OTL logfile created on: 2012-11-16 17:24:40 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Pulpit\Czyszczenie komputera 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,97 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 50,30% Memory free 5,93 Gb Paging File | 4,36 Gb Available in Paging File | 73,46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 58,59 Gb Total Space | 7,62 Gb Free Space | 13,01% Space Free | Partition Type: NTFS Drive D: | 222,89 Gb Total Space | 2,75 Gb Free Space | 1,24% Space Free | Partition Type: NTFS Computer Name: AWESOME-BARNEY | User Name: Barney | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-11-16 17:05:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Pulpit\Czyszczenie komputera\OTL.exe PRC - [2012-11-12 19:18:38 | 000,878,480 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe PRC - [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2012-10-25 21:29:29 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\Barney\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe PRC - [2012-10-23 10:47:48 | 007,859,112 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe PRC - [2012-10-23 10:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012-10-23 10:40:39 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe PRC - [2012-10-17 14:51:40 | 000,238,552 | ---- | M] (Microsoft Corporation) -- C:\Users\Barney\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe PRC - [2012-09-23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-09-21 18:55:04 | 010,855,544 | ---- | M] (SugarSync, Inc.) -- C:\Program Files (x86)\SugarSync\SugarSyncManager.exe PRC - [2011-09-10 10:43:18 | 000,018,432 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\httpd.exe PRC - [2011-09-09 18:46:10 | 008,158,720 | ---- | M] () -- c:\xampp\mysql\bin\mysqld.exe PRC - [2010-01-05 01:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2009-12-03 11:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe PRC - [2009-11-24 21:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe PRC - [2009-10-09 18:27:44 | 006,937,216 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe PRC - [2009-09-25 17:24:36 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe PRC - [2009-08-27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe PRC - [2009-08-20 04:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe PRC - [2009-06-19 18:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe PRC - [2009-06-19 18:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe PRC - [2009-06-16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe PRC - [2008-12-23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe PRC - [2008-08-14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe PRC - [2007-08-08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe PRC - [2006-12-20 11:14:00 | 000,131,072 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWOW64\SAgent4.exe PRC - [2006-12-19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2010-01-05 01:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe MOD - [2009-11-24 21:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-09-12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:[b]64bit:[/b] - [2012-09-12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:[b]64bit:[/b] - [2012-07-29 21:58:14 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2012-04-01 11:21:52 | 000,957,216 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2009-12-08 00:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2007-08-08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2012-11-15 23:54:27 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-11-13 17:43:10 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-10-23 10:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012-09-23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-06-07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-01-18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [Disabled | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2011-09-10 10:43:18 | 000,018,432 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\xampp\apache\bin\httpd.exe -- (Apache2.2) SRV - [2011-09-09 18:46:10 | 008,158,720 | ---- | M] () [Auto | Running] -- c:\xampp\mysql\bin\mysqld.exe -- (mysql) SRV - [2011-08-26 18:18:54 | 000,411,432 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-04-01 16:42:56 | 000,198,064 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Disabled | Stopped] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-08-27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2009-06-16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007-05-31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2006-12-20 11:14:00 | 000,131,072 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Windows\SysWOW64\SAgent4.exe -- (StatusAgent4) SRV - [2006-12-19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe -- (EpsonBidirectionalService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-09-05 18:57:00 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:[b]64bit:[/b] - [2012-09-05 18:57:00 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:[b]64bit:[/b] - [2012-08-30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b]64bit:[/b] - [2012-07-28 01:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2012-07-18 21:02:15 | 000,594,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:[b]64bit:[/b] - [2012-07-18 21:02:15 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2012-07-18 21:02:15 | 000,184,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2012-07-18 21:02:15 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2012-07-18 21:02:15 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-12-16 16:53:01 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn) DRV:[b]64bit:[/b] - [2011-07-27 09:30:40 | 000,024,456 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus) DRV:[b]64bit:[/b] - [2011-07-19 