program Files\MyConnection PC Lite Edition [2012-07-13 10:22:08 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\vw [2012-07-13 10:22:07 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\MySpeed PC [2012-07-13 10:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySpeed PC Lite Edition [2012-07-13 10:22:01 | 000,000,000 | ---D | C] -- C:\Program Files\MySpeed PC Lite Edition [2012-07-12 19:38:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [2012-07-12 19:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID [2012-07-12 11:53:16 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\AppData\Local\{4596B2C0-CEBF-4F53-B0EF-6867EE7C724D} [2012-07-12 11:53:01 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\AppData\Local\{7355E7FE-C53D-4322-B566-919DA5766F19} [2012-07-12 00:26:59 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-07-12 00:26:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-07-12 00:26:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012-07-12 00:26:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-07-12 00:26:57 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-07-12 00:26:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-07-12 00:26:56 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-07-12 00:21:29 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012-07-11 14:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012-07-11 14:07:42 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2012-07-11 14:05:43 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2012-07-11 13:24:34 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012-07-11 13:23:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2012-07-11 13:22:22 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll [2012-07-10 15:29:17 | 005,189,344 | ---- | C] (Microsoft Corporation) -- C:\Users\ChrisMaruniak\Desktop\SkyDriveSetup.exe [2012-07-10 15:29:17 | 000,000,000 | R--D | C] -- C:\Users\ChrisMaruniak\SkyDrive [2012-07-10 15:28:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive [2012-07-07 21:20:34 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\AppData\Roaming\NetMeter [2012-07-07 21:20:24 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeter [2012-07-03 19:35:20 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\Desktop\Seweryn Krajewski - Jak tam jest (2011) [2012-07-02 15:55:59 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\AppData\Local\{86DA0B60-F38A-4D9A-85A6-283D168D3ADF} [2012-07-02 15:55:47 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\AppData\Local\{1837746A-2DCF-436C-A1BB-1082396699F6} [2012-07-02 15:55:33 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\Tracing [2012-07-02 14:08:04 | 000,000,000 | ---D | C] -- C:\Windows\pl [2012-07-02 14:02:10 | 000,000,000 | ---D | C] -- C:\Windows\en [2012-06-27 10:47:56 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\Desktop\Dane inne TS [2012-06-27 09:48:20 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\Documents\Ovi [2012-06-27 09:45:30 | 000,000,000 | ---D | C] -- C:\Users\ChrisMaruniak\New folder [2011-02-07 16:15:50 | 000,020,944 | ---- | C] (Intel Corporation) -- C:\Users\ChrisMaruniak\AppData\Roaming\JomCap.dll [1 C:\Users\ChrisMaruniak\Documents\*.tmp files -> C:\Users\ChrisMaruniak\Documents\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-21 10:48:11 | 000,618,132 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-07-21 10:48:11 | 000,107,412 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-07-21 10:41:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-21 10:41:09 | 2347,683,840 | -HS- | M] () -- C:\hiberfil.sys [2012-07-21 10:33:30 | 000,014,992 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-21 10:33:30 | 000,014,992 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-21 10:26:26 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-07-21 10:00:23 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-07-18 14:41:46 | 000,237,859 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\QoS_1108.jpg [2012-07-18 11:02:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-07-16 08:37:49 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-07-16 08:37:49 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-07-15 23:36:58 | 004,616,278 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Hiszpania 2012 -_-187fff.jpg [2012-07-15 23:27:56 | 004,624,837 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Hiszpania 2012 -_-187beer.jpg [2012-07-15 13:02:37 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2012-07-15 12:35:04 | 000,012,800 | ---- | M] () -- C:\Users\ChrisMaruniak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-15 12:15:41 | 004,478,046 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Spanish music.mp3 [2012-07-14 21:05:58 | 000,055,209 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\catalogue.pdf [2012-07-14 19:22:44 | 000,153,166 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Spirit_006472_RGB_L.jpg [2012-07-14 19:22:36 | 000,157,106 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Spirit_006507_RGB_L.jpg [2012-07-13 10:23:58 | 