OTL logfile created on: 2014-01-07 21:11:41 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\my downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16750) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,62 Gb Available Physical Memory | 31,22% Memory free 4,00 Gb Paging File | 2,23 Gb Available in Paging File | 55,68% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 92,21 Gb Total Space | 45,32 Gb Free Space | 49,15% Space Free | Partition Type: NTFS Drive D: | 45,12 Gb Total Space | 32,58 Gb Free Space | 72,21% Space Free | Partition Type: NTFS Computer Name: YARO-KOMPUTER | User Name: yaro | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-01-07 21:01:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\my downloads\OTL.exe PRC - [2014-01-03 01:46:10 | 030,714,328 | ---- | M] (Dropbox, Inc.) -- C:\Users\yaro\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013-12-18 20:27:20 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2013-12-18 20:26:57 | 000,431,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2013-12-18 20:26:53 | 000,684,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2013-12-13 08:05:42 | 000,390,256 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe PRC - [2013-11-25 19:01:08 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2013-09-04 19:16:46 | 000,844,656 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2013-09-04 19:16:42 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe PRC - [2013-09-04 19:16:40 | 001,564,528 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe PRC - [2013-08-25 22:44:26 | 000,007,168 | ---- | M] (SqueakyChocolate, LLC) -- C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe PRC - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013-05-03 10:15:57 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2012-11-23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-06-09 10:24:34 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\System32\dgdersvc.exe PRC - [2009-04-30 10:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe PRC - [2006-05-24 07:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\Windows\System32\StkASv2K.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-01-03 01:45:04 | 003,558,400 | ---- | M] () -- C:\Users\yaro\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll MOD - [2013-12-13 08:05:47 | 003,017,840 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\mozjs.dll MOD - [2013-12-13 08:05:47 | 000,158,832 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldap32v60.dll MOD - [2013-12-13 08:05:47 | 000,023,152 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldappr32v60.dll MOD - [2013-12-04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Users\yaro\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll MOD - [2013-12-04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Users\yaro\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll MOD - [2013-12-04 03:47:11 | 000,702,416 | ---- | M] () -- C:\Users\yaro\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll MOD - [2013-12-04 03:47:11 | 000,099,792 | ---- | M] () -- C:\Users\yaro\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll MOD - [2013-12-04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Users\yaro\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll MOD - [2013-10-31 18:35:31 | 014,972,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\a0be2c714964d75270c37bd0e57182ee\Kies.Theme.ni.dll MOD - [2013-10-31 18:35:30 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\c001433d3ccb98bd9c3744d8d288d1c5\DummyStorePlugin.ni.dll MOD - [2013-10-31 18:35:29 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\720975c029f0e660494688bc6a653f7d\DeviceStoryAlbum.ni.dll MOD - [2013-10-31 18:35:28 | 000,612,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\cfa2577a9e9acc5fe958f312a59a1c81\DevicePodcast.ni.dll MOD - [2013-10-31 18:35:25 | 000,296,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\742f94cc8e12d6f5d6f3067c379f5830\DeviceVideo.ni.dll MOD - [2013-10-31 18:35:24 | 000,362,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\b072044f4139d59fe42fef3e9b0bcd4d\DevicePhoto.ni.dll MOD - [2013-10-31 18:35:23 | 000,304,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\12b064e0920512111b08509c5caa18a4\DeviceMusic.ni.dll MOD - [2013-10-31 18:35:22 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\7345bcf24ec5b9e37e441dad66709ded\VideoManager.ni.dll MOD - [2013-10-31 18:35:20 | 000,802,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\d8b3317560a09b57793611bc64a75cd5\PhotoManager.ni.dll MOD - [2013-10-31 18:35:18 | 001,989,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\e0e0a4f4d25037d45bc98f4593f01849\Phonebook.ni.dll MOD - [2013-10-31 18:35:14 | 000,204,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\515bafdf1842ec430d02fadd897aed31\StoryAlbumManager.ni.dll MOD - [2013-10-31 18:35:13 | 000,941,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\d8f8d0e9483a2e2990f170eeffbdd4f6\MusicManager.ni.dll MOD - [2013-10-31 18:35:11 | 000,403,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\114d94cc3bfe818f253304e68c96c3ef\BATPlugin.ni.dll MOD - [2013-10-31 18:35:05 | 