OTL logfile created on: 2012-07-25 17:55:27 - Run 1
OTL by OldTimer - Version 3.2.54.1     Folder = E:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
5,91 Gb Total Physical Memory | 4,47 Gb Available Physical Memory | 75,61% Memory free
11,82 Gb Paging File | 10,26 Gb Available in Paging File | 86,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 376,02 Gb Free Space | 80,75% Space Free | Partition Type: NTFS
Drive E: | 7,51 Gb Total Space | 3,37 Gb Free Space | 44,94% Space Free | Partition Type: FAT32
 
Computer Name: MICARS | User Name: A&I | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-07-25 17:50:30 | 000,596,480 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-11-29 11:50:03 | 002,916,736 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011-09-15 13:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011-06-07 23:32:03 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011-05-06 13:07:18 | 000,460,144 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
PRC - [2011-05-06 12:58:52 | 001,085,440 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
PRC - [2010-11-30 02:50:00 | 001,997,416 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010-10-07 14:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010-10-07 09:43:00 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010-09-23 16:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010-08-17 14:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010-05-24 15:44:48 | 000,151,552 | ---- | M] (Atheros) -- C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
PRC - [2009-12-15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009-07-31 10:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009-06-19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009-01-30 00:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
PRC - [2008-12-22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008-08-13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007-11-30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2010-09-23 16:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010-07-01 11:21:42 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2007-11-30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012-03-26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2012-03-26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2010-11-30 13:19:52 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2010-09-22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2012-07-13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-07-11 21:26:57 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-03-19 23:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-11-29 11:50:03 | 002,916,736 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011-09-15 13:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011-05-06 13:07:18 | 000,460,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2011-05-06 12:58:52 | 001,085,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)
SRV - [2010-11-30 02:50:00 | 001,997,416 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010-11-25 20:29:54 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010-05-24 15:44:48 | 000,151,552 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-12-15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009-06-15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-03-20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2012-03-19 23:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012-03-08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-06-27 02:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-30 02:50:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2010-11-25 20:30:12 | 000,275,616 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2010-11-25 20:30:12 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2010-11-25 20:30:12 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2010-11-25 20:30:12 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2010-11-25 20:30:12 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2010-11-25 20:30:12 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2010-11-25 20:30:10 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-10-28 11:33:54 | 000,215,104 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:[b]64bit:[/b] - [2010-10-28 11:33:54 | 000,081,984 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:[b]64bit:[/b] - [2010-10-20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010-10-14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2010-09-14 04:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010-09-08 13:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2010-09-07 11:19:38 | 001,800,832 | ---- | M] (Sonix Technology Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:[b]64bit:[/b] - [2010-08-24 11:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2010-06-25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:[b]64bit:[/b] - [2010-05-03 05:46:04 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:[b]64bit:[/b] - [2009-11-01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:[b]64bit:[/b] - [2009-07-21 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-02-17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:[b]64bit:[/b] - [2008-07-11 07:05:00 | 000,145,448 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
DRV:[b]64bit:[/b] - [2008-05-23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:[b]64bit:[/b] - [2007-02-16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:[b]64bit:[/b] - [2006-12-13 19:14:14 | 000,065,024 | ---- | M] (Aladdin Knowledge Systems Ltd.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:[b]64bit:[/b] - [2006-12-04 11:44:14 | 000,314,368 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV - [2010-07-26 13:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2008-11-23 12:23:06 | 000,097,792 | ---- | M] (T0r0 2008) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\NSHE.SYS -- (NSHE)
DRV - [2007-02-16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004-07-21 23:45:25 | 000,009,856 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDIO.sys -- (ElbyCDIO)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2470409557-1552822084-976138736-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.ebay.de/ [binary data]
IE - HKU\S-1-5-21-2470409557-1552822084-976138736-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://allegro.pl/
IE - HKU\S-1-5-21-2470409557-1552822084-976138736-1000\..\URLSearchHook: {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - No CLSID value found
IE - HKU\S-1-5-21-2470409557-1552822084-976138736-1000\..\SearchScopes,DefaultScope = {D1DE7AA2-A47A-4100-BE12-701D9C901A51}
IE - HKU\S-1-5-21-2470409557-1552822084-976138736-1000\..\SearchScopes\{62751A1A-69FA-4068-A91F-E0C93A73EF2E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=83876739-EBEF-4734-910C-B506D4DF8C17&apn_sauid=6BAC66EF-5D64-4B87-A006-B75A0EDA7FD7
IE - HKU\S-1-5-21-2470409557-1552822084-976138736-1000\..\SearchScopes\{D1DE7AA2-A47A-4100-BE12-701D9C901A51}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-2470409557-1552822084-976138736-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: pl@dictionaries.addons.mozilla.org:1.0.20110211
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\A&I\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\A&I\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
 
[2011-06-09 23:03:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\A&I\AppData\Roaming\mozilla\Extensions
[2011-06-09 23:03:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\A&I\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011-06-09 23:12:28 | 000,000,000 | ---D | M] (Image Zoom) -- C:\USERS\A&I\APPDATA\ROAMING\THUNDERBIRD\PROFILES\N4UC394O.DEFAULT\EXTENSIONS\{1A2D0EC4-75F5-4C91-89C4-3656F6E44B68}
[2011-06-09 23:37:48 | 000,000,000 | ---D | M] (Polski slownik poprawnej pisowni) -- C:\USERS\A&I\APPDATA\ROAMING\THUNDERBIRD\PROFILES\N4UC394O.DEFAULT\EXTENSIONS\PL@DICTIONARIES.ADDONS.MOZILLA.ORG
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\A&I\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\A&I\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\A&I\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\A&I\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\A&I\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\A&I\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\A&I\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Szukaj w Google = C:\Users\A&I\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Cargo Bridge: Armor Games Edition = C:\Users\A&I\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlpiaibleklmjieibbnmkignbggodmmj\2.1.1_0\
CHR - Extension: Show PDF in GViewer = C:\Users\A&I\AppData\Local\Google\Chrome\User Data\Default\Extensions\ionlmfkooifddhklhggcgdnajdgnnoie\1.1.0_0\
CHR - Extension: Skype Click to Call = C:\Users\A&I\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Illimitux = C:\Users\A&I\AppData\Local\Google\Chrome\User Data\Default\Extensions\mamnihopcnbfnbfnnneplcohmnkkpipb\1.0_0\
CHR - Extension: Gmail = C:\Users\A&I\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKU\S-1-5-21-2470409557-1552822084-976138736-1000\..\Toolbar\WebBrowser: (no name) - {8532A8B7-C06A-41BB-936A-8CE73E4711ED} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2470409557-1552822084-976138736-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-2470409557-1552822084-976138736-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2470409557-1552822084-976138736-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: &Przypomnij o aukcji - C:\Users\A&I\AppData\Roaming\Aukcjoner.net\reminder.htm ()
O8:[b]64bit:[/b] - Extra context menu item: &Upoluj aukcję snajperem - C:\Users\A&I\AppData\Roaming\Aukcjoner.net\sniper.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:[b]64bit:[/b] - Extra context menu item: Przyciski Aukcjoner.net... - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: Sprawdź/&oceń sprzedającego - C:\Users\A&I\AppData\Roaming\Aukcjoner.net\feedback.htm ()
O8 - Extra context menu item: &Przypomnij o aukcji - C:\Users\A&I\AppData\Roaming\Aukcjoner.net\reminder.htm ()
O8 - Extra context menu item: &Upoluj aukcję snajperem - C:\Users\A&I\AppData\Roaming\Aukcjoner.net\sniper.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Przyciski Aukcjoner.net... - Reg Error: Value error. File not found
O8 - Extra context menu item: Sprawdź/&oceń sprzedającego - C:\Users\A&I\AppData\Roaming\Aukcjoner.net\feedback.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.0)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A88D997-6F7B-4B06-ABFC-9664EC16FBA3}: DhcpNameServer = 194.204.152.34 194.204.159.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4eb3e76d-5ba2-11e1-9858-e0b9a5287b05}\Shell - "" = AutoRun
O33 - MountPoints2\{4eb3e76d-5ba2-11e1-9858-e0b9a5287b05}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{4eb3e76f-5ba2-11e1-9858-e0b9a5287b05}\Shell - "" = AutoRun
O33 - MountPoints2\{4eb3e76f-5ba2-11e1-9858-e0b9a5287b05}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{4eb3e774-5ba2-11e1-9858-e0b9a5287b05}\Shell - "" = AutoRun
O33 - MountPoints2\{4eb3e774-5ba2-11e1-9858-e0b9a5287b05}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{8af73d01-9179-11e0-8818-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8af73d01-9179-11e0-8818-806e6f6e6963}\Shell\AutoRun\command - "" = D:\InstAll.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-25 08:47:36 | 000,000,000 | ---D | C] -- C:\FRST
[2012-07-25 01:34:54 | 001,153,912 | ---- | C] (Emsi Software GmbH) -- C:\Users\A&I\Desktop\BlitzBlank.exe
[2012-07-25 00:35:47 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe.6DCF1AEF06731825
[2012-07-25 00:28:10 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\ElevatedDiagnostics
[2012-07-25 00:23:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012-07-25 00:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012-07-25 00:21:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-07-24 23:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ccccccccc
[2012-07-24 22:26:59 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{ACAF752D-B626-412D-A3E4-462032536B14}
[2012-07-24 22:26:47 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{786B3ECA-D969-4F24-9371-401266EC12E5}
[2012-07-24 10:26:17 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{E5F5E644-FB24-4BED-B7C6-3A3FFEB89157}
[2012-07-24 10:26:05 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{F7BCE019-CD53-4B79-B9CC-E747D91DD2BA}
[2012-07-24 10:21:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Atheros
[2012-07-24 10:21:21 | 000,000,000 | ---D | C] -- C:\Users\A&I\Documents\Bluetooth Folder
[2012-07-24 00:46:25 | 000,000,000 | ---D | C] -- C:\Users\A&I\Documents\Menu Afrodyta i inne
[2012-07-23 22:25:37 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{84465DC7-760B-442B-A08A-B8D2C7AB8440}
[2012-07-23 22:25:25 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{56B80197-40A2-4C86-B92E-9F4D32BFAA7D}
[2012-07-23 22:23:39 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{B66DF3D8-E82C-4287-BE46-9D31CBD4296E}
[2012-07-23 22:16:17 | 000,926,624 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\SysNative\ChilkatCrypt2.dll
[2012-07-23 22:16:16 | 000,660,384 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\SysNative\ChilkatUtil.dll
[2012-07-23 22:16:15 | 000,856,992 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\SysNative\ChilkatCert.dll
[2012-07-23 22:15:47 | 000,145,448 | ---- | C] (SafeNet, Inc.) -- C:\Windows\SysNative\drivers\sentinel64.sys
[2012-07-23 22:15:41 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012-07-23 10:23:05 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{D7CD87EB-5595-4018-85AB-B5EF7C06D79E}
[2012-07-23 10:22:53 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{AD8AF43A-CFC9-4FDB-AD66-60CE249E98C4}
[2012-07-23 02:02:08 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{1C352978-7ABB-46A8-BAAA-B7DEDA7FA1F1}
[2012-07-23 01:33:34 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{86C91AC5-2CE3-4350-B91D-84D4391F1235}
[2012-07-23 01:33:16 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{AFBE6AEE-A6EA-4CC8-80F9-8EDEFB4647D3}
[2012-07-22 12:38:39 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{07044379-3D09-4D64-A0EB-454C0E73B333}
[2012-07-22 12:38:27 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{086D5350-FA42-4E45-A5E3-3A0C5CA7B2D7}
[2012-07-21 22:54:13 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nagrywanie
[2012-07-21 22:08:24 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{EDA1C91E-1971-446D-9A9A-21179900EA03}
[2012-07-21 22:08:12 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{016F50C5-B7BA-43B9-8FA7-0E5FEEA49F8C}
[2012-07-21 21:19:21 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Roaming\ImgBurn
[2012-07-21 21:18:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2012-07-21 11:12:19 | 000,000,000 | ---D | C] -- C:\Windows\XSxS
[2012-07-21 11:12:19 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\Xenocode
[2012-07-21 11:12:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xenocode
[2012-07-21 11:12:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\winevt
[2012-07-21 11:12:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\CodeIntegrity
[2012-07-21 10:07:38 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{8A1323E6-E03E-47CE-A7B6-24D6728F38B6}
[2012-07-21 10:07:26 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{15F078F7-4180-4944-A18B-B60DDE70758A}
[2012-07-20 09:16:18 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{5FFA9B77-B33F-41CC-9504-2419B1003D9C}
[2012-07-20 09:16:06 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{B6000927-33BA-40AE-8401-F16B6E10AF0D}
[2012-07-19 21:15:36 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{F420003E-4493-4BF9-8175-9AD296981F26}
[2012-07-19 21:15:24 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{0CBBEA1D-2068-47AA-8F6F-44942F0C1EDC}
[2012-07-19 09:14:54 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{79BCCABB-2E94-4A20-936C-3B9CF08B94C3}
[2012-07-19 09:14:42 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{C28BEADA-AF67-4A4B-94B3-5DDCA6A282F5}
[2012-07-18 21:00:41 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{CDD94725-FFD2-40F1-BB39-3E1BF24A0F77}
[2012-07-18 21:00:29 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{0100DEEA-3BBC-453D-9460-64B3091F3815}
[2012-07-18 09:00:30 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{EC65DB3F-0D3A-45BE-9EA5-7E4ABA017C18}
[2012-07-17 11:08:26 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{518D29C4-38EF-4DDC-BD48-7DF7214F1DA1}
[2012-07-17 11:08:13 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{6D2FE94A-D3A7-44E0-9435-CAF6133C8AEC}
[2012-07-16 20:38:37 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{276EBA79-AD7B-4749-BDF6-9CEED7F4B6E4}
[2012-07-16 20:38:25 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{A6778002-779B-4A07-BD27-EF904A5C69E9}
[2012-07-16 08:37:55 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{3C52A15D-D62B-4B1F-81F9-0C46A2AB1CAE}
[2012-07-16 08:37:42 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{292B35E8-8466-4E6D-8C44-BAE3D38ACC43}
[2012-07-15 21:30:31 | 000,000,000 | ---D | C] -- C:\Users\A&I\Desktop\Smart
[2012-07-15 12:40:55 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{08A03B98-EE91-4FFB-AE2C-CD34E22051F9}
[2012-07-15 12:40:43 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{EAF0B93E-841D-4F9C-B4EB-184D7FC97678}
[2012-07-14 12:19:19 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{75B32199-22F2-46E5-96D6-9724A1D54AC6}
[2012-07-14 12:19:07 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{8B14BDC2-C2C7-4B93-8964-717C52BA96E3}
[2012-07-14 11:09:03 | 000,000,000 | ---D | C] -- C:\Users\A&I\Desktop\Launch
[2012-07-14 10:44:01 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\GHISLER
[2012-07-14 00:18:39 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{15FA622E-F78D-411E-AA2A-DC291ED716CE}
[2012-07-14 00:17:33 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{FA2D9BAC-F80A-4EBB-A4E5-2F3DD12C0418}
[2012-07-13 09:28:33 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{C72184ED-AF31-4A7C-B208-D804EC25E410}
[2012-07-13 09:28:21 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{311977CF-B170-467F-AC01-126E6A5D0E95}
[2012-07-12 21:39:51 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-07-12 21:39:51 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-07-12 21:39:49 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-07-12 21:39:49 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-07-12 21:39:47 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-07-12 21:39:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-07-12 21:39:46 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-07-12 21:39:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-07-12 21:39:43 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-07-12 21:39:42 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012-07-12 21:39:42 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-07-12 21:39:41 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012-07-12 21:39:41 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-07-12 21:14:31 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012-07-12 21:14:31 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012-07-12 18:27:44 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{279ECD5F-1343-48A0-9D13-66A2B01FE75C}
[2012-07-12 18:27:32 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{FD3C883B-56A8-45A2-A678-DF571B8CBB66}
[2012-07-12 05:03:14 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{78A2FDD5-475B-46A0-84E4-8AE821CDEBAD}
[2012-07-11 14:00:21 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{241FBE78-BB64-4B5E-999F-D2216A5CBFCC}
[2012-07-11 14:00:09 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{134DC53B-F334-4AA7-9A72-26813F6AF9B9}
[2012-07-11 13:47:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012-07-11 13:47:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012-07-11 13:47:32 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012-07-11 13:47:28 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012-07-11 13:47:26 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012-07-10 19:58:33 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{212EC814-BFB0-4F4C-B252-1F06DBA9327A}
[2012-07-10 19:58:21 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{9DF73E19-7F25-4E86-A7AC-B60070128DA3}
[2012-07-10 07:57:51 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{992675B8-6881-4992-A85D-4D55D1BA93A9}
[2012-07-10 07:57:39 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{0AABEADF-FCA6-4433-B0B2-112FF7E285FB}
[2012-07-09 12:52:36 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{7D75615A-366A-47C2-9E29-DAE01C2551FC}
[2012-07-09 12:52:24 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{3C558BC7-182D-4766-A2DA-CE42176C54E8}
[2012-07-09 10:18:10 | 000,000,000 | ---D | C] -- C:\Users\A&I\Documents\Launch X431
[2012-07-09 00:51:56 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{BDA9399E-C102-4279-A6B6-8714E1BAD158}
[2012-07-09 00:51:44 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{33A310AE-C929-4E6F-8B6C-F3C9CBE3AC97}
[2012-07-08 18:09:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X431Update
[2012-07-08 18:09:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\X431Update
[2012-07-08 12:51:29 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{23123DF3-F024-4E5E-9DA8-2E91215DA820}
[2012-07-08 12:51:17 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{1B0AD606-9523-4083-9136-9C22BB92C9BD}
[2012-07-08 00:50:52 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{BA6545E5-0F19-4000-A00B-B538386A6647}
[2012-07-08 00:49:45 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{367BF6DD-243B-4D3D-81A1-E942A84FB7BE}
[2012-07-07 08:39:35 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{C4E83E57-48A6-4A46-9F1E-C05362E9CA40}
[2012-07-07 08:39:22 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{E5ECE003-92F0-4200-BF49-0176CB8619C3}
[2012-07-07 01:46:29 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012-07-06 18:15:19 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{8D4DF1BF-EAC7-4305-860A-136CA8F3730C}
[2012-07-06 04:11:04 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{C825A423-1F77-419E-B4AA-40A64F4A7501}
[2012-07-05 13:55:25 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{8C878580-65DA-41BC-BBC0-D93BF1F62171}
[2012-07-05 13:54:48 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{34E4D40F-C372-4570-9E2E-FFF30C127F2B}
[2012-07-05 01:54:20 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{3032C548-AB29-4A9A-959E-837C42F9DE31}
[2012-07-05 01:54:08 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{D6F1C32B-7302-4C56-B9E4-4738476D011D}
[2012-07-04 13:53:38 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{58AF1E16-12A3-4066-A500-93D34CBE3BC6}
[2012-07-04 13:53:02 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{CEC5A640-1D64-4B99-8DF0-8A4568954389}
[2012-07-04 01:07:37 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{AFFC38FF-23CF-4C82-ACD0-77FD147FA003}
[2012-07-04 01:07:19 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{456AB34B-3B5A-4FA2-A287-FDC7DD83379D}
[2012-07-03 12:14:02 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{3811EA09-3687-4697-9AA7-72CFA81A9743}
[2012-07-03 12:13:50 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{655991EC-B66A-4920-89BC-140B485E7EA8}
[2012-07-02 23:58:55 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{8C47F2D1-3C5A-43FF-AA6B-D02EBF01BC0C}
[2012-07-02 23:58:43 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{2F7ACBD9-1701-49A5-9DBA-83A776FEE07E}
[2012-07-02 23:42:59 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012-07-02 16:40:38 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{85E883F0-4DBC-449D-8759-946DD93A0DE7}
[2012-07-02 01:53:11 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{2523905F-B703-41A8-BA53-9FE2D8BDF69A}
[2012-07-02 01:52:56 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{FB3F0228-00B4-45A1-B9F0-B6A5FBE8A4CB}
[2012-07-01 13:17:00 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{A7644362-98DD-488F-A161-1C035CD961E1}
[2012-07-01 13:16:48 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{62AD26B7-CB9B-48F2-87A1-8C2C131D7AA2}
[2012-06-30 22:33:24 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{EF996C79-6DCD-479F-8381-47A4E562400E}
[2012-06-30 22:33:12 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{AEC0B2AA-CE76-47A9-97BC-B29D1564C46C}
[2012-06-30 09:41:08 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{269D8A22-765F-4070-A784-C72E1FB529F2}
[2012-06-30 09:40:56 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{B9EA6DF2-5ABC-436C-A489-23417DDF9F41}
[2012-06-30 00:33:59 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{4FF1CB32-3A33-4863-839A-41AC30E4DD9D}
[2012-06-30 00:33:47 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{DA9EC14A-5999-4A3A-95AA-27FC4F715025}
[2012-06-29 11:00:03 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{11CAAC1E-23E8-41E6-A7CB-4E6D5378A9D7}
[2012-06-29 10:59:51 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{650D8621-FBDE-4995-9692-D8CB124C2DF9}
[2012-06-28 22:59:24 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{D326B9FC-74C7-42E8-976F-448E4C976239}
[2012-06-28 22:58:17 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{600C94D6-06D7-4E3C-B75D-C09804740F1E}
[2012-06-28 10:28:08 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{EFE430F6-7328-4CF6-8E12-0F344019835B}
[2012-06-28 10:27:56 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{0E925A7D-A8AC-4FDC-909E-C874B7B51C27}
[2012-06-27 22:27:29 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{BF052009-D2C1-4845-BE35-BD0D7646DE31}
[2012-06-27 22:27:17 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{B71EB044-BAF3-4124-804B-01DE3BB96EB4}
[2012-06-27 10:26:48 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{BB30A2B8-3333-47A9-8D1B-29D72F89A1F8}
[2012-06-27 10:26:35 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{61283816-C452-4059-8AF4-97A2051F2D5D}
[2012-06-27 00:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012-06-27 00:19:03 | 000,955,800 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012-06-27 00:19:03 | 000,268,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012-06-26 20:36:33 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{1F41B12B-7158-4CAC-B8EF-8B287F18F0E0}
[2012-06-26 20:36:21 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{BD5FA27E-6BC5-464F-8D24-CBCF8BDA9334}
[2012-06-26 08:44:56 | 000,000,000 | ---D | C] -- C:\Firefox
[2012-06-26 08:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012-06-26 08:33:38 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012-06-26 08:33:38 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012-06-25 22:26:01 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{AB811EB3-4DD2-457A-9E36-F6E5BABDA904}
[2012-06-25 22:25:49 | 000,000,000 | ---D | C] -- C:\Users\A&I\AppData\Local\{7BDC10F2-0051-4C83-8D8B-0135069FCE28}
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-07-25 17:54:53 | 001,587,166 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-07-25 17:54:53 | 000,711,686 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-07-25 17:54:53 | 000,629,782 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-07-25 17:54:53 | 000,140,004 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-07-25 17:54:53 | 000,111,402 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-07-25 17:54:23 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-07-25 17:54:23 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-07-25 17:46:49 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-07-25 17:46:47 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2012-07-25 17:46:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-07-25 17:45:56 | 466,653,183 | -HS- | M] () -- C:\hiberfil.sys
[2012-07-25 01:44:08 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012-07-25 01:35:04 | 001,153,912 | ---- | M] (Emsi Software GmbH) -- C:\Users\A&I\Desktop\BlitzBlank.exe
[2012-07-25 00:35:47 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe.6DCF1AEF06731825
[2012-07-25 00:29:00 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-07-25 00:24:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2470409557-1552822084-976138736-1000UA.job
[2012-07-25 00:23:40 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012-07-25 00:23:29 | 001,607,228 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-07-25 00:05:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-07-24 19:50:00 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2470409557-1552822084-976138736-1000Core.job
[2012-07-24 15:22:43 | 000,000,266 | ---- | M] () -- C:\Users\A&I\Desktop\PRZEKLADNIA BOXER DUCATO JUMPER STILO MAGLOWNICA (3) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-24 15:21:54 | 000,000,266 | ---- | M] () -- C:\Users\A&I\Desktop\PRZEKLADNIA BOXER DUCATO JUMPER STILO MAGLOWNICA (2) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-23 18:03:41 | 000,000,266 | ---- | M] () -- C:\Users\A&I\Desktop\MAGLOWNICA PRZEKŁADNIA KIEROWNICZA MOVANO DUCATO (2481580920) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-23 18:03:35 | 000,000,266 | ---- | M] () -- C:\Users\A&I\Desktop\PRZEKLADNIA BOXER DUCATO JUMPER STILO MAGLOWNICA (2464632245) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-23 00:07:43 | 000,000,267 | ---- | M] () -- C:\Users\A&I\Desktop\AUDI A8 D3 4e0 maglownica przekładnia kierownicza (2466366437) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-23 00:04:53 | 000,000,265 | ---- | M] () -- C:\Users\A&I\Desktop\Sprężarka, pompa zawieszenia Audi A8 Wabco Tanio! (2484400760) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-22 22:24:15 | 000,000,529 | ---- | M] () -- C:\Users\A&I\Desktop\mercedesa w 107 (2502396691) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-22 22:24:07 | 000,000,529 | ---- | M] () -- C:\Users\A&I\Desktop\Mercedes Benz W107 450 SLC 5.0 L 5000cm3 SL (2509605407) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-22 21:50:34 | 000,000,252 | ---- | M] () -- C:\Users\A&I\Desktop\maska Mercedes W107 SL 107 SLC alu (2478924161) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-22 00:55:05 | 000,000,128 | ---- | M] () -- C:\Users\A&I\Desktop\Budowanie, konwersje i modyfikacje pojazdów elektrycznych.url
[2012-07-21 22:21:31 | 000,000,230 | ---- | M] () -- C:\Users\A&I\Desktop\Mercedes W115 zderzak przód (2501671202) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-20 12:06:52 | 000,000,160 | ---- | M] () -- C:\Users\A&I\Desktop\Wymiana rdzeni  CHŁODNICE, CHLODNICE , CHŁODNICE SAMOCHODOWE, PRZEŹMIEROWO CHŁODNICE NOWAK CHŁODNICE , Chłodnice samochodowe Poznań - Przeźmierowo. Sprzedaż, naprawa, regeneracja.url
[2012-07-20 02:08:21 | 000,000,262 | ---- | M] () -- C:\Users\A&I\Desktop\ZASILACZ 15V 800mA 12VA GERMANY NOWY FAKTURA (2474309799) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-20 01:16:41 | 000,000,279 | ---- | M] () -- C:\Users\A&I\Desktop\Audi MMI HIGH 2G Digital Road Map 2012 4E0 060 884 CN - Audi MMI 2G Digital - BOMBA63 - Chomikuj.pl.url
[2012-07-19 10:09:44 | 000,000,265 | ---- | M] () -- C:\Users\A&I\Desktop\Meble ogrodowe rattanowe fotele 6 stół ogrodowy (2346610873) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-15 21:38:27 | 000,000,266 | ---- | M] () -- C:\Users\A&I\Desktop\zasilacz stabilizowany INVENTEL 15V -1,5A GWAR FV (2485959259) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-15 13:13:16 | 000,000,232 | ---- | M] () -- C:\Users\A&I\Desktop\Oferta - Mercedes-Benz 350 - Komplet dokumentów do rejestracji.url
[2012-07-13 09:20:51 | 000,001,278 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012-07-13 09:19:52 | 000,293,976 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-07-12 23:21:21 | 000,000,267 | ---- | M] () -- C:\Users\A&I\Desktop\GRILL ATRAPA AUDI A8 S8 D3 PION CHROM 4E0853651AL (2486556886) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-12 16:16:38 | 000,000,122 | ---- | M] () -- C:\Users\A&I\.ewanapi_cookie
[2012-07-11 21:26:55 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-07-11 21:26:54 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-07-08 21:47:01 | 000,000,197 | ---- | M] () -- C:\Users\A&I\Desktop\Launch X431 Update Guide.url
[2012-07-08 18:09:28 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\X431Update.lnk
[2012-07-05 02:02:01 | 000,000,247 | ---- | M] () -- C:\Users\A&I\Desktop\MASKA AUDI A8 D3 SZEROKI GRIL (2451331964) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-02 11:24:21 | 000,000,138 | ---- | M] () -- C:\Users\A&I\Desktop\Czynnik chłodniczy R134aczynniki chłodnicze.url
[2012-07-02 10:49:06 | 000,000,131 | ---- | M] () -- C:\Users\A&I\Desktop\Klimatyzacja samochodowa serwis napełnianie odgrzybianie.url
[2012-07-02 00:35:07 | 000,000,137 | ---- | M] () -- C:\Users\A&I\Desktop\Wszystko o klimatyzacji samochodowej i drukowaniu w biurze.url
[2012-06-30 22:58:27 | 000,000,266 | ---- | M] () -- C:\Users\A&I\Desktop\Donica drewniana Skrzynka folia gratis- PRODUCENT (2429250480) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-06-27 12:47:39 | 000,000,206 | ---- | M] () -- C:\Users\A&I\Desktop\touch screen do star diagnosis basic#6323427.url
[2012-06-27 10:25:12 | 000,001,968 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012-06-27 00:27:22 | 000,000,137 | ---- | M] () -- C:\Users\A&I\Desktop\VIN Decoder Mercedes-benz Luxuskombi.url
[2012-06-27 00:18:41 | 000,268,720 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012-06-27 00:18:41 | 000,189,360 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012-06-27 00:18:41 | 000,188,840 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012-06-26 22:14:33 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-06-25 18:15:07 | 000,000,283 | ---- | M] () -- C:\Users\A&I\Desktop\Zlot miłośników mercedesów na Dniach Osjakowa - Naszemiasto.pl#galeria.url
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-07-25 00:23:32 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012-07-24 15:22:43 | 000,000,266 | ---- | C] () -- C:\Users\A&I\Desktop\PRZEKLADNIA BOXER DUCATO JUMPER STILO MAGLOWNICA (3) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-24 15:21:54 | 000,000,266 | ---- | C] () -- C:\Users\A&I\Desktop\PRZEKLADNIA BOXER DUCATO JUMPER STILO MAGLOWNICA (2) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-24 10:21:10 | 000,000,035 | ---- | C] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2012-07-23 22:16:13 | 000,436,736 | ---- | C] () -- C:\Windows\SysNative\Autoserv.exe
[2012-07-23 18:03:41 | 000,000,266 | ---- | C] () -- C:\Users\A&I\Desktop\MAGLOWNICA PRZEKŁADNIA KIEROWNICZA MOVANO DUCATO (2481580920) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-23 18:03:35 | 000,000,266 | ---- | C] () -- C:\Users\A&I\Desktop\PRZEKLADNIA BOXER DUCATO JUMPER STILO MAGLOWNICA (2464632245) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-23 00:07:43 | 000,000,267 | ---- | C] () -- C:\Users\A&I\Desktop\AUDI A8 D3 4e0 maglownica przekładnia kierownicza (2466366437) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-23 00:04:53 | 000,000,265 | ---- | C] () -- C:\Users\A&I\Desktop\Sprężarka, pompa zawieszenia Audi A8 Wabco Tanio! (2484400760) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-22 22:24:15 | 000,000,529 | ---- | C] () -- C:\Users\A&I\Desktop\mercedesa w 107 (2502396691) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-22 22:24:07 | 000,000,529 | ---- | C] () -- C:\Users\A&I\Desktop\Mercedes Benz W107 450 SLC 5.0 L 5000cm3 SL (2509605407) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-22 21:50:34 | 000,000,252 | ---- | C] () -- C:\Users\A&I\Desktop\maska Mercedes W107 SL 107 SLC alu (2478924161) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-22 00:55:05 | 000,000,128 | ---- | C] () -- C:\Users\A&I\Desktop\Budowanie, konwersje i modyfikacje pojazdów elektrycznych.url
[2012-07-21 22:21:31 | 000,000,230 | ---- | C] () -- C:\Users\A&I\Desktop\Mercedes W115 zderzak przód (2501671202) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-20 12:06:52 | 000,000,160 | ---- | C] () -- C:\Users\A&I\Desktop\Wymiana rdzeni  CHŁODNICE, CHLODNICE , CHŁODNICE SAMOCHODOWE, PRZEŹMIEROWO CHŁODNICE NOWAK CHŁODNICE , Chłodnice samochodowe Poznań - Przeźmierowo. Sprzedaż, naprawa, regeneracja.url
[2012-07-20 02:08:20 | 000,000,262 | ---- | C] () -- C:\Users\A&I\Desktop\ZASILACZ 15V 800mA 12VA GERMANY NOWY FAKTURA (2474309799) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-20 01:16:41 | 000,000,279 | ---- | C] () -- C:\Users\A&I\Desktop\Audi MMI HIGH 2G Digital Road Map 2012 4E0 060 884 CN - Audi MMI 2G Digital - BOMBA63 - Chomikuj.pl.url
[2012-07-19 10:09:44 | 000,000,265 | ---- | C] () -- C:\Users\A&I\Desktop\Meble ogrodowe rattanowe fotele 6 stół ogrodowy (2346610873) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-15 21:38:27 | 000,000,266 | ---- | C] () -- C:\Users\A&I\Desktop\zasilacz stabilizowany INVENTEL 15V -1,5A GWAR FV (2485959259) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-15 13:13:16 | 000,000,232 | ---- | C] () -- C:\Users\A&I\Desktop\Oferta - Mercedes-Benz 350 - Komplet dokumentów do rejestracji.url
[2012-07-12 23:21:21 | 000,000,267 | ---- | C] () -- C:\Users\A&I\Desktop\GRILL ATRAPA AUDI A8 S8 D3 PION CHROM 4E0853651AL (2486556886) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-08 21:47:01 | 000,000,197 | ---- | C] () -- C:\Users\A&I\Desktop\Launch X431 Update Guide.url
[2012-07-08 18:09:28 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\X431Update.lnk