000,000,045 | ---- | M] () -- C:\Users\ChrisMaruniak\MyConnection PC Lite Edition-Path [2012-07-13 10:22:01 | 000,000,040 | ---- | M] () -- C:\Users\ChrisMaruniak\MySpeed PC Lite Edition-Path [2012-07-12 19:38:16 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk [2012-07-12 13:54:14 | 000,084,085 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Mój film.wlmp [2012-07-12 08:11:23 | 003,842,016 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-07-11 20:06:23 | 000,002,290 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012-07-11 14:08:08 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012-07-10 15:28:56 | 005,189,344 | ---- | M] (Microsoft Corporation) -- C:\Users\ChrisMaruniak\Desktop\SkyDriveSetup.exe [2012-07-08 22:57:10 | 000,189,841 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\2957116-dziewczyna-z-tatuazem.jpg [2012-07-08 22:56:55 | 000,187,996 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\2957266-dziewczyna-z-tatuazem.jpg [2012-07-08 22:54:35 | 000,045,711 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\craig_640x0_rozmiar-niestandardowy.webp [2012-07-08 18:12:49 | 000,043,571 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\1239862796xPo4tH.webp [2012-07-08 15:03:24 | 004,300,630 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\03_kolekcjoner.pdf [2012-07-07 21:32:33 | 000,109,675 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Hes-back-Daniel-Craig-dashes-through-London-brandishing-James-Bonds-trusty-Walther-PPK-handgun-as-he-films-more-scenes-for-upcoming-film-Skyfall2.jpg [2012-07-07 21:31:45 | 000,120,064 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\article-1065225-02C0D0DE00000578-522_306x423_popup.jpg [2012-07-07 21:31:36 | 000,097,580 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\article-1065225-02C0BC4E00000578-303_306x423_popup.jpg [2012-07-07 12:04:12 | 005,962,240 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Hiszpania 2012 -_-187.JPG [2012-07-05 23:58:32 | 352,282,750 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Sisi (2009) Część 1.rmvb [2012-07-05 23:58:31 | 205,827,448 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Sisi (2009) Część 2.rmvb [2012-07-05 20:06:02 | 000,236,131 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\bloo.jpg [2012-07-05 15:43:15 | 068,196,807 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\2012-06-29-10-27.pdf [2012-07-04 16:40:20 | 054,750,652 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Schmutzer-Tanz_hq.divx [2012-07-04 16:39:07 | 037,570,736 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\WrSpezi_hq.divx [2012-07-04 16:28:27 | 000,567,296 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Donato.mp3 [2012-07-04 16:28:24 | 000,993,280 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Eljen.mp3 [2012-07-04 16:28:23 | 000,595,968 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Atzenbrugger.mp3 [2012-07-04 16:28:09 | 000,669,696 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Hetz.mp3 [2012-07-04 16:28:06 | 000,626,688 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Mai.mp3 [2012-07-04 16:25:30 | 000,001,660 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\WrSpezi_hq.htm [2012-07-04 16:05:41 | 000,033,039 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\4-Osiek ogródki.pdf [2012-07-03 19:01:52 | 003,962,944 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\IMG_5319.JPG [2012-07-03 18:44:02 | 069,500,928 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\00002.MTS [2012-06-27 22:58:44 | 000,703,317 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\020612.pdf [2012-06-27 10:11:41 | 000,128,937 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\PLAN roboczy.pdf [2012-06-26 13:42:37 | 001,775,033 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\JPM_ JPMorgan Metals Outlook_2012-05-01_843395.pdf [2012-06-26 10:53:38 | 002,257,391 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\miningroyaltiespublication.pdf [2012-06-26 08:32:59 | 000,175,342 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Podanie2.pdf [2012-06-26 08:30:41 | 000,174,691 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\Podanie1.pdf [2012-06-25 15:15:36 | 007,680,718 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\text.pdf [2012-06-25 08:39:42 | 000,553,424 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\HoC China Conf Highlights - June22.pdf [2012-06-24 18:08:32 | 000,000,941 | ---- | M] () -- C:\Users\ChrisMaruniak\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2012-06-24 18:08:32 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012-06-23 13:39:20 | 026,830,848 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\00016.MTS [2012-06-23 13:35:32 | 055,842,816 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\00015.MTS [2012-06-23 13:32:22 | 055,123,968 | ---- | M] () -- C:\Users\ChrisMaruniak\Desktop\00014.MTS [1 C:\Users\ChrisMaruniak\Documents\*.tmp files -> C:\Users\ChrisMaruniak\Documents\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-18 14:41:46 | 000,237,859 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\QoS_1108.jpg [2012-07-16 11:35:53 | 3954,035,484 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\1.avi [2012-07-15 23:36:49 | 004,616,278 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Hiszpania 2012 -_-187fff.jpg [2012-07-15 23:27:48 | 004,624,837 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Hiszpania 2012 -_-187beer.jpg [2012-07-15 22:43:02 | 005,962,240 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Hiszpania 2012 -_-187.JPG [2012-07-15 12:15:06 | 004,478,046 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Spanish music.mp3 [2012-07-14 21:05:57 | 000,055,209 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\catalogue.pdf [2012-07-14 19:22:44 | 000,153,166 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Spirit_006472_RGB_L.jpg [2012-07-14 19:22:35 | 000,157,106 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Spirit_006507_RGB_L.jpg [2012-07-13 10:23:58 | 000,000,045 | ---- | C] () -- C:\Users\ChrisMaruniak\MyConnection PC Lite Edition-Path [2012-07-13 10:22:01 | 000,000,040 | ---- | C] () -- C:\Users\ChrisMaruniak\MySpeed PC Lite Edition-Path [2012-07-12 19:38:16 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk [2012-07-12 13:54:14 | 000,084,085 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Mój film.wlmp [2012-07-12 13:48:40 | 026,830,848 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\00016.MTS [2012-07-12 13:48:37 | 055,842,816 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\00015.MTS [2012-07-12 13:48:33 | 055,123,968 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\00014.MTS [2012-07-11 14:08:08 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012-07-11 14:05:45 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012-07-10 15:29:17 | 000,002,191 | ---- | C] () -- C:\Users\ChrisMaruniak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk [2012-07-08 22:57:07 | 000,189,841 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\2957116-dziewczyna-z-tatuazem.jpg [2012-07-08 22:56:52 | 000,187,996 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\2957266-dziewczyna-z-tatuazem.jpg [2012-07-08 22:54:33 | 000,045,711 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\craig_640x0_rozmiar-niestandardowy.webp [2012-07-08 18:12:47 | 000,043,571 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\1239862796xPo4tH.webp [2012-07-08 15:02:19 | 004,300,630 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\03_kolekcjoner.pdf [2012-07-07 21:32:30 | 000,109,675 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Hes-back-Daniel-Craig-dashes-through-London-brandishing-James-Bonds-trusty-Walther-PPK-handgun-as-he-films-more-scenes-for-upcoming-film-Skyfall2.jpg [2012-07-07 21:31:43 | 000,120,064 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\article-1065225-02C0D0DE00000578-522_306x423_popup.jpg [2012-07-07 21:31:34 | 000,097,580 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\article-1065225-02C0BC4E00000578-303_306x423_popup.jpg [2012-07-05 21:50:58 | 205,827,448 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Sisi (2009) Część 2.rmvb [2012-07-05 21:50:07 | 352,282,750 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Sisi (2009) Część 1.rmvb [2012-07-05 20:06:02 | 000,236,131 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\bloo.jpg [2012-07-05 15:35:36 | 068,196,807 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\2012-06-29-10-27.pdf [2012-07-04 16:28:01 | 000,567,296 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Donato.mp3 [2012-07-04 16:27:48 | 000,595,968 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Atzenbrugger.mp3 [2012-07-04 16:27:40 | 000,626,688 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Mai.mp3 [2012-07-04 16:27:35 | 000,993,280 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Eljen.mp3 [2012-07-04 16:27:31 | 000,669,696 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Hetz.mp3 [2012-07-04 16:25:52 | 037,570,736 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\WrSpezi_hq.divx [2012-07-04 16:25:30 | 000,001,660 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\WrSpezi_hq.htm [2012-07-04 16:24:15 | 054,750,652 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Schmutzer-Tanz_hq.divx [2012-07-04 16:05:41 | 000,033,039 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\4-Osiek ogródki.pdf [2012-07-03 18:54:45 | 003,962,944 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\IMG_5319.JPG [2012-07-03 18:36:22 | 069,500,928 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\00002.MTS [2012-07-02 13:53:59 | 000,002,432 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2012-06-27 22:58:44 | 000,703,317 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\020612.pdf [2012-06-27 09:59:25 | 000,128,937 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\PLAN roboczy.pdf [2012-06-26 13:42:33 | 001,775,033 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\JPM_ JPMorgan Metals Outlook_2012-05-01_843395.pdf [2012-06-26 10:53:38 | 002,257,391 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\miningroyaltiespublication.pdf [2012-06-26 