10:35:00 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth) DRV:[b]64bit:[/b] - [2011-06-27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-20 14:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm) DRV:[b]64bit:[/b] - [2010-11-20 14:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:[b]64bit:[/b] - [2010-11-20 12:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-08-16 14:31:18 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio) DRV:[b]64bit:[/b] - [2010-08-16 14:31:16 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio) DRV:[b]64bit:[/b] - [2010-07-01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV:[b]64bit:[/b] - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:[b]64bit:[/b] - [2010-04-06 17:33:10 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs) DRV:[b]64bit:[/b] - [2010-04-06 17:32:48 | 000,027,016 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs) DRV:[b]64bit:[/b] - [2010-01-28 15:25:02 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2010-01-04 09:30:56 | 000,117,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:[b]64bit:[/b] - [2009-12-07 19:36:48 | 000,246,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:[b]64bit:[/b] - [2009-11-04 04:03:56 | 000,039,488 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PPortJoy64.sys -- (PPortJoystick) DRV:[b]64bit:[/b] - [2009-11-04 04:03:56 | 000,020,032 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PPJoyBus64.sys -- (PPJoyBus) DRV:[b]64bit:[/b] - [2009-10-15 16:23:20 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2009-10-12 15:23:22 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev) DRV:[b]64bit:[/b] - [2009-09-04 06:39:07 | 000,062,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:[b]64bit:[/b] - [2009-08-21 07:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:[b]64bit:[/b] - [2009-08-09 22:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:[b]64bit:[/b] - [2009-08-06 22:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009-07-28 21:05:51 | 007,345,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009-07-20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:[b]64bit:[/b] - [2009-07-17 09:52:01 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:[b]64bit:[/b] - [2009-07-14 01:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan) DRV:[b]64bit:[/b] - [2009-07-14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2009-06-10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-13 02:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2009-03-25 15:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm) DRV:[b]64bit:[/b] - [2009-03-25 15:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic) DRV:[b]64bit:[/b] - [2009-03-25 15:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt) DRV:[b]64bit:[/b] - [2009-03-25 15:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex) DRV:[b]64bit:[/b] - [2009-03-25 15:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus) DRV:[b]64bit:[/b] - [2009-03-25 15:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5) DRV:[b]64bit:[/b] - [2009-03-25 15:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl) DRV:[b]64bit:[/b] - [2008-10-21 08:22:44 | 000,145,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017unic.sys -- (s0017unic) DRV:[b]64bit:[/b] - [2008-10-21 08:22:44 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017obex.sys -- (s0017obex) DRV:[b]64bit:[/b] - [2008-10-21 08:22:44 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017nd5.sys -- (s0017nd5) DRV:[b]64bit:[/b] - [2008-10-21 08:22:42 | 000,152,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdm.sys -- (s0017mdm) DRV:[b]64bit:[/b] - [2008-10-21 08:22:42 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mgmt.sys -- (s0017mgmt) DRV:[b]64bit:[/b] - [2008-10-21 08:22:42 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdfl.sys -- (s0017mdfl) DRV:[b]64bit:[/b] - [2008-10-21 08:22:40 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017bus.sys -- (s0017bus) DRV:[b]64bit:[/b] - [2008-05-24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV:[b]64bit:[/b] - [2007-07-24 19:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) DRV - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{4AF4187A-EF51-452B-99F8-61EA11006E5A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3149286427-2457004418-3353868676-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-3149286427-2457004418-3353868676-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3149286427-2457004418-3353868676-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: feedly@devhd:10.2 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Barney\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Barney\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Barney\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Barney\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-04-21 17:09:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-15 23:54:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-16 17:02:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-11-27 22:34:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barney\AppData\Roaming\mozilla\Extensions [2010-11-27 22:34:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barney\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com [2012-11-16 17:08:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barney\AppData\Roaming\mozilla\Firefox\Profiles\kefprtzv.default-1353082041816\extensions [2012-11-16 17:08:25 | 000,637,327 | ---- | M] () (No name found) -- C:\Users\Barney\AppData\Roaming\mozilla\firefox\profiles\kefprtzv.default-1353082041816\extensions\feedly@devhd.xpi [2012-11-15 23:52:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-11-15 23:54:29 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-07-25 13:57:52 | 000,121,024 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll [2011-11-09 15:47:08 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2011-11-09 15:47:08 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2011-11-09 15:47:08 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-11-09 15:47:08 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011-11-09 15:47:08 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-11-09 15:47:08 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Barney\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\Barney\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npqtplugin6.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Barney\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Barney\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll CHR - Extension: Google Related (by Google) = C:\Users\Barney\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikfgcnnhcibkipoldbjegmeojnkaled\0.7.5.5_0\ CHR - Extension: AdBlock = C:\Users\Barney\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\ CHR - Extension: Feedly News Reader = C:\Users\Barney\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\11.0.457_0\ CHR - Extension: Rozszerzenie Subskrypcje RSS (od Google) = C:\Users\Barney\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.0_0\ O1 HOSTS File: ([2012-04-21 17:02:40 | 000,001,805 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found O4 - HKU\S-1-5-21-3149286427-2457004418-3353868676-1000..\Run: [DB5680EA1622AFA64E4E08BFB546825846D6D0E9._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKU\S-1-5-21-3149286427-2457004418-3353868676-1000..\Run: [SkyDrive] C:\Users\Barney\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3149286427-2457004418-3353868676-1000..\Run: [Spotify Web Helper] C:\Users\Barney\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKU\S-1-5-21-3149286427-2457004418-3353868676-1000..\Run: [SugarSync] C:\Program Files (x86)\SugarSync\SugarSyncManager.exe (SugarSync, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-3149286427-2457004418-3353868676-1000..\RunOnce: [Uninstall C:\Users\Barney\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Barney\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" File not found O4 - Startup: C:\Users\Barney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EEventManager.lnk = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutorun = 149 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O7 - HKU\S-1-5-21-3149286427-2457004418-3353868676-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3149286427-2457004418-3353868676-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.9.2) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.9.2) O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.152.34 194.204.159.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43C36B18-0B36-4B67-9F60-E01A282833C5}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F00CC601-3827-424F-91BB-5A5CEA6D39EE}: NameServer = 212.2.96.54 212.2.96.52 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC7A6117-115B-44D3-BB49-9ED384AF00C3}: DhcpNameServer = 194.204.152.34 194.204.159.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\SYSTEM\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\SYSTEM\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{a97e9a6c-61dd-11e0-a037-f88f3672d887}\Shell - "" = AutoRun O33 - MountPoints2\{a97e9a6c-61dd-11e0-a037-f88f3672d887}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (tpnative) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-11-16 17:09:53 | 000,000,000 | ---D | C] -- C:\_OTL [2012-11-16 17:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-11-16 17:07:25 | 000,000,000 | ---D | C] -- D:\Pulpit\Stare dane programu Firefox [2012-11-16 17:04:27 | 000,000,000 | ---D | C] -- D:\Pulpit\Czyszczenie komputera [2012-11-15 23:53:25 | 000,000,000 | ---D | C] -- C:\OTL [2012-11-15 23:52:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012-11-15 08:19:22 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2012-11-15 08:19:21 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2012-11-15 08:09:57 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-11-15 08:09:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-11-15 08:09:54 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-11-15 08:09:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-11-15 08:09:53 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-11-15 08:09:53 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012-11-15 08:09:53 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012-11-15 08:09:52 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-11-15 08:09:51 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-11-15 08:09:51 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-11-15 08:09:50 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012-11-15 08:09:50 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012-11-15 08:09:47 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012-11-15 08:09:47 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012-11-15 08:09:47 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012-11-15 08:02:28 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2012-11-15 08:02:26 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2012-11-15 08:02:26 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2012-11-15 08:02:26 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2012-11-14 17:20:43 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012-11-14 17:20:43 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012-11-14 17:20:43 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012-11-14 17:20:33 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012-11-14 17:20:33 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2012-11-14 17:20:32 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2012-11-14 17:20:32 