[2012-07-05 02:02:01 | 000,000,247 | ---- | C] () -- C:\Users\A&I\Desktop\MASKA AUDI A8 D3 SZEROKI GRIL (2451331964) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-07-02 11:24:21 | 000,000,138 | ---- | C] () -- C:\Users\A&I\Desktop\Czynnik chłodniczy R134aczynniki chłodnicze.url
[2012-07-02 10:49:06 | 000,000,131 | ---- | C] () -- C:\Users\A&I\Desktop\Klimatyzacja samochodowa serwis napełnianie odgrzybianie.url
[2012-07-02 00:35:07 | 000,000,137 | ---- | C] () -- C:\Users\A&I\Desktop\Wszystko o klimatyzacji samochodowej i drukowaniu w biurze.url
[2012-06-30 22:58:27 | 000,000,266 | ---- | C] () -- C:\Users\A&I\Desktop\Donica drewniana Skrzynka folia gratis- PRODUCENT (2429250480) - Allegro.pl - Więcej niż aukcje. Najlepsze oferty na największej platformie handlowej..url
[2012-06-27 12:47:39 | 000,000,206 | ---- | C] () -- C:\Users\A&I\Desktop\touch screen do star diagnosis basic#6323427.url
[2012-06-27 00:27:22 | 000,000,137 | ---- | C] () -- C:\Users\A&I\Desktop\VIN Decoder Mercedes-benz Luxuskombi.url
[2012-06-25 18:15:07 | 000,000,283 | ---- | C] () -- C:\Users\A&I\Desktop\Zlot miłośników mercedesów na Dniach Osjakowa - Naszemiasto.pl#galeria.url
[2012-03-19 23:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012-03-19 23:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012-03-19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-03-19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012-02-26 15:14:44 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2012-02-26 15:02:59 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012-01-11 11:30:42 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012-01-09 20:45:18 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-01-06 01:56:20 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\hlduinst.exe
[2012-01-06 01:56:19 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE
[2011-11-18 23:24:23 | 000,007,602 | ---- | C] () -- C:\Users\A&I\AppData\Local\Resmon.ResmonCfg
[2011-09-18 21:53:27 | 000,877,056 | ---- | C] () -- C:\Windows\SysWow64\avcodec-52.45.0.dll
[2011-09-18 21:53:27 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\AVC_AP_H264.dll
[2011-09-18 21:53:27 | 000,102,912 | ---- | C] () -- C:\Windows\SysWow64\swscale-0.7.2.dll
[2011-09-18 21:53:27 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\avformat-52.46.0.dll
[2011-09-18 21:53:27 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\avutil-50.7.0.dll
[2011-09-18 21:53:27 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\AVC_AP_JPEG.dll
[2011-09-18 21:53:27 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\AVC_AP_SCALE.dll
[2011-09-18 21:53:27 | 000,004,608 | ---- | C] () -- C:\Windows\SysWow64\avdevice-52.2.0.dll
[2011-09-18 21:53:26 | 000,877,568 | ---- | C] () -- C:\Windows\SysWow64\avcodec-52.dll
[2011-09-18 21:53:26 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\Deinterlace.dll
[2011-09-18 21:53:26 | 000,120,320 | ---- | C] () -- C:\Windows\SysWow64\swscale-0.dll
[2011-09-18 21:53:26 | 000,075,776 | ---- | C] () -- C:\Windows\SysWow64\avformat-52.dll
[2011-09-18 21:53:26 | 000,046,592 | ---- | C] () -- C:\Windows\SysWow64\avutil-50.dll
[2011-09-18 21:53:26 | 000,004,608 | ---- | C] () -- C:\Windows\SysWow64\avdevice-52.dll
[2011-09-18 21:53:23 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\AVC_H264.dll
[2011-09-18 21:53:23 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\AVC_JPEG.dll
[2011-09-12 21:13:23 | 000,000,198 | ---- | C] () -- C:\Windows\pdf2word.INI
[2011-09-02 14:25:15 | 000,000,149 | ---- | C] () -- C:\Windows\disney.ini
[2011-08-17 00:19:39 | 000,000,122 | ---- | C] () -- C:\Users\A&I\.ewanapi_cookie
[2011-06-27 01:02:51 | 000,004,608 | ---- | C] () -- C:\Users\A&I\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-06-12 00:38:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011-06-11 21:23:51 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011-06-09 00:25:37 | 001,607,228 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-06-07 23:18:38 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2011-06-07 23:08:52 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-06-19 17:03:30 | 000,000,000 | ---D | M] -- C:\Users\A&I\AppData\Roaming\Aukcjoner.net
[2011-09-02 14:29:12 | 000,000,000 | ---D | M] -- C:\Users\A&I\AppData\Roaming\Disney Interactive
[2011-06-27 01:02:38 | 000,000,000 | ---D | M] -- C:\Users\A&I\AppData\Roaming\Flip Video
[2012-02-11 01:27:15 | 000,000,000 | ---D | M] -- C:\Users\A&I\AppData\Roaming\GHISLER
[2012-01-22 10:12:55 | 000,000,000 | ---D | M] -- C:\Users\A&I\AppData\Roaming\HTC
[2011-08-15 17:21:10 | 000,000,000 | ---D | M] -- C:\Users\A&I\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012-07-23 18:20:02 | 000,000,000 | ---D | M] -- C:\Users\A&I\AppData\Roaming\ImgBurn
[2011-07-17 11:14:01 | 000,000,000 | ---D | M] -- C:\Users\A&I\AppData\Roaming\OpenOffice.org
[2011-12-05 10:57:54 | 000,000,000 | ---D | M] -- C:\Users\A&I\AppData\Roaming\TeamViewer
[2011-06-09 23:03:13 | 000,000,000 | ---D | M] -- C:\Users\A&I\AppData\Roaming\Thunderbird
[2012-03-03 02:26:23 | 000,000,000 | ---D | M] -- C:\Users\A&I\AppData\Roaming\Win8codecs
[2011-06-13 13:32:38 | 000,000,000 | ---D | M] -- C:\Users\A&I\AppData\Roaming\Windows Live Writer
[2011-10-31 21:13:38 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\HTC
[2012-07-24 10:20:58 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 24 bytes -> C:\Windows:3FB4A6D367F67493

< End of report >