08:32:58 | 000,175,342 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Podanie2.pdf [2012-06-26 08:30:40 | 000,174,691 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\Podanie1.pdf [2012-06-25 08:43:08 | 000,553,424 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\HoC China Conf Highlights - June22.pdf [2012-06-24 18:08:32 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012-06-22 00:17:19 | 007,680,718 | ---- | C] () -- C:\Users\ChrisMaruniak\Desktop\text.pdf [2012-03-27 15:27:24 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI [2012-03-27 15:21:23 | 000,000,000 | ---- | C] () -- C:\Windows\FULINST.INI [2011-12-08 17:45:45 | 000,001,456 | ---- | C] () -- C:\Users\ChrisMaruniak\AppData\Local\Adobe Save for Web 12.0 Prefs [2011-10-15 18:46:06 | 000,000,132 | ---- | C] () -- C:\Users\ChrisMaruniak\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011-09-20 20:40:12 | 000,012,800 | ---- | C] () -- C:\Users\ChrisMaruniak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-09-08 09:12:37 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-09-08 09:11:28 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-09-07 15:35:45 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011-09-07 15:35:41 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-09-07 15:35:35 | 003,164,160 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2011-09-07 15:35:34 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-09-07 15:35:34 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-09-07 15:35:32 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-09-07 06:10:00 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll [2011-09-07 05:16:38 | 000,963,116 | ---- | C] () -- C:\Windows\System32\igkrng600.bin [2011-09-07 05:16:38 | 000,213,332 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin [2011-09-07 05:16:38 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [2011-09-07 05:16:37 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin [2011-09-07 05:16:37 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll [2011-09-07 05:16:37 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2011-09-07 01:37:52 | 000,002,080 | ---- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat [2011-09-07 01:36:29 | 000,001,372 | ---- | C] () -- C:\Windows\System32\VoipUpdate.ini [2011-09-07 01:36:28 | 000,030,893 | ---- | C] () -- C:\Windows\System32\drivers\Mixer.ini [2011-09-07 01:36:26 | 000,001,816 | ---- | C] () -- C:\Windows\System32\drivers\Altmixer.ini [2011-05-25 19:56:02 | 001,285,594 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [color=#E56717]========== LOP Check ==========[/color] [2011-09-20 19:23:28 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\ACD Systems [2011-12-09 23:50:55 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\Alior Trader DEMO [2011-11-06 22:09:59 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\cald3 [2012-06-18 11:32:44 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\calibre [2011-09-07 06:45:26 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011-10-28 23:27:45 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\DAEMON Tools Lite [2012-07-15 13:06:26 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\DriverCure [2012-07-16 00:17:41 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\foobar2000 [2011-10-02 17:57:59 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\Gadu-Gadu [2012-07-21 10:23:17 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\hellomoto [2011-09-07 17:20:17 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\ImgBurn [2011-10-31 15:54:29 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\Keronsoft [2011-12-27 01:01:13 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\NeatImage SL 32 [2012-07-08 00:10:07 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\NetMeter [2012-06-18 10:15:56 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\Nokia [2011-09-20 16:20:05 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\Nokia Ovi Suite [2012-06-15 00:14:30 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\Nokia Suite [2012-04-07 00:57:02 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\Opera [2011-09-20 15:59:03 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\PC Suite [2012-04-23 00:47:43 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\Podatnik.info [2011-09-07 00:53:59 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\PwrMgr [2011-12-09 23:23:40 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\Scripts [2011-10-28 15:41:31 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\Soft-R Research [2012-07-15 13:06:26 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\SpeedyPC Software [2012-04-15 19:50:26 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2011-09-07 01:35:37 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1 [2012-07-18 00:42:27 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\uTorrent [2011-09-16 11:26:03 | 000,000,000 | ---D | M] -- C:\Users\ChrisMaruniak\AppData\Roaming\Windows Live Writer [2012-05-14 12:10:14 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >