OTL logfile created on: 2014-04-14 22:15:44 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mateusz\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,99 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 57,16% Memory free
6,22 Gb Paging File | 5,10 Gb Available in Paging File | 82,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,17 Gb Total Space | 74,25 Gb Free Space | 51,50% Space Free | Partition Type: NTFS
Drive D: | 144,15 Gb Total Space | 63,76 Gb Free Space | 44,23% Space Free | Partition Type: NTFS
Drive G: | 1,84 Gb Total Space | 1,84 Gb Free Space | 99,90% Space Free | Partition Type: FAT
 
Computer Name: MATEUSZ-ACER | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-04-14 21:39:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe
PRC - [2014-04-09 15:37:51 | 000,350,496 | ---- | M] () -- C:\Program Files\FindRight\updateFindRight.exe
PRC - [2014-04-09 15:04:40 | 000,350,496 | ---- | M] () -- C:\Program Files\FindRight\bin\utilFindRight.exe
PRC - [2014-03-13 11:21:09 | 000,070,848 | ---- | M] () -- C:\Program Files\Mobogenie\MgAssist.exe
PRC - [2014-03-13 11:21:08 | 000,764,096 | ---- | M] () -- C:\Program Files\Mobogenie\DaemonProcess.exe
PRC - [2014-01-16 02:40:24 | 000,277,920 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
PRC - [2013-10-12 02:00:36 | 001,920,824 | ---- | M] (AVG) -- C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesApp32.exe
PRC - [2013-10-12 02:00:34 | 001,739,064 | ---- | M] (AVG) -- C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesService32.exe
PRC - [2013-07-04 20:07:13 | 000,246,112 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
PRC - [2013-03-25 12:26:05 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\javaw.exe
PRC - [2012-12-18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2011-11-09 19:10:25 | 000,319,280 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2011-09-30 15:05:57 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Mateusz\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2011-07-11 23:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- D:\programy\winamp\winampa.exe
PRC - [2011-03-14 17:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2011-03-14 17:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2009-06-18 11:04:36 | 000,772,096 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2008-10-29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-09-30 13:48:28 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008-08-07 03:18:52 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008-07-25 05:40:24 | 000,809,480 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008-05-13 00:11:09 | 000,341,280 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\SAService.exe
PRC - [2008-04-30 19:02:40 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008-04-18 15:18:02 | 000,167,936 | ---- | M] (Acer Corp.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2008-04-10 16:30:20 | 000,167,936 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2008-04-10 16:30:14 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008-03-21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008-03-20 07:03:48 | 002,376,992 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008-03-18 21:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008-03-07 03:36:12 | 000,544,768 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2008-03-05 11:56:30 | 001,216,512 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2008-03-04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008-03-04 23:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008-01-21 04:24:13 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008-01-21 04:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2008-01-16 18:35:02 | 000,081,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008-01-10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2007-12-06 16:15:28 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2007-10-23 10:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2007-08-24 23:57:48 | 000,036,640 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
PRC - [2007-08-24 04:00:40 | 000,023,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2007-08-15 12:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007-08-04 03:08:06 | 000,749,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2007-08-03 22:33:14 | 000,582,992 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2007-07-25 01:41:52 | 000,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2007-07-24 12:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2007-07-18 15:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2007-07-13 07:14:56 | 000,265,040 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcuimgr.exe
PRC - [2007-03-27 12:00:32 | 000,196,608 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Acer VCM\acp2HID.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014-03-13 11:21:08 | 000,764,096 | ---- | M] () -- C:\Program Files\Mobogenie\DaemonProcess.exe
MOD - [2014-03-13 11:21:08 | 000,474,816 | ---- | M] () -- C:\Program Files\Mobogenie\DCR.dll
MOD - [2014-03-13 11:21:08 | 000,065,728 | ---- | M] () -- C:\Program Files\Mobogenie\Device.dll
MOD - [2011-10-03 09:35:20 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e3180b4230f052996adb81da3dc64ad0\System.Management.ni.dll
MOD - [2011-10-03 08:14:10 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c933fd5d1d27f268331890d7ddba8fec\System.ServiceProcess.ni.dll
MOD - [2011-10-03 08:13:59 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll
MOD - [2011-10-03 08:11:58 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
MOD - [2011-10-03 08:11:26 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll
MOD - [2011-10-03 08:11:08 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll
MOD - [2011-10-03 08:10:41 | 006,616,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ca69ec9d6589d3526ee38212ef28e2bb\System.Data.ni.dll
MOD - [2011-10-03 08:09:13 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
MOD - [2011-10-03 08:08:44 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2008-09-16 00:24:41 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008-07-27 20:03:15 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008-05-13 00:32:57 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll
MOD - [2008-05-13 00:32:57 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll
MOD - [2008-05-13 00:32:57 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
MOD - [2008-05-13 00:11:09 | 000,011,552 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\saHook.dll
MOD - [2008-04-30 16:00:02 | 000,204,800 | ---- | M] () -- C:\Windows\System32\SysHook.dll
MOD - [2008-04-10 16:30:22 | 000,753,664 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008-04-10 16:30:18 | 000,007,680 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
MOD - [2008-04-04 02:54:32 | 000,003,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
MOD - [2008-03-04 23:38:16 | 000,227,888 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2007-10-23 10:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2007-09-11 11:12:08 | 000,475,136 | ---- | M] () -- C:\Program Files\Acer\Acer VCM\AcerControl.dll
MOD - [2007-08-24 23:57:48 | 000,036,640 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
MOD - [2007-08-24 23:57:10 | 000,910,624 | ---- | M] () -- C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
MOD - [2003-06-07 23:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2014-04-09 15:37:51 | 000,350,496 | ---- | M] () [Auto | Running] -- C:\Program Files\FindRight\updateFindRight.exe -- (Update FindRight)
SRV - [2014-04-09 15:04:40 | 000,350,496 | ---- | M] () [Auto | Running] -- C:\Program Files\FindRight\bin\utilFindRight.exe -- (Util FindRight)
SRV - [2014-03-19 16:07:24 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice_tmp.exe -- (MozillaMaintenance)
SRV - [2014-03-13 11:21:09 | 000,070,848 | ---- | M] () [Auto | Running] -- C:\Program Files\Mobogenie\MgAssist.exe -- (MgAssistService)
SRV - [2014-03-12 18:02:19 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-01-16 02:39:44 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-10-12 02:00:34 | 001,739,064 | ---- | M] (AVG) [Auto | Running] -- C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013-07-04 20:07:13 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)
SRV - [2012-12-18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2011-10-14 18:01:21 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011-03-14 17:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2008-09-30 13:48:28 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008-05-13 00:11:09 | 000,341,280 | ---- | M] () [Auto | Running] -- C:\Program Files\SiteAdvisor\6172\SAService.exe -- (SiteAdvisor Service)
SRV - [2008-03-21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008-03-20 07:03:48 | 002,376,992 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008-03-18 21:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008-03-04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-21 04:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008-01-21 04:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2008-01-16 18:35:02 | 000,081,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008-01-10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2007-12-06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007-08-24 04:00:40 | 000,023,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\msksrver.exe -- (MSK80Service)
SRV - [2007-08-15 12:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2007-08-04 03:08:06 | 000,749,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2007-07-25 02:16:16 | 000,378,184 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2007-07-25 01:41:52 | 000,695,624 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2007-07-24 12:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2007-07-18 15:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MpfSrv.exe -- (MpfService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2014-03-26 08:04:29 | 000,055,224 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\tStLibG.sys -- (tStLibG)
DRV - [2013-09-18 11:14:34 | 000,012,320 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2013-07-04 20:07:20 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2013-07-04 20:07:20 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2013-07-04 20:07:20 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2013-07-04 20:07:20 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2012-03-11 16:55:11 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010-02-16 06:38:12 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009-03-25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009-03-25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2009-03-25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2009-03-25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009-03-25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2009-03-25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2009-03-25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008-04-18 15:01:24 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008-04-12 03:55:04 | 000,084,240 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008-04-06 04:56:08 | 000,908,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008-04-03 10:26:00 | 007,444,672 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008-04-03 10:26:00 | 000,043,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008-03-21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008-03-01 01:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008-01-21 04:23:26 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008-01-16 18:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel)
DRV - [2007-07-24 12:02:36 | 000,033,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007-07-24 07:40:36 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2007-07-21 09:08:24 | 000,201,288 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2007-07-21 09:08:24 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2007-07-21 09:08:24 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2007-07-13 09:21:12 | 000,125,728 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=dpgppc&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=UP31DF&PC=UP31&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=dpgppc&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=1101316&mntrId=240e99d10000000000000022694fd779
IE - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/mb68/?search={searchTerms}&loc=search_box&u=92823368497462057
IE - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: "Facemoods Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledAddons: %7BEB9394A3-4AD6-4918-9537-31A1FD8E8EDF%7D:2.0
FF - prefs.js..extensions.enabledAddons: %7B42e50651-9669-456e-9081-d5a836274274%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: %7Bd40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0%7D:10.29.0.520
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..keyword.URL: "http://mystart.incredimail.com/mb68/?loc=ff_address_bar&u=92823368497462057&search="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Mateusz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: D:\programy\mozilla\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: D:\programy\mozilla\plugins [2013-12-20 20:20:50 | 000,000,000 | ---D | M]
 
[2011-09-30 15:58:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions
[2014-04-02 19:48:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\wc2katom.default\extensions
[2014-04-02 19:48:39 | 000,000,000 | ---D | M] (IncrediMail MediaBar 2) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\wc2katom.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}
[2011-11-21 19:49:10 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\wc2katom.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2012-01-03 13:14:14 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\wc2katom.default\extensions\ffxtlbr@babylon.com
[2013-01-28 19:39:19 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\firefox\profiles\wc2katom.default\extensions\IplextoALL@ALLPlayer.org.xpi
[2014-03-03 20:56:33 | 000,014,830 | ---- | M] () (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\firefox\profiles\wc2katom.default\extensions\YouTubetoALL@ALLPlayer.org.xpi
[2012-02-14 10:01:49 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\firefox\profiles\wc2katom.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2014-02-27 14:59:23 | 000,008,049 | ---- | M] () (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\firefox\profiles\wc2katom.default\extensions\{42e50651-9669-456e-9081-d5a836274274}.xpi
[2014-03-16 10:12:42 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\firefox\profiles\wc2katom.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011-11-21 19:49:05 | 000,002,207 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\mozilla\firefox\profiles\wc2katom.default\searchplugins\MyStart Search.xml
[2011-11-23 10:49:42 | 000,002,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.154\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = D:\programy\mozilla\plugins\NPOFF12.DLL
CHR - plugin: Winamp Application Detector (Enabled) = D:\programy\mozilla\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: McAfee Security Scan+ = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh\3.8.141.12_0\
CHR - Extension: Skype Click to Call = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.0.14735.1561_0\
CHR - Extension: Google Wallet = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
 
O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Reg Error: Value error.) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll ()
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (FindRight) - {2c774641-5504-46a8-b63f-6715ae3fe376} - C:\Program Files\FindRight\FindRightBHO.dll (FindRight)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\Program Files\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (ALLYouTubeDownloader) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLYouTubeDownloader\ALLYouTubeDownloader.dll (ALLCinema Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\programy\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe ()
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [WinampAgent] D:\programy\winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1051359795-92314991-2884734444-1000..\Run: [ALLUpdate] D:\programy\ALLPlayer\ALLUpdate.exe (ALLPlayer Group Ltd.)
O4 - HKU\S-1-5-21-1051359795-92314991-2884734444-1000..\Run: [DAEMON Tools Lite] D:\programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1051359795-92314991-2884734444-1000..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1051359795-92314991-2884734444-1000..\Run: [Galileo] C:\Users\Mateusz\Desktop\Galileo\galileo.exe ()
O4 - HKU\S-1-5-21-1051359795-92314991-2884734444-1000..\Run: [NextLive] C:\Users\Mateusz\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O4 - HKU\S-1-5-21-1051359795-92314991-2884734444-1000..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\S-1-5-21-1051359795-92314991-2884734444-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 39377 = c:\progra~2\msaakn.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 0
O7 - HKU\S-1-5-21-1051359795-92314991-2884734444-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A4F4045-BF2B-476C-B2B6-3DF2B7FDE4AC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F707F7B-11BB-4B3F-928B-41D04C8E5514}: DhcpNameServer = 193.189.244.206 193.189.244.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1723257-5DFF-46A8-A01A-ED51EFAE8057}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (Userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp
O24 - Desktop BackupWallPaper: C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-10-21 19:14:41 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-10-21 21:05:11 | 000,000,000 | ---D | M] - D:\Autocad10 instalka -- [ NTFS ]
O33 - MountPoints2\{0005b0ea-0b66-11e1-84ce-001d72ca09a1}\Shell - "" = AutoRun
O33 - MountPoints2\{0005b0ea-0b66-11e1-84ce-001d72ca09a1}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{85ef1711-69f5-11e1-8117-001d72ca09a1}\Shell - "" = AutoRun
O33 - MountPoints2\{85ef1711-69f5-11e1-8117-001d72ca09a1}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{d981b24c-e4d3-11e2-82a9-001d72ca09a1}\Shell - "" = AutoRun
O33 - MountPoints2\{d981b24c-e4d3-11e2-82a9-001d72ca09a1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d981b25b-e4d3-11e2-82a9-001e101faa49}\Shell - "" = AutoRun
O33 - MountPoints2\{d981b25b-e4d3-11e2-82a9-001e101faa49}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-04-14 21:43:37 | 000,000,000 | ---D | C] -- C:\FRST
[2014-04-14 21:41:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe
[2014-04-14 21:41:23 | 001,042,944 | ---- | C] (Farbar) -- C:\Users\Mateusz\Desktop\FRST.exe
[2014-04-13 14:28:59 | 000,000,000 | -HSD | C] -- C:\found.000
[2014-04-04 20:06:58 | 000,036,152 | ---- | C] (AVG) -- C:\Windows\System32\TURegOpt.exe
[2014-04-04 20:06:57 | 000,025,400 | ---- | C] (AVG) -- C:\Windows\System32\authuitu.dll
[2014-04-04 20:06:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014
[2014-04-04 20:06:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\AVG
[2014-04-04 20:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\AVG PC TuneUp 2014
[2014-04-04 20:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2014-04-04 20:02:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2014-03-26 08:04:29 | 000,055,224 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\tStLibG.sys
[2014-03-19 16:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014-03-17 17:49:09 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Skype
[2014-03-17 17:48:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014-03-17 17:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014-02-21 23:12:00 | 000,351,232 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Mateusz\AppData\Roaming\160C1F46.exe
[2014-02-21 22:11:55 | 000,351,232 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Mateusz\AppData\Roaming\15D51BEB.exe
[2014-02-21 21:11:50 | 000,351,232 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Mateusz\AppData\Roaming\159E198A.exe
[2014-02-21 20:11:45 | 000,351,232 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Mateusz\AppData\Roaming\156715C1.exe
[2014-02-21 19:11:39 | 000,351,232 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Mateusz\AppData\Roaming\15300E32.exe
[2014-02-21 18:41:35 | 000,351,232 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Mateusz\AppData\Roaming\15148747.exe
[2014-02-20 21:18:35 | 000,351,232 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Mateusz\AppData\Roaming\107DE8A0.exe
[2014-02-20 20:18:26 | 000,351,232 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Mateusz\AppData\Roaming\1046D482.exe
[2014-02-20 19:18:21 | 000,351,232 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Mateusz\AppData\Roaming\100FD1E3.exe
[2014-02-20 18:18:15 | 000,351,232 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Mateusz\AppData\Roaming\0FD8C9B7.exe
[2014-02-20 17:48:10 | 000,351,232 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Mateusz\AppData\Roaming\0FBD3F72.exe
[2014-02-09 19:25:33 | 000,358,912 | ---- | C] (NirSoft) -- C:\Users\Mateusz\AppData\Roaming\05C40BD0.exe
[2014-02-09 18:55:29 | 000,358,912 | ---- | C] (NirSoft) -- C:\Users\Mateusz\AppData\Roaming\05A883FB.exe
[2014-02-09 18:25:26 | 000,423,424 | ---- | C] (Wondershare                                                 ) -- C:\Users\Mateusz\AppData\Roaming\058D00F6.exe
[2014-02-09 17:25:20 | 000,423,424 | ---- | C] (Wondershare                                                 ) -- C:\Users\Mateusz\AppData\Roaming\0555FABE.exe
[2014-02-09 16:25:15 | 000,423,424 | ---- | C] (Wondershare                                                 ) -- C:\Users\Mateusz\AppData\Roaming\051EF744.exe
[2014-02-09 15:25:10 | 000,423,424 | ---- | C] (Wondershare                                                 ) -- C:\Users\Mateusz\AppData\Roaming\04E7F485.exe
[2014-02-09 14:25:05 | 000,423,424 | ---- | C] (Wondershare                                                 ) -- C:\Users\Mateusz\AppData\Roaming\04B0F1A6.exe
[2014-02-09 13:25:00 | 000,423,424 | ---- | C] (Wondershare                                                 ) -- C:\Users\Mateusz\AppData\Roaming\0479F109.exe
[2014-02-09 12:24:54 | 000,423,424 | ---- | C] (Wondershare                                                 ) -- C:\Users\Mateusz\AppData\Roaming\0442EB4E.exe
[2014-02-09 11:24:49 | 000,423,424 | ---- | C] (Wondershare                                                 ) -- C:\Users\Mateusz\AppData\Roaming\040BE812.exe
[2014-02-09 10:24:45 | 000,423,424 | ---- | C] (Wondershare                                                 ) -- C:\Users\Mateusz\AppData\Roaming\03D4E7E2.exe
[2014-02-09 09:54:41 | 000,423,424 | ---- | C] (Wondershare                                                 ) -- C:\Users\Mateusz\AppData\Roaming\03B960E7.exe
[2014-02-08 19:09:46 | 000,110,592 | ---- | C] (ICQ, LLC.) -- C:\Users\Mateusz\AppData\Roaming\008F3516.exe
[2014-02-08 18:09:42 | 000,110,592 | ---- | C] (ICQ, LLC.) -- C:\Users\Mateusz\AppData\Roaming\0058364D.exe
[2014-02-08 17:09:38 | 000,110,592 | ---- | C] (ICQ, LLC.) -- C:\Users\Mateusz\AppData\Roaming\002135FE.exe
[2014-02-08 16:39:35 | 000,110,592 | ---- | C] (ICQ, LLC.) -- C:\Users\Mateusz\AppData\Roaming\0005B366.exe
[2014-02-08 11:18:10 | 000,110,592 | ---- | C] (ICQ, LLC.) -- C:\Users\Mateusz\AppData\Roaming\13E362FE.exe
[2014-02-08 10:17:46 | 000,110,592 | ---- | C] (ICQ, LLC.) -- C:\Users\Mateusz\AppData\Roaming\13AC171F.exe
[2014-02-08 09:17:42 | 000,110,592 | ---- | C] (ICQ, LLC.) -- C:\Users\Mateusz\AppData\Roaming\13751894.exe
[2014-02-08 08:17:38 | 000,110,592 | ---- | C] (ICQ, LLC.) -- C:\Users\Mateusz\AppData\Roaming\133E1A87.exe
[2014-02-07 22:13:55 | 000,473,600 | ---- | C] (Keeper Classic) -- C:\Users\Mateusz\AppData\Roaming\1115616A.exe
[2014-02-07 21:13:50 | 000,473,600 | ---- | C] (Keeper Classic) -- C:\Users\Mateusz\AppData\Roaming\10DE5D25.exe
[2014-02-07 20:13:45 | 000,473,600 | ---- | C] (Keeper Classic) -- C:\Users\Mateusz\AppData\Roaming\10A7590F.exe
[2013-04-21 16:08:31 | 001,233,920 | R--- | C] (Microsoft Corporation) -- C:\Users\Mateusz\AppData\Roaming\msxml4.dll
[2013-04-21 16:08:31 | 000,044,544 | R--- | C] (Microsoft Corporation) -- C:\Users\Mateusz\AppData\Roaming\msxml4a.dll
[2008-01-21 04:24:27 | 000,110,592 | -HS- | C] (ICQ, LLC.) -- C:\ProgramData\msoruwlh.exe
[2008-01-21 04:24:27 | 000,110,592 | -HS- | C] (ICQ, LLC.) -- C:\ProgramData\msgeijd.exe
[2005-01-12 15:53:54 | 000,082,432 | R--- | C] (Microsoft Corporation) -- C:\Users\Mateusz\AppData\Roaming\msxml4r.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-04-14 22:04:06 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1051359795-92314991-2884734444-1000UA.job
[2014-04-14 22:02:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-04-14 22:01:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-04-14 21:42:09 | 000,665,460 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-04-14 21:42:09 | 000,590,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-04-14 21:42:09 | 000,128,164 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-04-14 21:42:09 | 000,102,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-04-14 21:41:19 | 000,146,187 | ---- | M] () -- C:\ProgramData\nvModes.001
[2014-04-14 21:39:54 | 000,380,416 | ---- | M] () -- C:\Users\Mateusz\Desktop\tspx2j2j.exe
[2014-04-14 21:39:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe
[2014-04-14 21:39:06 | 001,042,944 | ---- | M] (Farbar) -- C:\Users\Mateusz\Desktop\FRST.exe
[2014-04-14 21:38:12 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014-04-14 21:38:12 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014-04-14 21:37:53 | 000,146,187 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2014-04-14 21:37:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-04-14 20:43:19 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2014-04-14 20:42:39 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-04-14 20:42:19 | 3213,774,848 | -HS- | M] () -- C:\hiberfil.sys
[2014-04-14 20:19:58 | 000,026,624 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2014-04-14 19:04:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1051359795-92314991-2884734444-1000Core.job
[2014-04-14 18:54:34 | 000,088,064 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-04-14 11:33:21 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014-04-13 18:58:12 | 000,000,356 | ---- | M] () -- C:\Users\Mateusz\Desktop\NATALA — skrót.lnk
[2014-04-11 18:17:36 | 000,030,527 | ---- | M] () -- C:\Users\Mateusz\Desktop\Bez tytułu.jpg
[2014-04-10 20:45:33 | 000,058,188 | ---- | M] () -- C:\Users\Mateusz\Desktop\10001322_573172712796729_1696597582350368375_n.jpg
[2014-04-10 20:14:01 | 000,001,981 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-04-10 17:13:01 | 000,218,651 | ---- | M] () -- C:\Users\Mateusz\Desktop\4.jpg
[2014-04-10 17:12:58 | 000,218,147 | ---- | M] () -- C:\Users\Mateusz\Desktop\3.jpg
[2014-04-10 17:12:55 | 000,217,851 | ---- | M] () -- C:\Users\Mateusz\Desktop\2.jpg
[2014-04-10 17:12:51 | 000,129,860 | ---- | M] () -- C:\Users\Mateusz\Desktop\1555851_610141212407171_1626688227_n.jpg
[2014-04-07 22:03:54 | 242,691,169 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014-04-07 04:25:31 | 000,000,680 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\d3d9caps.dat
[2014-04-04 20:06:50 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\AVG Konserwacja 1 kliknięciem.lnk
[2014-04-04 20:06:50 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
[2014-04-04 19:59:21 | 000,007,168 | -H-- | M] () -- C:\Users\Mateusz\Desktop\photothumb.db
[2014-04-04 19:57:58 | 000,000,832 | ---- | M] () -- C:\Users\Mateusz\Desktop\PhotoScape.lnk
[2014-03-29 21:12:27 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0662CEB5.exe
[2014-03-29 19:12:08 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\05F4A8AC.exe
[2014-03-29 17:11:51 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0586882F.exe
[2014-03-29 15:10:53 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0517C5E8.exe
[2014-03-29 13:10:19 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\04A961D6.exe
[2014-03-29 11:31:32 | 000,000,142 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\WB.CFG
[2014-03-29 11:09:42 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\043AF368.exe
[2014-03-29 09:09:24 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\03CCCFC0.exe
[2014-03-29 07:02:01 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\03582E13.exe
[2014-03-29 05:01:31 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\02E9DB50.exe
[2014-03-29 03:01:20 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\027BD16E.exe
[2014-03-29 01:01:03 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\020DB0E2.exe
[2014-03-28 23:00:52 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\019FA7EA.exe
[2014-03-28 21:30:40 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\014D13F3.exe
[2014-03-28 19:30:19 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\00DEE13E.exe
[2014-03-28 17:30:07 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0070D605.exe
[2014-03-28 15:06:17 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0BEECF5D.exe
[2014-03-28 14:36:10 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0BD33CAF.exe
[2014-03-27 18:30:39 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\07838B07.exe
[2014-03-27 16:11:59 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\07049725.exe
[2014-03-27 12:15:01 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\062BA321.exe
[2014-03-26 08:04:29 | 000,055,224 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\tStLibG.sys
[2014-03-26 07:31:54 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\00021370.exe
[2014-03-24 19:01:52 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0039756E.exe
[2014-03-24 18:01:43 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0002624B.exe
[2014-03-23 23:14:16 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\03B1B473.exe
[2014-03-23 21:14:05 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0343AB5C.exe
[2014-03-23 19:13:54 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\02D5A207.exe
[2014-03-23 17:13:41 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0267902A.exe
[2014-03-23 15:13:30 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\01F9855F.exe
[2014-03-23 13:13:18 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\018B79B9.exe
[2014-03-23 11:04:41 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0115CF45.exe
[2014-03-23 09:04:29 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\00A7C2E4.exe
[2014-03-23 07:04:18 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0039B876.exe
[2014-03-23 06:04:10 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0002A929.exe
[2014-03-22 23:22:30 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\177A65A0.exe
[2014-03-22 21:22:15 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\170C4BF6.exe
[2014-03-22 19:22:03 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\169E3D64.exe
[2014-03-22 17:21:52 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\163032C7.exe
[2014-03-22 15:21:41 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\15C22905.exe
[2014-03-22 13:21:28 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\15541A05.exe
[2014-03-22 11:09:56 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\14DBAA9D.exe
[2014-03-22 07:24:56 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\140DAE70.exe
[2014-03-22 06:54:49 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\13F219BF.exe
[2014-03-21 22:45:10 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\1231CED2.exe
[2014-03-21 19:09:18 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\116C2CD5.exe
[2014-03-21 17:09:06 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\10FE2026.exe
[2014-03-19 23:03:36 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\07F5F35C.exe
[2014-03-19 21:04:31 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0788EEC8.exe
[2014-03-19 19:04:18 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\071ADEAF.exe
[2014-03-19 17:04:07 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\06ACD28D.exe
[2014-03-19 15:03:56 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\063EC800.exe
[2014-03-19 13:03:44 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\05D0BD54.exe
[2014-03-19 11:03:33 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0562B17F.exe
[2014-03-19 09:03:21 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\04F4A6C3.exe
[2014-03-19 07:03:03 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\048681F2.exe
[2014-03-19 05:02:51 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\04187469.exe
[2014-03-19 03:02:40 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\03AA6A3A.exe
[2014-03-19 01:02:29 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\033C5EB3.exe
[2014-03-18 23:02:17 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\02CE53D8.exe
[2014-03-18 21:01:56 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\02601F9D.exe
[2014-03-18 19:01:44 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\01F2138A.exe
[2014-03-18 17:01:32 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\018408FC.exe
[2014-03-18 15:01:21 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0115FFA7.exe
[2014-03-18 13:01:09 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\00A7F4BD.exe
[2014-03-18 11:00:58 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0039EB49.exe
[2014-03-18 10:00:50 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\0002DB41.exe
[2014-03-17 21:03:28 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\025F9D54.exe
[2014-03-17 19:03:16 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\01F18F6C.exe
[2014-03-17 17:03:04 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\018382FC.exe
[2014-03-17 15:02:53 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\01157840.exe
[2014-03-17 13:02:42 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\00A76D55.exe
[2014-03-17 11:02:30 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\003961DE.exe
[2014-03-17 10:02:21 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\00024FA5.exe
[2014-03-16 23:15:15 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\035E92BE.exe
[2014-03-16 21:15:03 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\02F0887F.exe
[2014-03-16 19:14:52 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\02827D66.exe
[2014-03-16 17:14:37 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\02146580.exe
[2014-03-16 15:14:26 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\01A65A96.exe
[2014-03-16 13:14:14 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\01385066.exe
[2014-03-16 11:13:55 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\00CA347B.exe
[2014-03-16 09:13:44 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\005C2AB9.exe
[2014-03-16 07:43:34 | 000,244,377 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\00099E22.exe
[2014-03-16 07:34:37 | 000,162,304 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\regsrv64.exe
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-04-14 21:41:28 | 000,380,416 | ---- | C] () -- C:\Users\Mateusz\Desktop\tspx2j2j.exe
[2014-04-13 18:58:12 | 000,000,356 | ---- | C] () -- C:\Users\Mateusz\Desktop\NATALA — skrót.lnk
[2014-04-11 18:17:36 | 000,030,527 | ---- | C] () -- C:\Users\Mateusz\Desktop\Bez tytułu.jpg
[2014-04-10 20:45:14 | 000,058,188 | ---- | C] () -- C:\Users\Mateusz\Desktop\10001322_573172712796729_1696597582350368375_n.jpg
[2014-04-10 17:10:55 | 000,218,651 | ---- | C] () -- C:\Users\Mateusz\Desktop\4.jpg
[2014-04-10 17:10:51 | 000,218,147 | ---- | C] () -- C:\Users\Mateusz\Desktop\3.jpg
[2014-04-10 17:10:45 | 000,217,851 | ---- | C] () -- C:\Users\Mateusz\Desktop\2.jpg
[2014-04-10 17:10:38 | 000,129,860 | ---- | C] () -- C:\Users\Mateusz\Desktop\1555851_610141212407171_1626688227_n.jpg
[2014-04-04 20:06:50 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\AVG Konserwacja 1 kliknięciem.lnk
[2014-04-04 20:06:50 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
[2014-04-04 20:06:49 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
[2014-04-04 19:57:58 | 000,000,832 | ---- | C] () -- C:\Users\Mateusz\Desktop\PhotoScape.lnk
[2014-03-29 21:12:27 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0662CEB5.exe
[2014-03-29 19:12:08 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\05F4A8AC.exe
[2014-03-29 17:11:51 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0586882F.exe
[2014-03-29 15:10:53 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0517C5E8.exe
[2014-03-29 13:10:19 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\04A961D6.exe
[2014-03-29 11:09:42 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\043AF368.exe
[2014-03-29 09:09:24 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03CCCFC0.exe
[2014-03-29 07:02:01 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03582E13.exe
[2014-03-29 05:01:31 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02E9DB50.exe
[2014-03-29 03:01:20 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\027BD16E.exe
[2014-03-29 01:01:03 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\020DB0E2.exe
[2014-03-28 23:00:52 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\019FA7EA.exe
[2014-03-28 21:30:40 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\014D13F3.exe
[2014-03-28 19:30:19 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00DEE13E.exe
[2014-03-28 17:30:07 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0070D605.exe
[2014-03-28 15:06:17 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0BEECF5D.exe
[2014-03-28 14:36:10 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0BD33CAF.exe
[2014-03-27 18:30:39 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\07838B07.exe
[2014-03-27 16:11:59 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\07049725.exe
[2014-03-27 12:15:01 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\062BA321.exe
[2014-03-26 07:31:54 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00021370.exe
[2014-03-24 19:01:52 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0039756E.exe
[2014-03-24 18:01:43 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0002624B.exe
[2014-03-23 23:14:16 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03B1B473.exe
[2014-03-23 21:14:05 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0343AB5C.exe
[2014-03-23 19:13:54 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02D5A207.exe
[2014-03-23 17:13:41 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0267902A.exe
[2014-03-23 15:13:30 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01F9855F.exe
[2014-03-23 13:13:18 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\018B79B9.exe
[2014-03-23 11:04:41 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0115CF45.exe
[2014-03-23 09:04:29 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00A7C2E4.exe
[2014-03-23 07:04:18 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0039B876.exe
[2014-03-23 06:04:10 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0002A929.exe
[2014-03-22 23:22:30 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\177A65A0.exe
[2014-03-22 21:22:15 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\170C4BF6.exe
[2014-03-22 19:22:03 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\169E3D64.exe
[2014-03-22 17:21:52 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\163032C7.exe
[2014-03-22 15:21:41 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\15C22905.exe
[2014-03-22 13:21:28 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\15541A05.exe
[2014-03-22 11:09:56 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\14DBAA9D.exe
[2014-03-22 07:24:56 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\140DAE70.exe
