OTL logfile created on: 2013-12-05 23:16:42 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jablonna\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,91 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 42,44% Memory free 5,82 Gb Paging File | 4,14 Gb Available in Paging File | 71,10% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 283,34 Gb Total Space | 208,40 Gb Free Space | 73,55% Space Free | Partition Type: NTFS Computer Name: JABLONNA666 | User Name: Jablonna | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-12-05 22:45:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jablonna\Downloads\OTL.exe PRC - [2013-12-04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2013-06-26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2013-06-26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2013-05-09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-02-10 10:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe PRC - [2011-09-06 18:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE PRC - [2011-08-18 16:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE PRC - [2011-08-18 16:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE PRC - [2011-08-01 18:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe PRC - [2010-11-30 03:04:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2010-11-29 10:31:42 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010-11-06 05:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010-11-03 18:01:34 | 000,983,104 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe PRC - [2010-11-03 17:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2010-10-06 03:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010-10-06 03:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-12-04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll MOD - [2013-12-04 03:48:03 | 013,586,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll MOD - [2013-12-04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll MOD - [2013-12-04 03:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll MOD - [2013-12-04 03:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll MOD - [2013-12-04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll MOD - [2013-10-13 15:49:59 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll MOD - [2013-10-13 14:54:01 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll MOD - [2013-10-13 14:53:37 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll MOD - [2013-10-13 14:53:25 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll MOD - [2013-10-13 14:53:13 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll MOD - [2013-10-13 14:53:06 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll MOD - [2013-08-19 15:49:39 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll MOD - [2013-08-19 15:49:13 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll MOD - [2013-08-19 15:49:07 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll MOD - [2013-07-11 17:44:46 | 000,226,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5de32c4f69c7141f68b383915ab87ff4\PresentationFramework.Classic.ni.dll MOD - [2013-07-11 17:42:52 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll MOD - [2011-08-18 16:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE MOD - [2011-03-16 23:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2013-12-05 21:18:06 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2011-01-21 12:47:52 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV) SRV:[b]64bit:[/b] - [2010-12-17 20:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:[b]64bit:[/b] - [2010-12-17 20:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:[b]64bit:[/b] - [2010-12-17 20:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:[b]64bit:[/b] - [2010-09-23 00:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2009-03-03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters) SRV - [2013-10-10 18:20:32 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2013-06-26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2013-06-26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2013-06-03 15:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-05-09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-02-10 10:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate) SRV - [2012-02-10 10:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc) SRV - [2011-08-18 16:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService) SRV - [2010-11-30 03:04:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010-11-29 10:31:42 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-11-25 11:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12) SRV - [2010-11-25 11:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM) SRV - [2010-11-06 05:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010-11-03 18:01:34 | 000,983,104 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2010-11-03 18:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service) SRV - [2010-11-03 17:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2010-10-06 03:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010-10-06 03:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013-06-26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:[b]64bit:[/b] - [2013-06-26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:[b]64bit:[/b] - [2013-06-26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:[b]64bit:[/b] - [2013-06-26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-01-21 12:47:52 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:[b]64bit:[/b] - [2011-01-15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:[b]64bit:[/b] - [2011-01-08 02:42:34 | 012,262,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2010-12-21 15:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:[b]64bit:[/b] - [2010-12-16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:[b]64bit:[/b] - [2010-12-10 22:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:[b]64bit:[/b] - [2010-12-10 22:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:[b]64bit:[/b] - [2010-12-03 23:32:24 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:[b]64bit:[/b] - [2010-12-01 11:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd) DRV:[b]64bit:[/b] - [2010-11-30 03:04:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-12 13:40:50 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2010-11-06 05:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2010-11-04 11:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:[b]64bit:[/b] - [2010-11-04 09:31:44 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex) DRV:[b]64bit:[/b] - [2010-10-30 01:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b]64bit:[/b] - [2010-10-26 20:08:08 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-10-20 00:12:58 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:[b]64bit:[/b] - [2010-09-21 15:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2010-08-12 16:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt) DRV:[b]64bit:[/b] - [2010-03-19 09:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2006-11-01 18:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 IE - HKLM\..\URLSearchHook: {35662f81-9532-4f78-8e0c-5950ec958f91} - C:\Program Files (x86)\wegemaluch\prxtbwege.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1002\..\URLSearchHook: {35662f81-9532-4f78-8e0c-5950ec958f91} - C:\Program Files (x86)\wegemaluch\prxtbwege.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1002\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKU\S-1-5-21-2719447833-2834008836-2811427480-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Jablonna\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2013-07-11 19:19:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Delta Search (Enabled) CHR - default_search_provider: search_url = http://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=7C4EBC773731489B&affID=119557&tsp=5027 CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.delta-search.com/?babsrc=HP_ss&mntrId=7C4EBC773731489B&affID=119557&tsp=5027 CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U37 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - Extension: Google Wallet = \Users\Jablonna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\ O1 HOSTS File: ([2013-12-03 22:26:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (wegemaluch Toolbar) - {35662f81-9532-4f78-8e0c-5950ec958f91} - C:\Program Files (x86)\wegemaluch\prxtbwege.dll (Conduit Ltd.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Pomocnik logowania za pomocą identyfikatora Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (wegemaluch Toolbar) - {35662f81-9532-4f78-8e0c-5950ec958f91} - C:\Program Files (x86)\wegemaluch\prxtbwege.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe () O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe () O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.) O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O4 - HKU\S-1-5-21-2719447833-2834008836-2811427480-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2719447833-2834008836-2811427480-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\All Users\Adobe [2013-07-11 19:05:37 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Ask [2012-05-01 14:04:21 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Babylon [2013-07-11 19:19:33 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Corel [2013-07-12 10:44:45 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\CorelDRAW Graphics Suite X6 [2013-08-21 16:28:22 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Creative [2013-06-08 19:03:09 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Dane aplikacji [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Dell [2011-10-19 08:47:44 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Dokumenty [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\DSearchLink [2013-10-06 10:34:35 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Google [2013-12-05 19:04:46 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Intel [2011-04-02 17:12:20 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Macrovision [2011-04-02 17:09:04 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\McAfee [2012-06-29 17:56:45 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Menu Start [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Microsoft [2013-12-05 21:24:52 | 000,000,000 | --SD | M] O4 - Startup: C:\Users\All Users\Microsoft Help [2013-12-05 21:16:03 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\NVIDIA [2013-12-05 22:31:04 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\NVIDIA Corporation [2011-04-02 16:57:26 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\PhotoShow Shared Assets [2011-04-02 17:10:23 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Protexis [2013-07-11 19:43:57 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Pulpit [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Roxio [2011-04-02 17:14:46 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Samsung [2012-11-29 19:15:45 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Skype [2013-06-07 10:07:22 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Sonic [2013-12-05 22:20:26 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Sun [2011-12-16 21:30:55 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Szablony [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Temp [2011-04-02 17:07:14 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Ulubione [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Uninstall [2011-04-02 17:11:09 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\VirtualizedApplications [2012-07-24 18:40:52 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Default\AppData [2009-07-14 04:20:08 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\Default\Dane aplikacji [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Desktop [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Documents [2011-10-19 07:57:56 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Downloads [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Favorites [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Links [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Menu Start [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Moje dokumenty [2011-10-19 07:57:56 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Music [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\NetHood [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\NTUSER.DAT () O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG () O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG1 () O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG2 () O4 - Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf () O4 - Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Default\Pictures [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\PrintHood [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Recent [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Roaming [2011-04-02 17:04:11 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Default\Saved Games [2009-07-14 03:34:59 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Default\SendTo [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Szablony [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Ustawienia lokalne [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Videos [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Jablonna\.dsig [2011-12-16 21:31:09 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Jablonna\01012012(001).jpg () O4 - Startup: C:\Users\Jablonna\03122012(002).jpg () O4 - Startup: C:\Users\Jablonna\17112012(012).jpg () O4 - Startup: C:\Users\Jablonna\AppData [2011-10-19 07:58:14 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\Jablonna\Application Data [2013-02-02 13:15:54 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Jablonna\Contacts [2013-09-14 13:23:08 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Jablonna\Cookies [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Jablonna\Dane aplikacji [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Jablonna\Desktop [2013-12-05 23:13:06 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Jablonna\Documents [2013-09-14 13:23:08 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Jablonna\Downloads [2013-12-05 22:57:57 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Jablonna\Favorites [2013-10-06 11:09:52 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Jablonna\Links [2013-09-14 13:23:08 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Jablonna\Local Settings [2013-10-06 10:34:02 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Jablonna\Menu Start [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Jablonna\Moje dokumenty [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Jablonna\Moje pliki kopii zapasowych [2011-10-22 16:22:21 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Jablonna\Music [2013-09-14 13:23:08 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Jablonna\NetHood [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Jablonna\ntuser.dat () O4 - Startup: C:\Users\Jablonna\ntuser.dat.LOG1 () O4 - Startup: C:\Users\Jablonna\ntuser.dat.LOG2 () O4 - Startup: C:\Users\Jablonna\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf () O4 - Startup: C:\Users\Jablonna\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Jablonna\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.dat{520df715-70e8-11e1-a14c-dcc739737f86}.TM.blf () O4 - Startup: C:\Users\Jablonna\ntuser.dat{520df715-70e8-11e1-a14c-dcc739737f86}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.dat{520df715-70e8-11e1-a14c-dcc739737f86}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.dat{56ca6f8c-58bf-11e3-82db-8305b63e2281}.TM.blf () O4 - Startup: C:\Users\Jablonna\ntuser.dat{56ca6f8c-58bf-11e3-82db-8305b63e2281}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.dat{56ca6f8c-58bf-11e3-82db-8305b63e2281}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.dat{6b0fce54-58bd-11e3-b17c-e8be6108b681}.TM.blf () O4 - Startup: C:\Users\Jablonna\ntuser.dat{6b0fce54-58bd-11e3-b17c-e8be6108b681}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.dat{6b0fce54-58bd-11e3-b17c-e8be6108b681}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.dat{95f6ddb4-5c47-11e3-93f8-c7ed0deb009c}.TxR.0.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.dat{95f6ddb4-5c47-11e3-93f8-c7ed0deb009c}.TxR.1.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.dat{95f6ddb4-5c47-11e3-93f8-c7ed0deb009c}.TxR.2.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.dat{95f6ddb4-5c47-11e3-93f8-c7ed0deb009c}.TxR.blf () O4 - Startup: C:\Users\Jablonna\ntuser.dat{95f6ddb5-5c47-11e3-93f8-c7ed0deb009c}.TM.blf () O4 - Startup: C:\Users\Jablonna\ntuser.dat{95f6ddb5-5c47-11e3-93f8-c7ed0deb009c}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.dat{95f6ddb5-5c47-11e3-93f8-c7ed0deb009c}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.dat{cf6362d5-5488-11e1-8cbe-bc773731489e}.TM.blf () O4 - Startup: C:\Users\Jablonna\ntuser.dat{cf6362d5-5488-11e1-8cbe-bc773731489e}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.dat{cf6362d5-5488-11e1-8cbe-bc773731489e}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Jablonna\ntuser.ini () O4 - Startup: C:\Users\Jablonna\Pictures [2013-11-22 13:11:18 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Jablonna\PrintHood [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Jablonna\Recent [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Jablonna\Roaming [2011-04-02 17:04:11 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Jablonna\Saved Games [2013-09-14 13:23:08 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Jablonna\Searches [2013-09-14 13:23:08 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Jablonna\SendTo [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Jablonna\Szablony [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Jablonna\Thumbs.db () O4 - Startup: C:\Users\Jablonna\Ustawienia lokalne [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Jablonna\Videos [2013-09-14 13:23:08 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\AppData [2013-12-03 22:31:31 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Public\Desktop [2013-12-05 22:24:35 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\Documents [2013-07-12 10:41:02 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Downloads [2009-07-14 05:54:24 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Favorites [2009-07-14 03:34:59 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\Libraries [2011-10-19 07:57:55 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\LMDebug.log () O4 - Startup: C:\Users\Public\Music [2011-04-02 17:07:59 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Public\NTUSER.DAT () O4 - Startup: C:\Users\Public\NTUSER.DAT.LOG1 () O4 - Startup: C:\Users\Public\NTUSER.DAT.LOG2 () O4 - Startup: C:\Users\Public\NTUSER.DAT{d80ba839-53da-11e1-b430-9a05d6fa9e87}.TM.blf () O4 - Startup: C:\Users\Public\NTUSER.DAT{d80ba839-53da-11e1-b430-9a05d6fa9e87}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Public\NTUSER.DAT{d80ba839-53da-11e1-b430-9a05d6fa9e87}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Public\NTUSER.DAT{e3ce6654-1460-11e1-a879-bc773731489e}.TM.blf () O4 - Startup: C:\Users\Public\NTUSER.DAT{e3ce6654-1460-11e1-a879-bc773731489e}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Public\NTUSER.DAT{e3ce6654-1460-11e1-a879-bc773731489e}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Public\Pictures [2011-04-02 17:29:40 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Recorded TV [2012-02-11 16:16:20 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Roaming [2011-04-02 17:04:11 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Public\Videos [2011-04-02 17:07:55 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\AppData [2011-04-02 16:58:06 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\UpdatusUser\Contacts [2011-04-02 16:58:07 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\UpdatusUser\Cookies [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Dane aplikacji [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Desktop [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\Documents [2011-04-02 16:58:06 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\Downloads [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\Favorites [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\Links [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\Menu Start [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Moje dokumenty [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Music [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\NetHood [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\ntuser.dat () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat.LOG1 () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat.LOG2 () O4 - Startup: C:\Users\UpdatusUser\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{06a09dd7-e83d-11e1-b18d-a3e2a46bde84}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{06a09dd7-e83d-11e1-b18d-a3e2a46bde84}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{06a09dd7-e83d-11e1-b18d-a3e2a46bde84}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{0c689c77-447c-11e2-9849-883752f2869e}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{0c689c77-447c-11e2-9849-883752f2869e}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{0c689c77-447c-11e2-9849-883752f2869e}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{123a2d95-5c4b-11e3-bf67-f1bc59a2bf92}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{123a2d95-5c4b-11e3-bf67-f1bc59a2bf92}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{123a2d95-5c4b-11e3-bf67-f1bc59a2bf92}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{1432fd7e-340d-11e3-bf92-bc7694cd8be9}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{1432fd7e-340d-11e3-bf92-bc7694cd8be9}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{1432fd7e-340d-11e3-bf92-bc7694cd8be9}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{1f9f24d0-5c4c-11e3-82fd-8296e036a192}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{1f9f24d0-5c4c-11e3-82fd-8296e036a192}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{1f9f24d0-5c4c-11e3-82fd-8296e036a192}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{30816782-17c4-11e2-8b3b-dbac09613685}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{30816782-17c4-11e2-8b3b-dbac09613685}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{30816782-17c4-11e2-8b3b-dbac09613685}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{3786d9d8-c2ae-11e1-9197-bc1e8da4a580}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{3786d9d8-c2ae-11e1-9197-bc1e8da4a580}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{3786d9d8-c2ae-11e1-9197-bc1e8da4a580}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{3c4ce9c7-58c2-11e3-bdde-acde15ea1882}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{3c4ce9c7-58c2-11e3-bdde-acde15ea1882}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{3c4ce9c7-58c2-11e3-bdde-acde15ea1882}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\NTUSER.DAT{3eaf763a-3bb4-11e1-8ad0-bc773731489e}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\NTUSER.DAT{3eaf763a-3bb4-11e1-8ad0-bc773731489e}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\NTUSER.DAT{3eaf763a-3bb4-11e1-8ad0-bc773731489e}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{4bd2696a-7f41-11e1-a8b1-91faab8b7687}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{4bd2696a-7f41-11e1-a8b1-91faab8b7687}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{4bd2696a-7f41-11e1-a8b1-91faab8b7687}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{520df71f-70e8-11e1-a14c-dcc739737f86}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{520df71f-70e8-11e1-a14c-dcc739737f86}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{520df71f-70e8-11e1-a14c-dcc739737f86}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{56ca6fa1-58bf-11e3-82db-8305b63e2281}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{56ca6fa1-58bf-11e3-82db-8305b63e2281}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{56ca6fa1-58bf-11e3-82db-8305b63e2281}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{5e7b41f8-72b4-11e2-8aaa-c5bedff0c2fe}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{5e7b41f8-72b4-11e2-8aaa-c5bedff0c2fe}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{5e7b41f8-72b4-11e2-8aaa-c5bedff0c2fe}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{6b0fce69-58bd-11e3-b17c-e8be6108b681}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{6b0fce69-58bd-11e3-b17c-e8be6108b681}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{6b0fce69-58bd-11e3-b17c-e8be6108b681}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{7dd68cd8-5c4e-11e3-878d-d21e90af2291}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{7dd68cd8-5c4e-11e3-878d-d21e90af2291}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{7dd68cd8-5c4e-11e3-878d-d21e90af2291}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{95f6ddc7-5c47-11e3-93f8-c7ed0deb009c}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{95f6ddc7-5c47-11e3-93f8-c7ed0deb009c}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{95f6ddc7-5c47-11e3-93f8-c7ed0deb009c}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{a57a6ae4-58bf-11e3-b50f-d51bb5f22f82}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{a57a6ae4-58bf-11e3-b50f-d51bb5f22f82}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{a57a6ae4-58bf-11e3-b50f-d51bb5f22f82}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\NTUSER.DAT{b3610ff8-46d3-11e1-8a2c-bc773731489e}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\NTUSER.DAT{b3610ff8-46d3-11e1-8a2c-bc773731489e}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\NTUSER.DAT{b3610ff8-46d3-11e1-8a2c-bc773731489e}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{c04475b3-5c4d-11e3-b7ad-d7bd7fd4e79e}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{c04475b3-5c4d-11e3-b7ad-d7bd7fd4e79e}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{c04475b3-5c4d-11e3-b7ad-d7bd7fd4e79e}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{cf6362de-5488-11e1-8cbe-bc773731489e}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{cf6362de-5488-11e1-8cbe-bc773731489e}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{cf6362de-5488-11e1-8cbe-bc773731489e}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{dfe4d68a-572b-11e1-9b3d-b3a36b22c787}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{dfe4d68a-572b-11e1-9b3d-b3a36b22c787}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{dfe4d68a-572b-11e1-9b3d-b3a36b22c787}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{e2c0677c-aa4f-11e1-bafa-892d5f12af87}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{e2c0677c-aa4f-11e1-bafa-892d5f12af87}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{e2c0677c-aa4f-11e1-bafa-892d5f12af87}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{e809428d-5b5a-11e3-be0e-d436fe62cc82}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{e809428d-5b5a-11e3-be0e-d436fe62cc82}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat{e809428d-5b5a-11e3-be0e-d436fe62cc82}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.ini () O4 - Startup: C:\Users\UpdatusUser\Pictures [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\PrintHood [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Recent [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Roaming [2011-04-02 17:04:11 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\UpdatusUser\Saved Games [2009-07-14 03:34:59 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\UpdatusUser\Searches [2011-04-02 16:58:07 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\UpdatusUser\SendTo [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Szablony [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Ustawienia lokalne [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Videos [2009-07-14 03:34:59 | 000,000,000 | R--D | M] O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2719447833-2834008836-2811427480-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2719447833-2834008836-2811427480-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2719447833-2834008836-2811427480-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2719447833-2834008836-2811427480-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O9:[b]64bit:[/b] - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA} http://javadl-esd.sun.com/update/1.6.0/jinstall-6-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69F1AF8F-F282-4885-9684-200800CAC5EA}: DhcpNameServer = 62.179.1.63 62.179.1.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C9EFBF98-5019-4915-9956-C8A82961E00C}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - AppInit_DLLs: (c:\PROGRA~3\BitGuard\271832~1.68\{C16C1~1\loader.dll) - File not found O20:[b]64bit:[/b] - AppInit_DLLs: (c:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.) O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-12-05 22:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013-12-05 22:24:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013-12-05 21:24:52 | 000,000,000 | ---D | C] -- C:\Windows\Migration [2013-12-05 21:23:26 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE [2013-12-05 21:18:21 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013-12-05 21:18:21 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013-12-05 21:18:06 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013-12-05 21:18:06 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013-12-05 21:18:06 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013-12-05 21:18:06 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013-12-05 21:18:06 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013-12-05 21:18:06 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2013-12-05 21:18:06 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013-12-05 21:18:06 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013-12-05 21:18:06 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2013-12-05 21:18:06 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013-12-05 21:18:06 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll [2013-12-05 21:18:06 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013-12-05 21:18:06 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013-12-05 21:18:06 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013-12-05 21:18:06 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013-12-05 21:18:06 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013-12-05 21:18:06 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2013-12-05 21:18:06 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013-12-05 21:18:06 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013-12-05 21:18:06 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013-12-05 21:18:06 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013-12-05 21:18:06 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013-12-05 21:18:06 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013-12-05 21:18:06 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013-12-05 21:18:06 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013-12-05 21:18:06 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013-12-05 21:18:06 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013-12-05 21:18:06 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013-12-05 21:18:06 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013-12-05 21:18:06 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013-12-05 21:18:06 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013-12-05 21:18:06 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013-12-05 21:18:06 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013-12-05 21:18:06 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013-12-05 21:18:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013-12-05 21:18:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013-12-05 21:18:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013-12-05 21:18:06 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013-12-05 21:18:06 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013-12-05 21:18:06 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013-12-05 21:18:06 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013-12-05 21:18:06 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2013-12-05 21:18:06 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013-12-05 21:18:06 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013-12-05 21:18:06 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013-12-05 21:18:06 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013-12-05 21:18:06 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013-12-05 21:18:06 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013-12-05 21:18:06 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013-12-05 21:18:06 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2013-12-05 21:18:06 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013-12-05 21:18:06 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013-12-05 21:18:06 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013-12-05 21:18:06 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013-12-05 21:18:06 