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2012-11-14 17:20:31 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2012-11-14 17:20:31 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2012-11-14 17:19:47 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2012-11-14 17:19:47 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2012-11-09 23:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012-11-07 18:57:58 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL [2012-11-07 18:57:53 | 000,088,064 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBGCE.DLL [2012-11-02 12:13:07 | 000,000,000 | ---D | C] -- C:\Users\Barney\AppData\Local\ElevatedDiagnostics [2012-10-26 20:21:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012-10-26 20:21:19 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012-10-26 20:21:04 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012-10-26 20:21:04 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012-10-26 20:21:04 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012-10-25 21:22:10 | 000,000,000 | ---D | C] -- C:\Users\Barney\AppData\Local\Spotify [2012-10-25 21:21:17 | 000,000,000 | ---D | C] -- C:\Users\Barney\AppData\Roaming\Spotify [2012-10-22 22:21:26 | 000,000,000 | ---D | C] -- D:\!Dokumenty\Euro Truck Simulator 2 [2012-10-22 22:21:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 [2012-10-22 22:18:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Euro Truck Simulator 2 [2012-10-22 20:18:58 | 000,598,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OLEAUT32.2 [2012-10-22 20:17:31 | 000,679,424 | ---- | C] (Satiz) -- C:\Windows\SysWow64\HTMLPluginProj.ocx [2012-10-22 20:17:30 | 000,493,216 | ---- | C] (ComponentOne) -- C:\Windows\SysWow64\Vsflex7u.ocx [2012-10-22 20:17:30 | 000,468,640 | ---- | C] (ComponentOne) -- C:\Windows\SysWow64\Vsflex7N.ocx [2012-10-22 20:17:30 | 000,467,203 | ---- | C] (VideoSoft) -- C:\Windows\SysWow64\Vsflex7.ocx [2012-10-22 20:17:30 | 000,452,256 | ---- | C] (ComponentOne) -- C:\Windows\SysWow64\Vsflex7d.ocx [2012-10-22 20:17:29 | 000,419,240 | ---- | C] (VideoSoft) -- C:\Windows\SysWow64\Vsflex7L.ocx [2012-10-22 20:17:29 | 000,225,280 | ---- | C] (VideoSoft) -- C:\Windows\SysWow64\VSFLEX3.OCX [2012-10-22 20:17:29 | 000,208,643 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\threed32.ocx [2012-10-22 20:17:29 | 000,094,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\grid32.ocx [2012-10-22 20:17:29 | 000,082,179 | ---- | C] (VideoSoft) -- C:\Windows\SysWow64\vsStr7.ocx [2012-10-22 20:17:27 | 001,888,744 | ---- | C] (Inprise Corporation) -- C:\Windows\SysWow64\vcl40.bpl [2012-10-22 20:17:27 | 000,598,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OLEAUT32.1 [2012-10-22 20:17:27 | 000,435,200 | ---- | C] (Satiz) -- C:\Windows\SysWow64\ImageExtended.ocx [2012-10-22 20:17:27 | 000,122,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6IT.DLL [2012-10-22 20:17:27 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6STKIT.DLL [2012-10-22 20:17:26 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvbvm50.dll [2012-10-22 20:17:26 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC40LOC.DLL [2012-10-22 20:17:25 | 000,018,944 | ---- | C] (Inprise Corporation) -- C:\Windows\SysWow64\borlndmm.dll [2012-10-22 20:17:14 | 000,000,000 | ---D | C] -- C:\DTE [2012-10-20 21:35:25 | 000,000,000 | ---D | C] -- C:\Users\Barney\AppData\Local\homebank_unstable [2012-10-19 21:24:33 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012-10-19 21:23:59 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012-10-19 21:23:59 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012-10-19 21:23:59 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2012-10-19 21:14:02 | 000,000,000 | R--D | C] -- D:\!Dokumenty\SkyDrive [2011-08-21 00:26:19 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Barney\AppData\Roaming\pcouffin.sys [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-11-16 17:31:48 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-11-16 17:31:48 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-11-16 17:23:06 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-11-16 17:22:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-11-16 17:22:38 | 2388,410,368 | -HS- | M] () -- C:\hiberfil.sys [2012-11-16 17:12:02 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-11-16 16:59:48 | 001,672,392 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-11-16 16:59:48 | 000,743,160 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-11-16 16:59:48 | 000,655,876 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-11-16 16:59:48 | 000,156,794 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-11-16 16:59:48 | 000,122,748 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-11-16 16:38:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-11-15 16:14:47 | 000,184,028 | ---- | M] () -- D:\Pulpit\protokół przekazania x2.pdf [2012-11-15 16:14:41 | 000,192,465 | ---- | M] () -- D:\Pulpit\list przewozowy.pdf [2012-11-15 08:44:46 | 005,032,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-11-13 17:43:09 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-11-13 17:43:09 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-11-11 13:24:43 | 008,718,661 | ---- | M] () -- D:\Pulpit\OTA_Update_JS8.1.zip [2012-11-11 00:48:12 | 299,272,108 | ---- | M] () -- D:\Pulpit\Jelly_Sandwich_8.0_by_maxio1998.zip [2012-10-26 20:20:52 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012-10-26 20:20:49 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012-10-26 20:20:48 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012-10-26 20:20:48 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012-10-26 20:20:47 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012-10-26 20:20:47 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012-10-26 16:11:09 | 000,003,354 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini [2012-10-25 22:34:55 | 002,643,748 | ---- | M] () -- D:\!Dokumenty\Junkers ZW14-2 DV KE23 [instalacja].pdf [2012-10-22 22:21:26 | 000,001,338 | ---- | M] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk [2012-10-20 21:39:14 | 000,001,287 | ---- | M] () -- C:\Users\Barney\AppData\Local\recently-used.xbel [2012-10-19 21:23:47 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2012-10-19 21:23:43 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012-10-19 21:23:43 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012-10-19 21:23:43 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012-10-19 21:23:42 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll [2012-10-19 21:23:42 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-11-16 17:07:16 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-11-16 17:07:15 | 000,001,044 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-11-15 16:14:47 | 000,184,028 | ---- | C] () -- D:\Pulpit\protokół przekazania x2.pdf [2012-11-15 16:14:41 | 000,192,465 | ---- | C] () -- D:\Pulpit\list przewozowy.pdf [2012-11-15 08:19:28 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012-11-15 08:02:25 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012-11-13 17:43:10 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-11-11 13:24:26 | 008,718,661 | ---- | C] () -- D:\Pulpit\OTA_Update_JS8.1.zip [2012-11-11 00:35:38 | 299,272,108 | ---- | C] () -- D:\Pulpit\Jelly_Sandwich_8.0_by_maxio1998.zip [2012-10-25 22:34:53 | 002,643,748 | ---- | C] () -- D:\!Dokumenty\Junkers ZW14-2 DV KE23 [instalacja].pdf [2012-10-25 21:22:06 | 000,001,806 | ---- | C] () -- C:\Users\Barney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2012-10-22 22:21:26 | 000,001,338 | ---- | C] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk [2012-10-22 20:17:31 | 000,000,380 | ---- | C] () -- C:\Windows\SysWow64\vs.lic [2012-10-22 20:17:30 | 000,126,976 | ---- | C] () -- C:\Windows\SysWow64\Vsflex7L.oca [2012-10-22 20:17:30 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\VSFLEX3.oca [2012-10-22 20:17:28 | 000,676,864 | ---- | C] () -- C:\Windows\SysWow64\ProHTMLX.ocx [2012-10-20 21:39:14 | 000,001,287 | ---- | C] () -- C:\Users\Barney\AppData\Local\recently-used.xbel [2012-10-19 21:30:04 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2012-09-18 21:15:05 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll [2012-09-18 21:15:04 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012-09-18 21:15:04 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012-09-18 21:14:57 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012-09-18 21:14:46 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2012-07-12 11:40:40 | 000,000,120 | ---- | C] () -- C:\Users\Barney\kontomierz.pl.101684.kontomierz.save [2012-05-22 23:22:57 | 001,655,178 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-05-20 15:23:20 | 000,000,600 | ---- | C] () -- C:\Users\Barney\AppData\Local\PUTTY.RND [2012-01-31 18:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012-01-31 18:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012-01-31 18:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012-01-31 18:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011-12-17 22:47:12 | 000,000,045 | ---- | C] () -- C:\Users\Barney\AppData\Local\Images.fl [2011-11-19 13:05:55 | 000,000,132 | ---- | C] () -- C:\Users\Barney\AppData\Roaming\Preferencje Adobe CS5 dla formatu GIF [2011-09-25 19:23:08 | 000,008,192 | -HS- | C] () -- C:\Windows\SysWow64\srvany.exe [2011-08-21 00:26:19 | 000,099,384 | ---- | C] () -- C:\Users\Barney\AppData\Roaming\inst.exe [2011-08-21 00:26:19 | 000,007,859 | ---- | C] () -- C:\Users\Barney\AppData\Roaming\pcouffin.cat [2011-08-21 00:26:19 | 000,001,167 | ---- | C] () -- C:\Users\Barney\AppData\Roaming\pcouffin.inf [2011-08-21 00:23:38 | 000,001,057 | ---- | C] () -- C:\Users\Barney\AppData\Roaming\vso_ts_preview.xml [2011-05-11 09:24:46 | 000,001,043 | ---- | C] () -- C:\Windows\UAMedytor.ini [2011-04-13 11:01:49 | 000,000,000 | ---- | C] () -- C:\Windows\RingtoneMaker.INI [2011-04-13 11:00:31 | 000,002,770 | ---- | C] () -- C:\Windows\mgxoschk.ini [2011-04-11 15:47:10 | 000,000,132 | ---- | C] () -- C:\Users\Barney\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG [2011-02-01 04:08:36 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI [2010-12-01 18:39:15 | 000,173,304 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2010-10-02 16:21:27 | 000,041,472 | ---- | C] () -- C:\Users\Barney\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-12 12:46:32 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-12-21 20:56:42 | 000,003,662 | ---- | M] () -- C:\Users\Barney\AppData\Roaming\Songbird2\Profiles\t0bj18hk.default\extensions\{7fea29e4-d5c5-41d1-983f-7c8d2b8a612f}\chrome\skin\mini-player\l.png [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2010-09-15 12:32:23 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\.wtw [2012-07-17 21:29:09 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Affilorama [2011-12-12 03:49:58 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\AIMP [2012-11-04 16:20:27 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\AIMP3 [2011-03-11 00:13:34 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Alawar [2011-07-24 22:14:16 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Ashampoo [2012-04-06 19:23:08 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Auslogics [2012-09-14 19:20:51 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Autodesk [2011-11-15 23:49:32 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\banshee-1 [2012-06-17 21:51:29 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\BESTplayer [2011-04-21 00:45:01 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\calibre [2012-04-06 17:17:01 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\cryptlib [2012-11-02 09:38:12 