[2014-03-22 06:54:49 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\13F219BF.exe
[2014-03-21 22:45:10 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\1231CED2.exe
[2014-03-21 19:09:18 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\116C2CD5.exe
[2014-03-21 17:09:06 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\10FE2026.exe
[2014-03-19 23:03:36 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\07F5F35C.exe
[2014-03-19 21:04:31 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0788EEC8.exe
[2014-03-19 19:04:18 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\071ADEAF.exe
[2014-03-19 17:04:07 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\06ACD28D.exe
[2014-03-19 15:03:56 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\063EC800.exe
[2014-03-19 13:03:44 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\05D0BD54.exe
[2014-03-19 11:03:33 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0562B17F.exe
[2014-03-19 09:03:21 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\04F4A6C3.exe
[2014-03-19 07:03:03 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\048681F2.exe
[2014-03-19 05:02:51 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\04187469.exe
[2014-03-19 03:02:40 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03AA6A3A.exe
[2014-03-19 01:02:29 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\033C5EB3.exe
[2014-03-18 23:02:17 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02CE53D8.exe
[2014-03-18 21:01:56 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02601F9D.exe
[2014-03-18 19:01:44 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01F2138A.exe
[2014-03-18 17:01:32 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\018408FC.exe
[2014-03-18 15:01:21 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0115FFA7.exe
[2014-03-18 13:01:09 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00A7F4BD.exe
[2014-03-18 11:00:58 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0039EB49.exe
[2014-03-18 10:00:50 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0002DB41.exe
[2014-03-17 21:03:28 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\025F9D54.exe
[2014-03-17 19:03:16 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01F18F6C.exe
[2014-03-17 17:48:27 | 000,002,379 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014-03-17 17:03:04 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\018382FC.exe
[2014-03-17 15:02:53 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01157840.exe
[2014-03-17 13:02:42 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00A76D55.exe
[2014-03-17 11:02:30 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\003961DE.exe
[2014-03-17 10:02:21 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00024FA5.exe
[2014-03-16 23:15:15 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\035E92BE.exe
[2014-03-16 21:15:03 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02F0887F.exe
[2014-03-16 19:14:52 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02827D66.exe
[2014-03-16 17:14:37 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02146580.exe
[2014-03-16 15:14:26 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01A65A96.exe
[2014-03-16 13:14:14 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01385066.exe
[2014-03-16 11:13:55 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00CA347B.exe
[2014-03-16 09:13:44 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\005C2AB9.exe
[2014-03-16 07:43:34 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00099E22.exe
[2014-03-16 07:35:44 | 000,162,304 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\regsrv64.exe
[2014-03-14 23:11:44 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\10C6DEA3.exe
[2014-03-14 21:11:20 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\1058A0F5.exe
[2014-03-14 19:11:09 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0FEA9678.exe
[2014-03-14 17:10:52 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0F7C77AF.exe
[2014-03-14 15:10:41 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0F0E6E4B.exe
[2014-03-13 23:08:54 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0B9DDF63.exe
[2014-03-13 21:08:43 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0B2FD5C0.exe
[2014-03-13 19:08:32 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0AC1CC5B.exe
[2014-03-13 17:08:21 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0A53C40F.exe
[2014-03-13 15:08:10 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\09E5BAF9.exe
[2014-03-13 13:08:00 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0977B26E.exe
[2014-03-13 11:07:49 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0909A9B5.exe
[2014-03-13 09:07:38 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\089BA14A.exe
[2014-03-13 07:07:27 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\082D995C.exe
[2014-03-13 05:07:17 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\07BF9120.exe
[2014-03-13 03:07:05 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\075185A9.exe
[2014-03-13 01:06:55 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\06E37DAB.exe
[2014-03-12 23:06:44 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0675759E.exe
[2014-03-12 21:06:33 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\06076D33.exe
[2014-03-12 19:06:23 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\05996489.exe
[2014-03-12 17:06:12 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\052B5AF6.exe
[2014-03-12 15:05:57 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\04BD43CB.exe
[2014-03-12 13:05:46 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\044F3AC4.exe
[2014-03-12 11:05:35 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03E13112.exe
[2014-03-12 09:05:24 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03732859.exe