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013-12-05 21:18:06 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013-12-05 21:18:06 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013-12-05 21:18:06 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013-12-05 21:18:06 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013-12-05 21:18:06 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013-12-05 21:18:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2013-12-05 21:18:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013-12-05 21:18:06 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013-12-05 21:18:06 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2013-12-05 21:18:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013-12-05 21:18:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013-12-05 21:18:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2013-12-05 21:18:06 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013-12-05 21:18:06 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2013-12-05 21:18:06 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2013-12-05 21:18:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013-12-05 21:18:06 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013-12-05 21:18:06 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013-12-05 21:18:06 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013-12-05 21:18:06 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013-12-05 21:18:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013-12-05 21:18:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013-12-05 21:18:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2013-12-05 21:16:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013-12-05 21:16:08 | 000,000,000 | -HSD | C] -- \Config.Msi [2013-12-05 20:53:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013-12-05 20:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013-12-05 20:52:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013-12-05 19:02:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013-12-05 19:02:31 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN [2013-12-05 19:02:26 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013-12-03 22:10:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013-12-03 22:10:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013-12-03 22:10:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013-12-03 22:04:23 | 000,000,000 | ---D | C] -- C:\Qoobox [2013-12-03 22:04:23 | 000,000,000 | ---D | C] -- \Qoobox [2013-12-03 22:03:06 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013-11-28 08:12:12 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2013-11-15 10:00:58 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013-11-15 10:00:23 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013-11-15 10:00:23 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013-11-15 10:00:22 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll [2013-11-15 10:00:22 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll [2013-11-15 10:00:22 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll [2013-11-15 10:00:18 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013-11-15 10:00:18 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013-11-15 10:00:18 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2013-11-15 10:00:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2013-11-15 10:00:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2013-11-15 10:00:16 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll [2013-11-15 10:00:14 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll [2013-11-15 10:00:14 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll [2013-11-15 10:00:14 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL [2013-11-15 10:00:14 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL [53 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-12-05 23:20:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-12-05 22:38:39 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-12-05 22:38:39 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-12-05 22:38:32 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-12-05 22:30:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-12-05 22:30:43 | 2342,912,000 | -HS- | M] () -- C:\hiberfil.sys [2013-12-05 22:28:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-12-05 22:24:35 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013-12-05 21:28:19 | 000,741,140 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-12-05 21:28:19 | 000,654,932 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-12-05 21:28:19 | 000,156,424 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-12-05 21:28:19 | 000,122,546 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-12-05 21:28:18 | 001,690,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-12-05 21:27:23 | 001,636,216 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013-12-05 21:18:21 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013-12-05 21:18:21 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013-12-05 21:18:06 | 005,765,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013-12-05 21:18:06 | 001,993,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013-12-05 21:18:06 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013-12-05 21:18:06 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013-12-05 21:18:06 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013-12-05 21:18:06 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2013-12-05 21:18:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013-12-05 21:18:06 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013-12-05 21:18:06 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2013-12-05 21:18:06 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013-12-05 21:18:06 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll [2013-12-05 21:18:06 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013-12-05 21:18:06 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013-12-05 21:18:06 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013-12-05 21:18:06 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013-12-05 21:18:06 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013-12-05 21:18:06 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2013-12-05 21:18:06 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013-12-05 21:18:06 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013-12-05 21:18:06 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013-12-05 21:18:06 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013-12-05 21:18:06 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013-12-05 