OTL logfile created on: 8/1/2012 1:09:15 PM - Run 3
OTL by OldTimer - Version 3.2.54.0     Folder = C:\Users\Michał\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1.96 Gb Total Physical Memory | 0.79 Gb Available Physical Memory | 40.22% Memory free
3.92 Gb Paging File | 2.39 Gb Available in Paging File | 61.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 106.39 Gb Total Space | 65.02 Gb Free Space | 61.11% Space Free | Partition Type: NTFS
Drive D: | 106.39 Gb Total Space | 20.79 Gb Free Space | 19.54% Space Free | Partition Type: NTFS
 
Computer Name: SAMSUNG | User Name: Michał | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/07/12 22:15:25 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe
PRC - [2012/06/28 11:05:00 | 002,160,024 | ---- | M] (ManyCam LLC) -- C:\Program Files\ManyCam\Bin\ManyCam.exe
PRC - [2012/06/27 12:29:26 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/06/27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012/05/26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Michał\AppData\Local\Akamai\netsession_win.exe
PRC - [2011/11/28 20:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/12 11:42:50 | 001,647,448 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2011/10/08 18:34:24 | 000,820,568 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/08/04 17:08:56 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEUPDT.EXE
PRC - [2011/08/04 17:06:12 | 001,612,920 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2011/03/14 19:09:00 | 002,565,520 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/07 09:56:11 | 000,138,192 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2011/01/20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010/12/01 16:26:42 | 000,574,216 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelAppStore\bin\serviceManager.exe
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/05/06 08:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010/01/19 04:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2009/11/04 06:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009/10/13 12:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009/06/03 13:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/04/15 16:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/08/01 12:53:55 | 000,033,792 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\YTMP7MC8AA\TAA73FF.tmp
MOD - [2012/08/01 12:53:50 | 000,086,016 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM6015.tmp
MOD - [2012/08/01 12:53:50 | 000,086,016 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM5FD5.tmp
MOD - [2012/08/01 12:53:50 | 000,086,016 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM5D82.tmp
MOD - [2012/08/01 12:53:49 | 000,086,016 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM5CE4.tmp
MOD - [2012/08/01 12:53:48 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM591A.tmp
MOD - [2012/08/01 12:53:48 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM581E.tmp
MOD - [2012/08/01 12:53:47 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM5658.tmp
MOD - [2012/08/01 12:53:47 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM5491.tmp
MOD - [2012/08/01 12:53:47 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM53B5.tmp
MOD - [2012/08/01 12:53:46 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM528B.tmp
MOD - [2012/08/01 12:53:46 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM5057.tmp
MOD - [2012/08/01 12:53:46 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM4F8A.tmp
MOD - [2012/08/01 12:53:45 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM4EBD.tmp
MOD - [2012/08/01 12:53:45 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM4E1F.tmp
MOD - [2012/08/01 12:53:45 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM4BDC.tmp
MOD - [2012/08/01 12:53:44 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM4A45.tmp
MOD - [2012/08/01 12:53:43 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM4785.tmp
MOD - [2012/08/01 12:53:43 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM46A8.tmp
MOD - [2012/08/01 12:53:43 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM43E8.tmp
MOD - [2012/08/01 12:53:42 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM42ED.tmp
MOD - [2012/08/01 12:53:42 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM41A3.tmp
MOD - [2012/08/01 12:53:42 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM4115.tmp
MOD - [2012/08/01 12:53:41 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM3DB9.tmp
MOD - [2012/08/01 12:53:40 | 000,120,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM3A5C.tmp
MOD - [2012/08/01 12:53:40 | 000,072,192 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM3876.tmp
MOD - [2012/08/01 12:53:40 | 000,072,192 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM37E8.tmp
MOD - [2012/08/01 12:53:39 | 000,075,776 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM3451.tmp
MOD - [2012/08/01 12:53:39 | 000,075,776 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM341E.tmp
MOD - [2012/08/01 12:53:39 | 000,072,704 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM373A.tmp
MOD - [2012/08/01 12:53:39 | 000,072,192 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM36FA.tmp
MOD - [2012/08/01 12:53:39 | 000,064,000 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM34C2.tmp
MOD - [2012/08/01 12:53:39 | 000,057,344 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM35FE.tmp
MOD - [2012/08/01 12:53:39 | 000,056,320 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM3430.tmp
MOD - [2012/08/01 12:53:39 | 000,053,760 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM3522.tmp
MOD - [2012/08/01 12:53:39 | 000,053,760 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM34A1.tmp
MOD - [2012/08/01 12:53:38 | 000,075,776 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM317D.tmp
MOD - [2012/08/01 12:53:38 | 000,075,776 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM30C0.tmp
MOD - [2012/08/01 12:53:38 | 000,075,776 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM3010.tmp
MOD - [2012/08/01 12:53:38 | 000,056,832 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM3032.tmp
MOD - [2012/08/01 12:53:37 | 000,075,776 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM2FFF.tmp
MOD - [2012/08/01 12:53:37 | 000,075,776 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM2F51.tmp
MOD - [2012/08/01 12:53:37 | 000,075,776 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM2DC3.tmp
MOD - [2012/08/01 12:53:37 | 000,068,608 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM2EF2.tmp
MOD - [2012/08/01 12:53:37 | 000,056,320 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM2E04.tmp
MOD - [2012/08/01 12:53:37 | 000,055,296 | ---- | M] () -- C:\Users\Michał\AppData\Local\Temp\XTMP1MC3VE\DEM2E34.tmp
MOD - [2012/07/10 06:09:00 | 000,438,296 | ---- | M] () -- C:\Users\Michał\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
MOD - [2012/07/10 06:08:59 | 003,972,120 | ---- | M] () -- C:\Users\Michał\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
MOD - [2012/07/10 06:07:39 | 000,554,520 | ---- | M] () -- C:\Users\Michał\AppData\Local\Google\Chrome\Application\20.0.1132.57\libglesv2.dll
MOD - [2012/07/10 06:07:37 | 000,117,784 | ---- | M] () -- C:\Users\Michał\AppData\Local\Google\Chrome\Application\20.0.1132.57\libegl.dll
MOD - [2012/07/10 06:07:22 | 000,140,328 | ---- | M] () -- C:\Users\Michał\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll
MOD - [2012/07/10 06:07:21 | 000,262,184 | ---- | M] () -- C:\Users\Michał\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll
MOD - [2012/07/10 06:07:19 | 002,386,984 | ---- | M] () -- C:\Users\Michał\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll
MOD - [2012/07/10 04:17:27 | 009,255,112 | ---- | M] () -- C:\Users\Michał\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
MOD - [2012/07/10 04:17:27 | 009,255,112 | ---- | M] () -- C:\Users\MICHA~1\AppData\Local\Google\Chrome\APPLIC~1\200113~1.57\gcswf32.dll
MOD - [2012/06/28 11:05:02 | 000,124,312 | ---- | M] () -- C:\Program Files\ManyCam\Bin\CrashRpt.dll
MOD - [2011/01/27 19:00:26 | 003,622,128 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\plugin\libbizlplugin.dll
MOD - [2010/12/05 04:38:12 | 000,241,152 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_objdetect220.dll
MOD - [2010/12/05 04:38:06 | 000,776,192 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_highgui220.dll
MOD - [2010/12/05 04:38:06 | 000,201,216 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_video220.dll
MOD - [2010/12/05 04:38:04 | 001,242,112 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2010/12/05 04:38:02 | 002,010,624 | ---- | M] () -- C:\Program Files\ManyCam\Bin\opencv_core220.dll
MOD - [2010/12/01 16:26:40 | 000,195,584 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\libgsoap.dll
MOD - [2010/12/01 16:26:38 | 000,400,384 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\sqlite3.dll
MOD - [2010/12/01 16:26:38 | 000,375,808 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\QtXml4.dll
MOD - [2010/12/01 16:26:38 | 000,322,048 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\log4cplus.dll
MOD - [2010/12/01 16:26:38 | 000,013,312 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\featureController.dll
MOD - [2010/12/01 16:26:36 | 002,452,992 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\QtCore4.dll
MOD - [2010/12/01 16:26:36 | 001,008,640 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\QtNetwork4.dll
MOD - [2010/12/01 16:26:36 | 000,062,464 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\zlib1.dll
MOD - [2009/06/03 13:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/06/03 13:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2006/08/12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2012/07/27 10:38:26 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/12 23:08:01 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/06/27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/20 14:18:25 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/11/28 20:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/11/10 20:23:52 | 000,490,840 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2011/10/08 18:34:24 | 000,820,568 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/16 19:13:33 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/02/07 09:56:11 | 000,138,192 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010/08/11 10:15:42 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2012/02/22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2012/01/11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcvidrv.sys -- (ManyCam)
DRV - [2011/11/28 19:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 19:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 19:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 19:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 19:52:07 | 000,055,128 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/11/28 19:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/10/01 08:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011/10/01 08:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011/10/01 08:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011/10/01 08:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011/09/21 11:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011/01/31 19:45:25 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010/11/26 19:02:20 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2010/07/12 09:48:15 | 000,015,656 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtport.sys -- (rtport)
DRV - [2010/03/15 08:44:48 | 000,127,488 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2009/12/18 11:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/12/14 22:44:42 | 001,245,696 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/28 11:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/02/03 17:36:58 | 000,059,000 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2007/02/08 19:44:43 | 000,083,320 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2006/06/14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2003/09/06 15:37:22 | 000,062,656 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2003/09/06 14:27:06 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/09/06 14:25:52 | 000,051,744 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003/09/06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003/01/20 11:50:36 | 000,020,648 | ---- | M] (Thomson Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netrcacm.sys -- (netrcacm)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
 
IE - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.premierarticles.info
IE - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Michał\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Michał\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michał\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michał\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 
[2012/07/26 22:44:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michał\AppData\Roaming\mozilla\Extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Micha\u0142\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Micha\u0142\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Micha\u0142\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Micha\u0142\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Micha\u0142\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Micha\u0142\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Micha\u0142\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files\Intel\IntelAppStore\bin\serviceManager.lnk ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000..\Run: [Akamai NetSession Interface] C:\Users\Michał\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000..\Run: [GG] C:\Users\Michał\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000..\Run: [ManyCam] C:\Program Files\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe (Franmo Software)
O4 - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000..\Run: [Steam] D:\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2092716530-3474641769-2676177707-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{011C11D8-C38E-4453-A58F-912D82728CFB}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53B12E2F-C6FA-45C4-92DD-8F2FF38D1B8E}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/07/24 01:55:44 | 000,000,061 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{17648606-2d56-11e0-8019-002454ad948c}\Shell - "" = AutoRun
O33 - MountPoints2\{17648606-2d56-11e0-8019-002454ad948c}\Shell\AutoRun\command - "" = I:\AUTORUN.EXE
O33 - MountPoints2\{48e58924-a4ad-11df-9414-002454ad948c}\Shell - "" = AutoRun
O33 - MountPoints2\{48e58924-a4ad-11df-9414-002454ad948c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7ef84d40-3e59-11e0-afcb-002454ad948c}\Shell - "" = AutoRun
O33 - MountPoints2\{7ef84d40-3e59-11e0-afcb-002454ad948c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{98261ee5-a49d-11df-93a9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{98261ee5-a49d-11df-93a9-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9f471e2f-f654-11df-a475-002454ad948c}\Shell - "" = AutoRun
O33 - MountPoints2\{9f471e2f-f654-11df-a475-002454ad948c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9f471e3a-f654-11df-a475-002454ad948c}\Shell - "" = AutoRun
O33 - MountPoints2\{9f471e3a-f654-11df-a475-002454ad948c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{bcf49dba-4022-11e0-9a24-002454ad948c}\Shell - "" = AutoRun
O33 - MountPoints2\{bcf49dba-4022-11e0-9a24-002454ad948c}\Shell\AutoRun\command - "" = J:\vo0.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/08/01 12:54:21 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{DB20172F-04FA-4424-9B2C-221D9C771768}
[2012/08/01 12:53:52 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{EFF6961B-1E44-42FD-9B7A-D7C255BAD84D}
[2012/08/01 12:47:54 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{76DFEA2B-0039-4D4F-ABE9-7723043538D7}
[2012/08/01 12:47:29 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{DF48EC35-660D-47D1-A354-B0A4EC8F59D7}
[2012/08/01 12:44:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/30 22:18:00 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{EFC1AC08-03EC-4359-8F90-C37CF6E15323}
[2012/07/30 22:17:37 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{EF03AEC3-B352-4216-8F0C-E0D666458056}
[2012/07/29 22:51:38 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{03092337-6B61-41E8-B207-3498862E8D58}
[2012/07/29 22:51:14 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{4BA1D010-2DAA-4BED-B499-1468552E37AE}
[2012/07/29 10:48:53 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{1D14E91D-D018-4916-9BB3-7B6EFED3E2A5}
[2012/07/29 10:48:30 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{7D1EDE07-EE09-4528-ADCD-01E291D4B6CB}
[2012/07/28 07:51:03 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{C6B7FFD7-D9F1-4411-A544-20173559832D}
[2012/07/28 07:50:34 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{934D4E11-8D76-43AF-9A74-5FE8C7CE1498}
[2012/07/26 22:50:28 | 000,000,000 | --SD | C] -- C:\Users\Michał\GG dysk
[2012/07/26 22:33:44 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\GG
[2012/07/26 22:33:43 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\GG
[2012/07/26 11:44:56 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Mozilla
[2012/07/26 06:40:59 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{9F2F8B13-46C5-466D-98D1-5DFB1B3177BB}
[2012/07/26 06:40:46 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{A945CF1A-BFDC-4DF5-815A-C1A93F4A5CF3}
[2012/07/24 07:39:13 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{BA4C77F6-3EDB-4540-9F6E-3599FC1AA8CF}
[2012/07/24 07:38:40 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{41D82BC6-AA10-4193-9DEB-B2CCEA0747BF}
[2012/07/23 11:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DreamWorks
[2012/07/23 07:05:24 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{3443B741-4DBA-4238-B910-D0D134B4E28B}
[2012/07/23 07:05:08 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{FD95E522-80CA-428E-9801-3EE518B4B56A}
[2012/07/22 17:21:41 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{C0CA540F-6C55-4FF5-9B80-5A4EE867BCED}
[2012/07/22 17:21:19 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{1D05A165-6FF4-4C72-B2B9-E475A96CB420}
[2012/07/22 16:25:58 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{BFD15D7B-BB5C-4D15-84FD-D415B3AB2C19}
[2012/07/22 14:57:02 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Apps
[2012/07/22 14:57:00 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Deployment
[2012/07/17 20:47:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/07/17 20:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft
[2012/07/17 16:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
[2012/07/17 16:20:25 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\ManyCam
[2012/07/17 16:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\ManyCam
[2012/07/17 16:20:24 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\ManyCam
[2012/07/17 16:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\ManyCam
[2012/07/17 14:33:03 | 000,000,000 | R--D | C] -- C:\Users\Michał\Desktop\
[2012/07/17 07:38:23 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{24116E60-1CEB-47D3-9584-4F7F71D6571A}
[2012/07/17 07:37:50 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{460FBC1D-D571-4FAF-9577-FF2E10A2CEC4}
[2012/07/16 13:49:31 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2012/07/16 13:49:30 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2012/07/16 02:48:23 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2012/07/16 02:48:23 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2012/07/16 02:48:22 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2012/07/16 02:47:43 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2012/07/16 02:47:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
[2012/07/15 11:43:42 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{1DE08395-C2FD-401F-ADD1-A78AEC18FC86}
[2012/07/15 11:43:17 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{ECBB480E-5A23-45B1-B5B3-A76A896946A3}
[2012/07/13 09:04:23 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{348369AC-2526-4B20-BE51-574F46725C33}
[2012/07/12 22:15:21 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe
[2012/07/12 22:11:15 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{A96B0F24-59D0-4CAF-8EC5-2B8341840D1C}
[2012/07/12 20:32:21 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/07/12 07:10:27 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{F1D14266-E027-4D97-AD74-CE09E7421E5A}
[2012/07/12 07:09:58 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{7614BA54-4EF4-4087-BB86-D9CCA06221DA}
[2012/07/11 10:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\F4D55F3B00044C370003EE0EB4EB23C1
[2012/07/11 06:46:23 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{FC4CCD22-63FE-4D8C-A6D4-422F5F74AE7A}
[2012/07/11 06:45:43 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{4008BCCC-FF84-4A07-AD21-66A9C20E50A8}
[2012/07/10 14:28:02 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{78C7F1F9-ED5C-4AE9-BEB1-45958F5B35F6}
[2012/07/09 21:00:39 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{29B9BFFF-D02C-49DF-949E-AEC84AEA1F7A}
[2012/07/09 21:00:17 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{C443A343-BF6B-4228-84B3-FEF828E68EF2}
[2012/07/09 08:43:13 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{47CA6F87-B53D-4702-ABB0-74CFCFFFD38B}
[2012/07/09 08:42:46 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{3BDAEAD0-CE91-4EE5-8CEA-3C7357DD4EA3}
[2012/07/08 16:59:57 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{B9948F8E-1F7E-4841-81A1-007357A3BB04}
[2012/07/08 16:59:32 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{51342D94-9143-44D7-890C-E726EDF97FBC}
[2012/07/08 04:58:37 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{ED602860-C63E-4D9F-ADD1-4C123A14B227}
[2012/07/08 04:58:12 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{E6FF05AE-DC79-42EC-BB2A-3EABE9762D9E}
[2012/07/07 16:43:39 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\PANEL GŁÓWNY .{ED7BA470-8E54-465E-825C-99712043E01C}
[2012/07/07 14:05:38 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{5D0763CD-4D01-44F7-B354-FBE19ADD5492}
[2012/07/07 14:05:23 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{BDCC5712-3227-4E27-81DF-74C8F20A283E}