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\DAEMON Tools Lite [2012-01-23 21:57:44 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Dev-Cpp [2010-12-27 23:59:36 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Dropbox [2011-03-25 20:46:15 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2010-09-15 08:08:08 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\EeeStorageUploader [2011-03-22 21:53:05 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\EPSON [2012-04-06 19:10:41 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\ESET [2012-08-24 13:59:33 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\EurekaLog [2012-07-17 21:33:12 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\FileZilla [2012-11-11 10:17:22 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\foobar2000 [2012-10-13 20:15:58 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\GanymedeNet [2011-04-19 21:18:56 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\GetRightToGo [2012-05-06 15:25:09 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\GonVisor [2012-07-31 18:13:50 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Graphisoft [2012-01-07 01:38:40 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Grisbi [2012-07-09 19:31:24 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\gtk-2.0 [2011-10-04 15:40:42 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\HD Tune Pro [2012-07-16 18:18:43 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\HDRsoft [2012-07-09 19:40:19 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\homebank [2011-04-08 16:44:37 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\iPlus [2012-04-07 09:54:18 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\IrfanView [2010-12-11 00:53:45 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\LogoMaker [2010-11-23 19:22:39 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\MAGIX [2012-01-11 09:50:42 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Manager [2012-04-06 21:07:35 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\MoneyManagerEx [2011-11-14 00:48:27 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Mumble [2012-04-18 19:33:29 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\MusicBee [2011-07-10 22:02:33 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\MusicBrainz [2012-10-27 16:56:25 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\MyPhoneExplorer [2012-04-06 21:04:36 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\NapiProjekt [2012-04-09 23:38:19 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Netscape [2012-09-18 20:59:58 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Nokia [2012-09-18 20:59:58 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Nokia Suite [2010-09-29 13:23:36 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Nonoh [2012-10-19 21:24:39 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Notepad++ [2010-12-10 12:41:53 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Nvu [2010-10-09 12:40:37 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\o2.pl [2012-01-23 22:01:26 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\ObviousIdea [2010-10-09 00:10:55 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\OfficeRecovery [2012-09-08 23:25:19 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Opera [2012-06-20 23:10:37 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\PC Suite [2012-01-25 11:30:28 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\PDF Writer [2012-01-25 11:32:26 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\PrimoPDF [2011-06-09 19:27:09 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Publish Providers [2011-03-31 02:14:36 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Rainmeter [2011-06-27 19:54:51 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\rockbox.org [2011-10-02 21:45:01 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Rovio [2012-04-26 20:53:05 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Samsung [2011-06-27 19:53:39 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\SanDisk [2012-08-10 17:12:56 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\SendSpace [2012-01-25 11:28:51 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Softland [2010-11-27 22:34:13 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Songbird2 [2011-06-09 20:19:34 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Sony [2012-10-26 16:16:09 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Spotify [2011-04-11 10:46:28 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012-02-06 02:43:11 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\StreamTorrent [2012-08-02 16:33:27 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\TeamViewer [2012-07-08 11:18:59 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Thinstall [2012-05-20 15:13:54 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\TightVNC [2012-04-12 21:26:56 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Tinn-R [2012-02-24 21:21:26 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\TonidoSyncData [2012-11-16 17:08:31 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\uTorrent [2010-09-26 09:39:14 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\VitySoft [2012-02-01 20:28:45 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\VSO [2012-09-18 18:28:37 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\WinBatch [2010-10-23 10:48:48 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\Windows Live Writer [2012-11-01 17:26:53 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\XBMC [2012-01-23 23:13:18 | 000,000,000 | ---D | M] -- C:\Users\Barney\AppData\Roaming\yWorks [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:0B4227B4 @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:8CE646EE @Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:A1EDB939 < End of report >