000,534,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\566bbb5b428cdfd838bdfaac85238588\Kies.Common.MediaDB.ni.dll MOD - [2013-10-31 18:35:05 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\124b085e52e2305d6b20ffe8c0782baa\Kies.Common.StoreManager.ni.dll MOD - [2013-10-31 18:35:03 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\6c2268d21092027249488bb1b5b0b75f\ASF_cSharpAPI.ni.dll MOD - [2013-10-31 18:35:03 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\33032fa8b60935f23dbd3c013904760d\Kies.Common.AllShare.ni.dll MOD - [2013-10-31 18:35:01 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\9758aacb460c55c9604c11b0fd3f88e4\Kies.Common.DBManager.ni.dll MOD - [2013-10-31 18:35:00 | 000,110,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\5faea8f6b83a7bb1931971af1bfd570b\Kies.Common.CRMManager.ni.dll MOD - [2013-10-31 18:34:59 | 001,144,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\00f25773b07ed8f9bf1197a4f132341a\Podcaster.ni.dll MOD - [2013-10-31 18:34:57 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\31302cf1a1f913254c7bf97bc6412594\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll MOD - [2013-10-31 18:34:56 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\c0cdd62dc7d72fe985f710d4592c4f41\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll MOD - [2013-10-31 18:34:55 | 000,178,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\edfb3c3992b851f06fafa935da142ab4\Interop.DevFileServiceLib.ni.dll MOD - [2013-10-31 18:34:54 | 000,582,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a87a3ef65dabe86f36798af6830b7bdc\Kies.Common.DeviceServiceLib.FileService.ni.dll MOD - [2013-10-31 18:34:52 | 001,221,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\351f23acaa345b8db81946dda01a0557\Kies.Common.DeviceService.ni.dll MOD - [2013-10-31 18:34:49 | 001,002,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\0a14014a110371a0911719ec4fd24fb2\DeviceCommonLib.ni.dll MOD - [2013-10-31 18:34:47 | 000,750,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\0548f9f46845e1b40fdeb11ec34d1e79\Kies.Plugin.ContentsManagerLib.ni.dll MOD - [2013-10-31 18:34:45 | 000,202,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\ffb6c87d68519fcefbc0119cb3474a2b\Kies.Common.MainUI.ni.dll MOD - [2013-10-31 18:34:19 | 000,046,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\129affa1c25fe7751026f37ac4441abe\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll MOD - [2013-10-31 18:34:18 | 000,940,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3515f2235addd540d4bf0102e9ca2b48\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll MOD - [2013-10-31 18:34:16 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\b4494a60ab409d1faffed1dc6e083f61\Interop.MP3FileInfoCOMLib.ni.dll MOD - [2013-10-31 18:34:16 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\1bacad5614827f888c2c488e0fdb2625\Interop.OGGFileInfoCOMLib.ni.dll MOD - [2013-10-31 18:34:15 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\222d144071a97633b9750cccffaecb8a\Interop.P3MPINTERFACECTRLLib.ni.dll MOD - [2013-10-31 18:34:15 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\57591836a63ff77117e98aae42158f17\Interop.PRPLAYERCORELib.ni.dll MOD - [2013-10-31 18:34:12 | 002,220,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\4f29ba11403b6c7f6837926c24a641dc\Kies.Common.Multimedia.ni.dll MOD - [2013-10-31 18:34:03 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\7932879d1006f45d6c5837c365ecbcf6\Kies.Common.DeviceServiceLib.Interface.ni.dll MOD - [2013-10-31 18:34:01 | 000,640,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\78d06dba51c8411c7748726db136fd7e\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll MOD - [2013-10-31 18:33:49 | 007,176,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\4748d750a8f41c99d49d78d654c2b5f6\DeviceHost.ni.dll MOD - [2013-10-31 18:33:37 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6a94081144d30902c2b577b86b60a372\CabLib.ni.dll MOD - [2013-10-31 18:33:36 | 000,312,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\d0329c8f1c7cdcd3c6798d65744fe7b4\Kies.Common.Util.ni.dll MOD - [2013-10-31 18:33:34 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\e7af6e651fc6634f6fb5e67073b5d779\Interop.DeviceSearchLib.ni.dll MOD - [2013-10-31 18:33:33 | 001,709,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\e28438173ef1e7a738132ecbd1ab1977\Kies.Locale.ni.dll MOD - [2013-10-31 18:33:32 | 001,924,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\bee88fd68a7fbf826e5b13f7d8d90aca\Kies.UI.ni.dll MOD - [2013-10-31 18:33:32 | 000,079,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\40e1d3d166754a0ee95587d5d7304414\Kies.MVVM.ni.dll MOD - [2013-10-31 18:33:27 | 000,154,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\cfab2e070c415fa349141897f075fb7d\GongSolutions.Wpf.DragDrop.ni.dll MOD - [2013-10-31 18:33:24 | 001,288,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\7941c4e4ecc72f20ee77d870ffc02f6e\Kies.Interface.ni.dll MOD - [2013-10-31 18:32:56 | 000,770,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ab934d739a0906bec56492882d935e57\System.Runtime.Remoting.ni.dll MOD - [2013-10-31 18:32:53 | 002,177,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\b8fec474bafe60e913201f8f8aeec04c\Kies.ni.exe MOD - [2013-10-19 00:55:02 | 025,100,288 | ---- | M] () -- C:\Users\yaro\AppData\Roaming\Dropbox\bin\libcef.dll MOD - [2013-10-12 08:35:54 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll MOD - [2013-10-12 08:35:24 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll MOD - [2013-10-12 08:35:07 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll MOD - [2013-10-12 08:35:05 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll MOD - [2013-10-12 08:34:54 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll MOD - [2013-08-16 16:27:23 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll MOD - [2013-08-16 16:03:59 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll MOD - [2013-08-16 15:44:15 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll MOD - [2013-08-16 15:44:06 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll MOD - [2013-08-15 15:38:55 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll MOD - [2013-07-13 09:50:34 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll MOD - [2013-07-12 16:02:20 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013-12-18 20:27:20 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013-12-17 11:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9) SRV - [2013-12-13 08:05:48 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-12-10 21:23:38 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-11-25 19:01:08 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013-09-05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-08-01 15:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012-05-13 12:30:40 | 000,018,432 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe -- (wampapache) SRV - [2012-04-19 15:02:32 | 008,177,664 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe -- (wampmysqld) SRV - [2011-07-15 14:39:38 | 000,031,232 | ---- | M] (SoftwareForMe Inc) [Auto | Stopped] -- C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe -- (PhoneMyPC_Helper) SRV - [2010-07-08 15:06:00 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-06-09 10:24:34 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\System32\dgdersvc.exe -- (dgdersvc) SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-04-30 10:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service) SRV - [2007-05-31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2006-05-24 07:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\Windows\System32\StkASv2K.exe -- (StkASSrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\BatteryCare\WinRing0.sys -- (WinRing0_1_2_0) DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\TfSysMon.sys -- (TfSysMon) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TfNetMon.sys -- (TfNetMon) DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\TfFsMon.sys -- (TfFsMon) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ahx3twcr) DRV - [2013-12-18 20:27:25 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2013-12-18 20:27:25 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013-11-25 19:02:25 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013-08-20 07:02:14 | 000,182,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) DRV - [2013-08-20 07:02:14 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) DRV - [2013-02-22 18:44:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2012-06-27 14:18:52 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2012-04-17 17:44:37 | 000,145,280 | ---- | M] (ITE ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IT9135BDA.sys -- (IT9135BDA) DRV - [2012-01-09 16:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2012-01-09 16:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2012-01-09 16:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2012-01-09 16:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2012-01-09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2012-01-09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011-05-13 02:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2011-05-13 02:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) DRV - [2011-05-13 02:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) DRV - [2011-05-13 02:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) DRV - [2011-05-13 02:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2010-11-20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB) DRV - [2010-11-20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-07-26 14:17:06 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv) DRV - [2010-07-26 14:15:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010-04-27 03:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2010-04-27 03:25:16 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd) DRV - [2010-04-27 03:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) DRV - [2010-04-27 03:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV - [2010-04-27 03:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2010-04-27 03:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) DRV - [2010-04-27 03:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2010-03-12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl) DRV - [2009-12-30 11:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt) DRV - [2009-12-19 15:02:55 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2009-08-13 07:23:02 | 000,022,528 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcp.sys -- (BthAvrcp) DRV - [2009-07-13 23:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2009-07-13 23:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009-07-13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) DRV - [2008-09-12 19:40:38 | 000,061,568 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\silabser.sys -- (silabser) DRV - [2008-09-12 19:40:38 | 000,017,920 | ---- | M] (Silicon Laboratories, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\silabenm.sys -- (silabenm) DRV - [2006-11-15 10:32:44 | 000,242,139 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkAMini.sys -- (StkAMini) DRV - [2006-11-10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc) DRV - [2006-07-24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-06-27 11:27:18 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkScan.sys -- (StkScan) DRV - [2002-01-12 16:30:34 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PortTalk.sys -- (PortTalk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-295604583-267285963-2606757622-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=128 IE - HKU\S-1-5-21-295604583-267285963-2606757622-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-295604583-267285963-2606757622-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-295604583-267285963-2606757622-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-295604583-267285963-2606757622-1001\..\SearchScopes\{EA5E006C-994E-43B9-BF28-20E21F20AD55}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms}&rlz=1I7ADSA_pl IE - HKU\S-1-5-21-295604583-267285963-2606757622-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\yaro\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\yaro\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\yaro\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\yaro\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\yaro\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\yaro\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files\Mozilla Sunbird\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013-12-13 08:05:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\yaro\AppData\Roaming\IDM\idmmzcc [2013-04-06 21:02:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\yaro\AppData\Roaming\mozilla\Extensions [2009-12-18 21:14:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\yaro\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013-04-06 21:02:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\yaro\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28} [2013-02-28 19:07:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\yaro\AppData\Roaming\mozilla\Firefox\extensions [2013-02-24 13:48:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.gazeta.pl/0,0.html?p=128 CHR - plugin: Shockwave Flash (Enabled) = C:\Users\yaro\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\yaro\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\yaro\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Users\yaro\AppData\Local\Google\Chrome\Application\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Users\yaro\AppData\Local\Google\Chrome\Application\plugins\nprpjplug.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\yaro\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\yaro\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\yaro\AppData\Roaming\Mozilla\plugins\npo1d.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U15 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll CHR - plugin: Facebook Desktop (Enabled) = C:\Users\yaro\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll CHR - plugin: Java Deployment Toolkit 7.0.150.3 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: Adblock Plus = C:\Users\yaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\ CHR - Extension: Wappalyzer = C:\Users\yaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg\2.26_0\ CHR - Extension: Speed Dial 2 = C:\Users\yaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\1.7.5_0\ CHR - Extension: Skype Click to Call = C:\Users\yaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\ CHR - Extension: Google Wallet = C:\Users\yaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\ O1 HOSTS File: ([2010-02-12 20:21:55 | 000,000,851 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 registeridm.com O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmileysWeLoveToolbar) - {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} - C:\Program Files\Smileys We Love Toolbar for IE\adxloader.dll () O2 - BHO: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp) O3 - HKLM\..\Toolbar: (SmileysWeLove) - {CF0F43AB-9C23-4D7B-8040-201B82844854} - C:\Program Files\Smileys We Love Toolbar for IE\adxloader.dll () O3 - HKLM\..\Toolbar: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp) O3 - HKU\S-1-5-21-295604583-267285963-2606757622-1001\..\Toolbar\ShellBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp) O3 - HKU\S-1-5-21-295604583-267285963-2606757622-1001\..\Toolbar\WebBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKU\S-1-5-21-295604583-267285963-2606757622-1001..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKU\S-1-5-21-295604583-267285963-2606757622-1001..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-295604583-267285963-2606757622-1001..\Run: [UpdateChecker] C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe (SqueakyChocolate, LLC) O4 - HKU\S-1-5-21-295604583-267285963-2606757622-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\yaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\yaro\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O7 - HKU\S-1-5-21-295604583-267285963-2606757622-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.) O8 - Extra context menu item: Link to &MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm () O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-295604583-267285963-2606757622-1001\..Trusted Domains: dyndns.org ([raciborska1] http in Zaufane witryny) O15 - HKU\S-1-5-21-295604583-267285963-2606757622-1001\..Trusted Domains: mks.com.pl ([www] http in Zaufane witryny) O15 - HKU\S-1-5-21-295604583-267285963-2606757622-1001\..Trusted Domains: secure-tech.pl ([www] https in Zaufane witryny) O16 - DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} http://91.224.146.108/webrec.cab (SurveillanceCtrl Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 10.45.2) O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 10.45.2) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.62 62.179.1.63 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3433E74F-1214-4507-82C5-B2F248BD5F53}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B52D91A-2F98-40A7-8DC9-D40D4512FAF0}: DhcpNameServer = 62.179.1.62 62.179.1.63 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A7DC9FF-39D6-47FB-BC24-9EBFB007FCC0}: DhcpNameServer = 62.179.1.62 62.179.1.63 O18 - Protocol\Handler\ic32pp {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\Windows\wc98pp.dll () O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012-07-27 21:02:35 | 000,250,082 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O33 - MountPoints2\{56c3fda2-eca7-11de-97b9-00030d6a2069}\Shell - "" = AutoRun O33 - MountPoints2\{56c3fda2-eca7-11de-97b9-00030d6a2069}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\{640333e2-7782-11e3-9ef1-002127e08da1}\Shell - "" = AutoRun O33 - MountPoints2\{640333e2-7782-11e3-9ef1-002127e08da1}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{640333f5-7782-11e3-9ef1-002127e08da1}\Shell - "" = AutoRun O33 - MountPoints2\{640333f5-7782-11e3-9ef1-002127e08da1}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{d2dcc9d3-7784-11e3-902a-002127e08da1}\Shell - "" = AutoRun O33 - MountPoints2\{d2dcc9d3-7784-11e3-902a-002127e08da1}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKU\S-1-5-21-295604583-267285963-2606757622-1001..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-01-02 20:50:43 | 000,000,000 | ---D | C] -- C:\Users\yaro\AppData\Roaming\com.efile.epity2013 [2014-01-02 20:50:16 | 000,000,000 | ---D | C] -- C:\Users\yaro\AppData\Roaming\fillUp [2013-12-22 20:46:46 | 000,000,000 | ---D | C] -- C:\Users\yaro\AppData\Roaming\SuperMemo World [2013-12-22 20:46:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMemo UX [2013-12-22 20:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\SuperMemo UX [2013-12-22 20:45:41 | 000,327,168 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn0415.exe [2013-12-14 12:15:55 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2013-12-14 12:14:17 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013-12-14 12:14:15 | 002,877,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013-12-14 12:14:14 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013-12-14 12:14:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013-12-14 12:14:12 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013-12-14 12:14:11 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013-12-14 12:14:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013-12-14 12:14:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013-12-14 12:14:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013-12-14 12:14:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013-12-13 08:18:41 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2013-12-13 08:18:39 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys [2013-12-13 08:18:39 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys [2013-12-13 08:18:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2013-12-13 08:18:11 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe [2013-12-13 08:17:55 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013-12-13 08:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2013-12-10 21:23:25 | 009,293,192 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe [2013-12-10 19:22:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2013-10-01 16:15:18 | 005,433,552 | ---- | C] (PC Cleaners) -- C:\ProgramData\pclunst.exe [2011-03-29 16:09:32 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe21E4.