[2012/07/06 07:44:54 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{CD271084-C9DF-45BF-A9E1-19319294D7DC}
[2012/07/06 07:44:29 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{409D73CB-83CC-4E61-ACEE-9D53D172966B}
[2012/07/05 10:20:05 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{27A283BF-3037-4EC3-9798-E8CAA9639196}
[2012/07/05 10:19:38 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{D983EFB2-B4D9-4861-BB7A-3A6C1BAF0054}
[2012/07/04 21:27:44 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{6B61CEEF-3D64-4C80-AC01-C00F5B857DB2}
[2012/07/04 21:27:30 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{1FDFF85B-3FB0-4189-88AE-A1363EED40DD}
[2012/07/04 06:42:22 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{D8D019CB-26F9-40C0-BAE5-AE2859B6B317}
[2012/07/04 06:42:02 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{EA40A115-6CBE-4695-964D-3AA21DE775CF}
[2012/07/03 11:03:41 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{2073BBA5-AA5D-4B09-AA7A-42C52C9583D2}
[2012/07/03 11:03:04 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\{35E4E85E-3C13-4153-A29A-67EA793762A0}
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/08/01 13:01:25 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/01 13:01:25 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/01 12:52:35 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/01 12:52:32 | 2106,179,584 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/30 21:42:00 | 000,001,062 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2092716530-3474641769-2676177707-1000UA.job
[2012/07/30 21:38:00 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/07/30 16:42:00 | 000,001,010 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2092716530-3474641769-2676177707-1000Core.job
[2012/07/30 13:00:54 | 000,314,832 | ---- | M] () -- C:\Users\Michał\Desktop\troll.png
[2012/07/30 08:18:20 | 001,766,504 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/07/28 21:59:30 | 001,592,673 | ---- | M] () -- C:\Users\Michał\Desktop\Bez tytułu.png
[2012/07/28 20:27:49 | 000,698,356 | ---- | M] () -- C:\windows\System32\perfh015.dat
[2012/07/28 20:27:49 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/07/28 20:27:49 | 000,135,176 | ---- | M] () -- C:\windows\System32\perfc015.dat
[2012/07/28 20:27:49 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/07/27 15:54:07 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/27 10:38:22 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2012/07/27 10:38:21 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012/07/26 22:50:28 | 000,001,587 | ---- | M] () -- C:\Users\Michał\Desktop\GG dysk.lnk
[2012/07/26 22:33:57 | 000,001,106 | ---- | M] () -- C:\Users\Michał\Desktop\GG.lnk
[2012/07/18 22:23:21 | 000,000,201 | ---- | M] () -- C:\Users\Michał\Desktop\Super Meat Boy.url
[2012/07/18 20:25:22 | 000,000,202 | ---- | M] () -- C:\Users\Michał\Desktop\Bastion.url
[2012/07/17 16:21:47 | 000,001,051 | ---- | M] () -- C:\Users\Public\Desktop\ManyCam.lnk
[2012/07/17 11:40:21 | 000,000,862 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2012/07/14 12:08:03 | 000,000,017 | ---- | M] () -- C:\windows\System32\shortcut_ex.dat
[2012/07/13 14:52:17 | 000,302,592 | ---- | M] () -- C:\Users\Michał\Desktop\ttetqrb8.exe
[2012/07/13 03:40:21 | 000,002,368 | ---- | M] () -- C:\Users\Michał\Desktop\Google Chrome.lnk
[2012/07/12 22:15:25 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/07/30 12:50:48 | 000,314,832 | ---- | C] () -- C:\Users\Michał\Desktop\troll.png
[2012/07/28 21:59:30 | 001,592,673 | ---- | C] () -- C:\Users\Michał\Desktop\Bez tytułu.png
[2012/07/26 22:50:28 | 000,001,587 | ---- | C] () -- C:\Users\Michał\Desktop\GG dysk.lnk
[2012/07/26 22:33:57 | 000,001,106 | ---- | C] () -- C:\Users\Michał\Desktop\GG.lnk
[2012/07/26 22:33:44 | 000,001,114 | ---- | C] () -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
[2012/07/18 21:37:51 | 000,000,201 | ---- | C] () -- C:\Users\Michał\Desktop\Super Meat Boy.url
[2012/07/18 20:25:22 | 000,000,202 | ---- | C] () -- C:\Users\Michał\Desktop\Bastion.url
[2012/07/17 16:21:47 | 000,001,051 | ---- | C] () -- C:\Users\Public\Desktop\ManyCam.lnk
[2012/07/14 12:08:03 | 000,000,017 | ---- | C] () -- C:\windows\System32\shortcut_ex.dat
[2012/07/13 14:52:16 | 000,302,592 | ---- | C] () -- C:\Users\Michał\Desktop\ttetqrb8.exe
[2012/05/10 10:49:48 | 000,272,629 | ---- | C] () -- C:\windows\System32\drivers\RTAIODAT.DAT
[2012/04/25 18:42:01 | 000,000,060 | ---- | C] () -- C:\windows\sierra.ini