21:18:06 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013-12-05 21:18:06 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013-12-05 21:18:06 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013-12-05 21:18:06 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013-12-05 21:18:06 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013-12-05 21:18:06 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013-12-05 21:18:06 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013-12-05 21:18:06 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013-12-05 21:18:06 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013-12-05 21:18:06 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013-12-05 21:18:06 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013-12-05 21:18:06 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013-12-05 21:18:06 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013-12-05 21:18:06 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013-12-05 21:18:06 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013-12-05 21:18:06 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013-12-05 21:18:06 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013-12-05 21:18:06 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013-12-05 21:18:06 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013-12-05 21:18:06 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2013-12-05 21:18:06 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013-12-05 21:18:06 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013-12-05 21:18:06 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013-12-05 21:18:06 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013-12-05 21:18:06 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013-12-05 21:18:06 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013-12-05 21:18:06 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013-12-05 21:18:06 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2013-12-05 21:18:06 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013-12-05 21:18:06 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013-12-05 21:18:06 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013-12-05 21:18:06 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013-12-05 21:18:06 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013-12-05 21:18:06 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013-12-05 21:18:06 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013-12-05 21:18:06 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013-12-05 21:18:06 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013-12-05 21:18:06 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013-12-05 21:18:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2013-12-05 21:18:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013-12-05 21:18:06 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013-12-05 21:18:06 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2013-12-05 21:18:06 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013-12-05 21:18:06 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013-12-05 21:18:06 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2013-12-05 21:18:06 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013-12-05 21:18:06 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2013-12-05 21:18:06 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2013-12-05 21:18:06 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013-12-05 21:18:06 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013-12-05 21:18:06 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013-12-05 21:18:06 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013-12-05 21:18:06 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013-12-05 21:18:06 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013-12-05 21:18:06 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013-12-05 21:18:06 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013-12-05 21:18:06 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013-12-05 21:18:06 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2013-12-05 20:54:03 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2719447833-2834008836-2811427480-1002UA.job [2013-12-03 22:26:42 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013-11-28 07:43:29 | 000,009,992 | ---- | M] () -- C:\bootsqm.dat [2013-11-24 11:53:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2719447833-2834008836-2811427480-1002Core.job [53 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-12-05 22:24:35 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013-12-05 21:18:06 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013-12-05 21:18:06 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013-12-03 22:10:35 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013-12-03 22:10:35 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013-12-03 22:10:35 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013-12-03 22:10:35 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013-12-03 22:10:35 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013-11-28 07:43:29 | 000,009,992 | ---- | C] () -- C:\bootsqm.dat [2013-11-28 07:43:29 | 000,009,992 | ---- | C] () -- \bootsqm.dat [2013-07-17 23:46:09 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2012-12-03 12:49:58 | 000,322,281 | ---- | C] () -- C:\Users\Jablonna\03122012(002).jpg [2012-11-17 12:13:40 | 000,174,406 | ---- | C] () -- C:\Users\Jablonna\17112012(012).jpg [2012-07-23 15:17:18 | 001,636,216 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-01-01 00:02:28 | 000,444,802 | ---- | C] () -- C:\Users\Jablonna\01012012(001).jpg [2011-04-02 18:57:31 | 000,003,861 | -H-- | C] () -- \dell.sdr [2011-04-02 16:35:16 | 2342,912,000 | -HS- | C] () -- \hiberfil.sys [2009-04-28 17:27:09 | 000,008,192 | RHS- | C] () -- \BOOTSECT.BAK [2009-04-28 17:27:08 | 000,383,562 | RHS- | C] () -- \bootmgr [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2012-05-01 14:04:21 | 000,000,000 | ---D | M] -- C:\Users\All Users\Ask [2013-07-11 19:19:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Babylon [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dane aplikacji [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumenty [2013-10-06 10:34:35 | 000,000,000 | ---D | M] -- C:\Users\All Users\DSearchLink [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Menu Start [2011-04-02 17:10:23 | 000,000,000 | ---D | M] -- C:\Users\All Users\PhotoShow Shared Assets [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Pulpit [2012-11-29 19:15:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\Samsung [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Szablony [2011-04-02 17:07:14 | 000,000,000 | ---D | M] -- C:\Users\All Users\Temp [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Ulubione [2011-04-02 17:11:09 | 000,000,000 | ---D | M] -- C:\Users\All Users\Uninstall [2012-07-24 18:40:52 | 000,000,000 | ---D | M] -- C:\Users\All Users\VirtualizedApplications [2009-07-14 04:20:08 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\Default\Dane aplikacji [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop [2011-10-19 07:57:56 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Links [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\Default\Menu Start [2011-10-19 07:57:56 | 000,000,000 | -HSD | M] -- C:\Users\Default\Moje dokumenty [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Music [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent [2011-04-02 17:04:11 | 000,000,000 | ---D | M] -- C:\Users\Default\Roaming [2009-07-14 03:34:59 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\Default\Szablony [2011-10-19 07:57:57 | 000,000,000 | -HSD | M] -- C:\Users\Default\Ustawienia lokalne [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos [2011-12-16 21:31:09 | 000,000,000 | ---D | M] -- C:\Users\Jablonna\.dsig [2011-10-19 07:58:14 | 000,000,000 | -H-D | M] -- C:\Users\Jablonna\AppData [2013-02-02 13:15:54 | 000,000,000 | ---D | M] -- C:\Users\Jablonna\Application Data [2013-09-14 13:23:08 | 000,000,000 | R--D | M] -- C:\Users\Jablonna\Contacts [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] -- C:\Users\Jablonna\Cookies [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] -- C:\Users\Jablonna\Dane aplikacji [2013-12-05 23:20:47 | 000,000,000 | R--D | M] -- C:\Users\Jablonna\Desktop [2013-09-14 13:23:08 | 000,000,000 | R--D | M] -- C:\Users\Jablonna\Documents [2013-12-05 22:57:57 | 000,000,000 | R--D | M] -- C:\Users\Jablonna\Downloads [2013-10-06 11:09:52 | 000,000,000 | R--D | M] -- C:\Users\Jablonna\Favorites [2013-09-14 13:23:08 | 000,000,000 | R--D | M] -- C:\Users\Jablonna\Links [2013-10-06 10:34:02 | 000,000,000 | ---D | M] -- C:\Users\Jablonna\Local Settings [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] -- C:\Users\Jablonna\Menu Start [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] -- C:\Users\Jablonna\Moje dokumenty [2011-10-22 16:22:21 | 000,000,000 | ---D | M] -- C:\Users\Jablonna\Moje pliki kopii zapasowych [2013-09-14 13:23:08 | 000,000,000 | R--D | M] -- C:\Users\Jablonna\Music [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] -- C:\Users\Jablonna\NetHood [2013-11-22 13:11:18 | 000,000,000 | R--D | M] -- C:\Users\Jablonna\Pictures [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] -- C:\Users\Jablonna\PrintHood [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] -- C:\Users\Jablonna\Recent [2011-04-02 17:04:11 | 000,000,000 | ---D | M] -- C:\Users\Jablonna\Roaming [2013-09-14 13:23:08 | 000,000,000 | R--D | M] -- C:\Users\Jablonna\Saved Games [2013-09-14 13:23:08 | 000,000,000 | R--D | M] -- C:\Users\Jablonna\Searches [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] -- C:\Users\Jablonna\SendTo [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] -- C:\Users\Jablonna\Szablony [2011-10-19 07:58:14 | 000,000,000 | -HSD | M] -- C:\Users\Jablonna\Ustawienia lokalne [2013-09-14 13:23:08 | 000,000,000 | R--D | M] -- C:\Users\Jablonna\Videos [2013-12-03 22:31:31 | 000,000,000 | ---D | M] -- C:\Users\Public\AppData [2013-12-05 22:24:35 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop [2013-07-12 10:41:02 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents [2009-07-14 05:54:24 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads [2009-07-14 03:34:59 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites [2011-10-19 07:57:55 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries [2011-04-02 17:07:59 | 000,000,000 | ---D | M] -- C:\Users\Public\Music [2011-04-02 17:29:40 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures [2012-02-11 16:16:20 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV [2011-04-02 17:04:11 | 000,000,000 | ---D | M] -- C:\Users\Public\Roaming [2011-04-02 17:07:55 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos [2011-04-02 16:58:06 | 000,000,000 | -H-D | M] -- C:\Users\UpdatusUser\AppData [2011-04-02 16:58:07 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\Contacts [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Cookies [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Dane aplikacji [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Desktop [2011-04-02 16:58:06 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Documents [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Downloads [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Favorites [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Links [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Menu Start [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Moje dokumenty [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Music [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\NetHood [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Pictures [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\PrintHood [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Recent [2011-04-02 17:04:11 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\Roaming [2009-07-14 03:34:59 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\Saved Games [2011-04-02 16:58:07 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\Searches [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\SendTo [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Szablony [2011-04-02 16:58:06 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Ustawienia lokalne [2009-07-14 03:34:59 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Videos [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2013-09-25 08:06:36 | 097,673,008 | ---- | M] ()(C:\Windows\SysWow64\???Ä) -- C:\Windows\SysWow64\뺞瓉畤Ä [2013-09-25 08:06:36 | 097,673,008 | ---- | C] ()(C:\Windows\SysWow64\???Ä) -- C:\Windows\SysWow64\뺞瓉畤Ä [2013-09-19 13:04:48 | 098,352,290 | ---- | M] ()(C:\Windows\SysWow64\???—) -- C:\Windows\SysWow64\辆ቯ畤¯ [2013-09-19 13:04:48 | 098,352,290 | ---- | C] ()(C:\Windows\SysWow64\???—) -- C:\Windows\SysWow64\辆ቯ畤¯ [2013-09-12 08:54:00 | 097,238,077 | ---- | M] ()(C:\Windows\SysWow64\???Ô) -- C:\Windows\SysWow64\Ị畤Ô [2013-09-12 08:54:00 | 097,238,077 | ---- | C] ()(C:\Windows\SysWow64\???Ô) -- C:\Windows\SysWow64\Ị畤Ô [2013-09-09 06:40:46 | 096,592,724 | ---- | M] ()(C:\Windows\SysWow64\???Z) -- C:\Windows\SysWow64\畤Z [2013-09-09 06:40:46 | 096,592,724 | ---- | C] ()(C:\Windows\SysWow64\???Z) -- C:\Windows\SysWow64\畤Z < End of report >