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-01-07 21:17:35 | 000,746,954 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2014-01-07 21:17:35 | 000,665,050 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014-01-07 21:17:35 | 000,153,720 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2014-01-07 21:17:35 | 000,125,118 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014-01-07 21:15:02 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-01-07 21:00:12 | 000,013,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-01-07 21:00:12 | 000,013,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-01-07 20:50:48 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-01-07 20:50:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-01-07 20:50:26 | 1609,375,744 | -HS- | M] () -- C:\hiberfil.sys [2014-01-07 18:23:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-01-07 18:03:36 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-295604583-267285963-2606757622-1001Core.job [2014-01-07 17:56:08 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-295604583-267285963-2606757622-1001UA.job [2014-01-07 12:35:44 | 000,001,053 | ---- | M] () -- C:\Users\yaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-01-07 12:34:57 | 000,001,019 | ---- | M] () -- C:\Users\yaro\Desktop\Dropbox.lnk [2014-01-04 12:39:43 | 000,033,382 | ---- | M] () -- C:\Users\yaro\Desktop\Sztanga i Cash - Pain Gain 2013 [DVDRip XviD] [Lektor PL][Torrenty.org].torrent [2014-01-02 20:50:32 | 000,001,109 | ---- | M] () -- C:\Users\yaro\Desktop\e-pity 2013 - program, pity roczne, e-deklaracje.lnk [2013-12-30 19:36:35 | 000,481,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013-12-30 17:49:28 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk [2013-12-22 20:49:00 | 000,000,998 | ---- | M] () -- C:\Users\Public\Desktop\SuperMemo UX.lnk [2013-12-18 20:27:26 | 000,069,240 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avnetflt.sys [2013-12-18 20:27:25 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2013-12-18 20:27:25 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2013-12-17 20:57:07 | 000,011,264 | -H-- | M] () -- C:\Users\yaro\Desktop\photothumb.db [2013-12-10 21:23:38 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013-12-10 21:23:38 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013-12-10 21:23:25 | 009,293,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-01-04 12:39:41 | 000,033,382 | ---- | C] () -- C:\Users\yaro\Desktop\Sztanga i Cash - Pain Gain 2013 [DVDRip XviD] [Lektor PL][Torrenty.org].torrent [2014-01-02 20:50:32 | 000,001,139 | ---- | C] () -- C:\Users\yaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\e-pity 2013 - program, pity roczne, e-deklaracje.lnk [2014-01-02 20:50:32 | 000,001,109 | ---- | C] () -- C:\Users\yaro\Desktop\e-pity 2013 - program, pity roczne, e-deklaracje.lnk [2013-12-30 17:49:28 | 000,001,060 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk [2013-12-30 17:49:28 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk [2013-12-22 20:46:02 | 000,000,998 | ---- | C] () -- C:\Users\Public\Desktop\SuperMemo UX.lnk [2013-10-04 07:42:16 | 001,009,283 | ---- | C] () -- C:\Users\yaro\IMAG0234.jpg [2013-10-04 07:42:01 | 001,064,714 | ---- | C] () -- C:\Users\yaro\IMAG0233.jpg [2013-10-04 07:36:04 | 001,064,974 | ---- | C] () -- C:\Users\yaro\IMAG0217.jpg [2013-10-04 07:35:35 | 001,054,177 | ---- | C] () -- C:\Users\yaro\IMAG0219.jpg [2013-10-04 07:35:18 | 001,117,824 | ---- | C] () -- C:\Users\yaro\IMAG0220.jpg [2013-10-04 07:35:02 | 001,089,975 | ---- | C] () -- C:\Users\yaro\IMAG0221.jpg [2013-10-04 07:34:43 | 001,381,420 | ---- | C] () -- C:\Users\yaro\IMAG0228.jpg [2013-10-02 15:29:01 | 000,071,367 | ---- | C] () -- C:\Users\yaro\1345371479059914400.jpg [2013-07-18 14:32:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2013-06-08 16:13:59 | 000,051,712 | ---- | C] () -- C:\Windows\wc98pp.dll [2013-05-10 20:12:17 | 000,004,079 | ---- | C] () -- C:\Users\yaro\wp-config.php [2012-09-04 22:17:02 | 000,027,976 | ---- | C] () -- C:\Windows\System32\solidlocalmon.dll [2012-09-04 22:17:02 | 000,019,272 | ---- | C] () -- C:\Windows\System32\solidlocalui.dll [2012-08-12 14:46:17 | 000,005,504 | ---- | C] () -- C:\Users\yaro\ryw32.lc [2012-04-17 17:46:30 | 000,000,014 | ---- | C] () -- C:\Windows\System32\SysInfo_6.dll [2012-04-04 21:29:06 | 000,000,224 | R--- | C] () -- C:\Windows\System32\AF15IRTBL.bin [2011-08-27 18:27:56 | 000,005,855 | ---- | C] () -- C:\Users\yaro\.recently-used.xbel [2011-04-22 13:34:03 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2011-03-29 17:52:37 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010-03-04 20:27:50 | 000,027,648 | ---- | C] () -- C:\Users\yaro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-18 23:36:25 | 000,007,597 | ---- | C] () -- C:\Users\yaro\AppData\Local\Resmon.ResmonCfg [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2011-12-26 14:00:09 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\.minecraft [2013-05-22 17:04:28 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Artisteer [2010-02-12 15:56:52 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Ashampoo [2013-06-27 16:41:05 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\BESTplayer [2010-02-12 20:10:15 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\BinarySense [2011-02-11 16:56:55 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\BitComet [2012-02-24 16:57:42 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\BITS [2010-12-23 10:06:07 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\BitTorrent [2011-03-01 18:17:41 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\CCTVCAD [2014-01-02 20:50:43 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\com.efile.epity2013 [2013-12-22 20:45:02 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\DAEMON Tools Lite [2013-02-02 15:42:39 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\DC++ [2010-02-12 20:02:44 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\DeepBurner [2011-02-05 12:58:24 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\DeviceDoctorSoftware [2010-02-14 15:01:44 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\DMCache [2013-06-17 19:51:24 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\DraftSight [2014-01-07 20:53:06 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Dropbox [2010-09-18 17:17:48 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\DSC [2010-01-19 19:11:06 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2013-01-16 20:41:59 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\efile.epity2012 [2010-02-12 19:57:45 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Elaborate Bytes [2013-01-08 22:40:43 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\EurekaLog [2010-01-01 15:16:30 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Expression Media 2 [2011-09-20 16:09:09 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\FileZilla [2014-01-02 20:50:16 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\fillUp [2010-02-12 20:21:26 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\FlashGet [2012-09-04 21:19:16 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Free PDF to Word Converter [2011-01-07 20:16:38 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Gadu-Gadu 10 [2014-01-05 13:37:19 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\GG [2013-05-17 18:57:50 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\GHISLER [2010-02-16 20:55:00 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\GlarySoft [2013-12-17 14:11:03 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\GPRS_T1T2 [2011-07-30 08:48:33 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\gtk-2.0 [2013-08-28 08:58:45 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\HD Tune Pro [2010-02-14 16:20:32 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\IDM [2013-03-07 20:50:26 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\IGC [2011-02-11 17:01:52 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\ipla [2013-05-11 14:49:50 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\IsolatedStorage [2012-12-08 18:00:23 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\J-Runner [2010-09-30 14:17:56 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Jablotron [2011-07-13 14:31:18 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\MAGIX [2012-08-12 16:13:04 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\mojosoft [2012-04-07 09:24:10 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\NapiProjekt [2011-07-17 15:44:34 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\NCH Swift Sound [2012-09-22 12:51:13 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Nokia [2013-04-23 18:13:44 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Notepad++ [2013-10-31 20:59:24 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\OpenCandy [2009-12-19 10:51:00 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\OpenFM [2013-10-19 10:13:14 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\OpenOffice [2009-12-18 22:46:09 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\OpenOffice.org [2013-10-01 17:08:45 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\PC Cleaners [2012-09-22 12:44:43 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\PC Suite [2013-10-01 16:09:25 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\PCPro [2011-04-02 14:01:13 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\PhotoScape [2011-01-07 12:15:51 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\RDRM [2012-08-01 19:44:21 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Samsung [2011-07-13 20:18:38 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Serif [2013-06-17 19:35:30 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\SketchUp [2013-11-08 16:37:04 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\SmileysWeLove [2013-05-01 11:00:15 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Softland [2011-02-01 17:53:05 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\SolidDocuments [2013-12-08 16:55:46 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Solvusoft [2012-02-04 18:39:12 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\SumatraPDF [2013-12-22 20:46:46 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\SuperMemo World [2013-12-18 21:48:49 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\TeamViewer [2010-09-07 10:05:50 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Thinstall [2009-12-18 21:14:46 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Thunderbird [2013-06-17 19:33:05 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\Trimble Navigation Limited [2010-02-12 20:35:18 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\URSoft [2014-01-07 21:21:31 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\uTorrent [2010-07-22 21:14:55 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\VS Revo Group [2013-06-05 20:30:41 | 000,000,000 | ---D | M] -- C:\Users\yaro\AppData\Roaming\XnView [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2013-11-25 09:57:43 | 105,952,601 | ---- | M] ()(C:\Windows\System32\???e) -- C:\Windows\System32\砃ᵟ᱄e [2013-11-25 09:57:43 | 105,952,601 | ---- | C] ()(C:\Windows\System32\???e) -- C:\Windows\System32\砃ᵟ᱄e [2013-11-18 21:51:14 | 104,986,035 | ---- | M] ()(C:\Windows\System32\???t) -- C:\Windows\System32\퓹랝᱄t [2013-11-18 21:51:14 | 104,986,035 | ---- | C] ()(C:\Windows\System32\???t) -- C:\Windows\System32\퓹랝᱄t [2013-11-17 21:34:49 | 104,760,117 | ---- | M] ()(C:\Windows\System32\???n) -- C:\Windows\System32\Ζ䤆᱄n [2013-11-17 21:34:49 | 104,760,117 | ---- | C] ()(C:\Windows\System32\???n) -- C:\Windows\System32\Ζ䤆᱄n [2013-11-14 18:55:33 | 104,278,918 | ---- | M] ()(C:\Windows\System32\???i) -- C:\Windows\System32\䟊᱄i [2013-11-14 18:55:33 | 104,278,918 | ---- | C] ()(C:\Windows\System32\???i) -- C:\Windows\System32\䟊᱄i [2013-11-13 21:53:00 | 104,137,907 | ---- | M] ()(C:\Windows\System32\???_) -- C:\Windows\System32\ꗣᐮ᱄_ [2013-11-13 21:53:00 | 104,137,907 | ---- | C] ()(C:\Windows\System32\???_) -- C:\Windows\System32\ꗣᐮ᱄_ [2013-11-10 18:55:41 | 103,551,423 | ---- | M] ()(C:\Windows\System32\???h) -- C:\Windows\System32\셦豛᱄h [2013-11-10 18:55:41 | 103,551,423 | ---- | C] ()(C:\Windows\System32\???h) -- C:\Windows\System32\셦豛᱄h [2013-11-10 11:31:57 | 103,467,942 | ---- | M] ()(C:\Windows\System32\???a) -- C:\Windows\System32\㑲᱄a [2013-11-10 11:31:57 | 103,467,942 | ---- | C] ()(C:\Windows\System32\???a) -- C:\Windows\System32\㑲᱄a [2013-11-05 18:15:14 | 105,048,247 | ---- | M] ()(C:\Windows\System32\???e) -- C:\Windows\System32\䅓弩᱄e [2013-11-05 18:15:14 | 105,048,247 | ---- | C] ()(C:\Windows\System32\???e) -- C:\Windows\System32\䅓弩᱄e [2013-11-01 18:56:01 | 104,569,497 | ---- | M] ()(C:\Windows\System32\???`) -- C:\Windows\System32\혇轎᱄` [2013-11-01 18:56:01 | 104,569,497 | ---- | C] ()(C:\Windows\System32\???`) -- C:\Windows\System32\혇轎᱄` [2013-10-30 18:55:18 | 104,185,711 | ---- | M] ()(C:\Windows\System32\???d) -- C:\Windows\System32\ヤ᱄d [2013-10-30 18:55:18 | 104,185,711 | ---- | C] ()(C:\Windows\System32\???d) -- C:\Windows\System32\ヤ᱄d [2013-10-26 17:55:21 | 103,108,672 | ---- | M] ()(C:\Windows\System32\???m) -- C:\Windows\System32\ঁ誸᱄m [2013-10-26 17:55:21 | 103,108,672 | ---- | C] ()(C:\Windows\System32\???m) -- C:\Windows\System32\ঁ誸᱄m [2013-10-24 17:05:07 | 102,837,954 | ---- | M] ()(C:\Windows\System32\???f) -- C:\Windows\System32\䉎珠᱄f [2013-10-24 17:05:07 | 102,837,954 | ---- | C] ()(C:\Windows\System32\???f) -- C:\Windows\System32\䉎珠᱄f [2013-10-18 17:55:40 | 101,792,164 | ---- | M] ()(C:\Windows\System32\???n) -- C:\Windows\System32\䣝捃᱄n [2013-10-18 17:55:40 | 101,792,164 | ---- | C] ()(C:\Windows\System32\???n) -- C:\Windows\System32\䣝捃᱄n [2013-10-14 19:42:39 | 100,975,419 | ---- | M] ()(C:\Windows\System32\???f) -- C:\Windows\System32\茈赧᱄f [2013-10-14 19:42:39 | 100,975,419 | ---- | C] ()(C:\Windows\System32\???f) -- C:\Windows\System32\茈赧᱄f [2013-10-12 22:12:20 | 100,651,105 | ---- | M] ()(C:\Windows\System32\???g) -- C:\Windows\System32\䌨羱᱄g [2013-10-12 22:12:20 | 100,651,105 | ---- | C] ()(C:\Windows\System32\???g) -- C:\Windows\System32\䌨羱᱄g [2013-10-02 17:17:22 | 098,743,931 | ---- | M] ()(C:\Windows\System32\???[) -- C:\Windows\System32\ꭣᾔ᱄[ [2013-10-02 17:17:22 | 098,743,931 | ---- | C] ()(C:\Windows\System32\???[) -- C:\Windows\System32\ꭣᾔ᱄[ [2013-10-01 14:07:16 | 098,609,238 | ---- | M] ()(C:\Windows\System32\???d) -- C:\Windows\System32\驧뺑᱄d [2013-10-01 14:07:16 | 098,609,238 | ---- | C] ()(C:\Windows\System32\???d) -- C:\Windows\System32\驧뺑᱄d [2013-10-01 11:06:49 | 098,609,238 | ---- | M] ()(C:\Windows\System32\???b) -- C:\Windows\System32\뫥㦟᱄b [2013-10-01 11:06:49 | 098,609,238 | ---- | C] ()(C:\Windows\System32\???b) -- C:\Windows\System32\뫥㦟᱄b [2013-09-29 11:34:09 | 098,462,899 | ---- | M] ()(C:\Windows\System32\???w) -- C:\Windows\System32\⣏ዙ᱄w [2013-09-29 11:34:09 | 098,462,899 | ---- | C] ()(C:\Windows\System32\???w) -- C:\Windows\System32\⣏ዙ᱄w [2013-09-21 17:55:21 | 098,547,399 | ---- | M] ()(C:\Windows\System32\???c) -- C:\Windows\System32\㈦罨᱄c [2013-09-21 12:42:58 | 098,547,399 | ---- | C] ()(C:\Windows\System32\???c) -- C:\Windows\System32\㈦罨᱄c [2013-09-19 19:31:33 | 098,395,704 | ---- | M] ()(C:\Windows\System32\???c) -- C:\Windows\System32\ࣲઊ᱄c [2013-09-19 19:31:33 | 098,395,704 | ---- | C] ()(C:\Windows\System32\???c) -- C:\Windows\System32\ࣲઊ᱄c [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 169 bytes -> C:\ProgramData\TEMP:B3D74A13 @Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 1386 bytes -> C:\ProgramData\TEMP:AC699DE1 @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:0A8E2C33 @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8 < End of report >