[2012/03/12 09:43:31 | 000,000,635 | ---- | C] () -- C:\windows\Rtcw.INI
[2012/03/12 09:37:17 | 000,000,205 | ---- | C] () -- C:\windows\disneysy.ini
[2012/03/12 09:34:42 | 000,122,880 | ---- | C] () -- C:\windows\UnGins.exe
[2011/12/06 22:00:11 | 000,025,944 | ---- | C] () -- C:\windows\System32\SmartDefragBootTime.exe
[2011/12/06 22:00:10 | 000,015,672 | ---- | C] () -- C:\windows\System32\drivers\SmartDefragDriver.sys
[2011/08/09 15:49:24 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/03/03 13:35:32 | 000,080,384 | ---- | C] () -- C:\windows\System32\mkzlib.dll
[2011/02/22 11:28:52 | 000,000,117 | ---- | C] () -- C:\Users\Michał\jagex_runescape_preferences2.dat
[2011/02/22 11:27:20 | 000,000,034 | ---- | C] () -- C:\Users\Michał\jagex_runescape_preferences.dat
[2011/02/16 19:06:11 | 000,043,520 | ---- | C] () -- C:\windows\System32\CmdLineExt03.dll
[2011/01/29 18:40:39 | 000,000,083 | ---- | C] () -- C:\windows\Wwp.INI
[2011/01/25 18:24:12 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2011/01/05 20:27:23 | 000,004,096 | ---- | C] () -- C:\windows\d3dx.dat
[2010/12/18 18:12:43 | 000,004,608 | ---- | C] () -- C:\Users\Michał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/05 21:12:07 | 000,001,405 | ---- | C] () -- C:\windows\unins000.dat
[2010/11/11 16:56:07 | 000,000,001 | ---- | C] () -- C:\windows\System32\SI.bin
[2010/11/11 16:56:04 | 000,069,632 | ---- | C] () -- C:\windows\System32\xmltok.dll
[2010/11/11 16:56:04 | 000,036,864 | ---- | C] () -- C:\windows\System32\xmlparse.dll
[2010/09/19 17:12:06 | 000,000,011 | ---- | C] () -- C:\windows\EGK.ini
[2010/09/18 15:10:08 | 000,000,000 | ---- | C] () -- C:\windows\galaxy.ini
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2010/08/25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\windows\System32\GfxUI.exe.config
[2010/08/10 18:40:57 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012/01/25 14:37:57 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\.minecraft
[2010/08/26 14:25:28 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\AnvSoft
[2012/07/30 00:37:38 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Audacity
[2012/07/12 22:07:29 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\blueconnect
[2012/06/14 16:00:50 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Canon
[2011/02/20 14:44:59 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Cuvi Bites ComSlot
[2012/07/27 15:55:38 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\DAEMON Tools Lite
[2011/04/03 19:59:19 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\fltk.org
[2012/07/12 22:06:59 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Gadu-Gadu 10
[2012/08/01 12:54:11 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\GG
[2011/08/21 14:43:18 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\go
[2011/12/06 22:00:10 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\IObit
[2011/08/29 10:05:36 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\LolClient
[2012/06/26 18:31:55 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\LolClient2
[2012/04/06 12:14:40 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\LOVE
[2012/07/17 16:24:45 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\ManyCam
[2011/09/05 17:46:31 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Need for Speed World
[2010/08/11 10:13:37 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Nowe Gadu-Gadu
[2010/08/11 20:28:30 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\OpenFM
[2011/05/20 16:17:28 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Rovio
[2012/04/28 19:58:26 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\SoftGrid Client
[2010/09/13 21:25:45 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\TP
[2011/09/01 11:16:17 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\TS3Client
[2011/02/25 11:14:52 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Windows Live Writer
[2012/06/11 08:54:27 | 000,032,608 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2012/02/22 09:29:08 | 000,000,000 | ---D | M](C:\Users\Michał\Documents\?? ???) -- C:\Users\Michał\Documents\넥슨 플러그
[2010/08/25 15:11:49 | 000,000,000 | ---D | C](C:\Users\Michał\Documents\?? ???) -- C:\Users\Michał\Documents\넥슨 플러그
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 150 bytes -> C:\ProgramData\Temp:268F887D
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:2430E4FC
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:E7BA7168

< End of report >