[2014-03-12 07:05:13 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03051ED5.exe
[2014-03-12 05:04:59 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02970AB7.exe
[2014-03-12 03:04:46 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0228FC91.exe
[2014-03-12 01:04:35 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01BAF3D8.exe
[2014-03-11 23:04:24 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\014CEA83.exe
[2014-03-11 21:04:12 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00DEE0E0.exe
[2014-03-11 19:04:01 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0070D7E9.exe
[2014-03-11 17:03:50 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0002CE55.exe
[2014-03-09 23:06:09 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00706EFA.exe
[2014-03-09 21:05:56 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00026028.exe
[2014-03-09 20:24:08 | 000,421,888 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01A2523C.exe
[2014-03-09 19:24:04 | 000,421,888 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\016B521C.exe
[2014-03-09 18:23:59 | 000,421,888 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01344EC1.exe
[2014-03-09 17:53:55 | 000,421,888 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0118C98B.exe
[2014-03-09 17:23:49 | 000,305,665 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00FD3AC3.exe
[2014-03-09 16:23:45 | 000,305,665 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00C63AF1.exe
[2014-03-09 15:23:39 | 000,305,665 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\008F3535.exe
[2014-03-09 14:23:33 | 000,305,665 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00582D96.exe
[2014-03-09 13:23:29 | 000,305,665 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00212EAE.exe
[2014-03-09 12:53:26 | 000,305,665 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0005AAEE.exe
[2014-03-09 09:07:04 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0524AECF.exe
[2014-03-08 23:09:59 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03020878.exe
[2014-03-08 20:07:54 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\025B7866.exe
[2014-03-08 14:53:42 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\013BCDDF.exe
[2014-03-08 11:53:09 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00968307.exe
[2014-03-08 09:11:09 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00023072.exe
[2014-03-07 23:13:33 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03572185.exe
[2014-03-07 21:13:21 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02E91469.exe
[2014-03-07 19:13:10 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\027B0B62.exe
[2014-03-07 15:12:31 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\019EB552.exe
[2014-03-07 13:12:19 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0130A874.exe
[2014-03-07 11:12:08 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00C29DC8.exe
[2014-03-07 09:11:56 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00549406.exe
[2014-03-07 07:41:45 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0002028F.exe
[2014-03-06 23:13:26 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00390001.exe
[2014-03-06 21:29:04 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0546838C.exe
[2014-03-06 19:28:51 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\04D87354.exe
[2014-03-06 17:28:40 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\046A6A7C.exe
[2014-03-06 15:28:28 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03FC5FFE.exe
[2014-03-06 13:28:17 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\038E55CF.exe
[2014-03-06 11:28:01 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\032039A6.exe
[2014-03-06 09:27:49 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02B2309F.exe
[2014-03-06 07:27:38 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\024427B7.exe
[2014-03-06 05:27:26 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01D61A6C.exe
[2014-03-06 03:27:15 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\016811C2.exe
[2014-03-06 01:27:03 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00FA0800.exe
[2014-03-05 23:26:52 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\008BFE8C.exe
[2014-03-05 21:26:39 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\001DEEB2.exe
[2014-03-05 17:19:52 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0A39871F.exe
[2014-03-05 15:19:40 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\09CB7947.exe
[2014-03-05 13:19:29 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\095D70CC.exe
[2014-03-05 11:19:19 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\08EF68CF.exe
[2014-03-05 09:19:08 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\08816092.exe
[2014-03-05 07:18:57 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\081355D7.exe
[2014-03-05 05:18:46 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\07A54D7B.exe
[2014-03-05 03:18:35 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0737456E.exe
[2014-03-05 01:18:25 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\06C93CE4.exe
[2014-03-05 00:18:17 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\06922D97.exe
[2014-03-04 23:17:29 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\065A85E2.exe
[2014-03-04 21:17:19 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\05EC7D68.exe
[2014-03-04 19:17:06 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\057E6E0A.exe
[2014-03-04 17:16:54 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\05105E30.exe
[2014-03-04 15:16:43 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\04A255D5.exe
[2014-03-04 13:16:27 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\04343799.exe
[2014-03-04 11:15:50 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03C5CAFF.exe
[2014-03-04 09:15:39 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0357C275.exe
[2014-03-04 07:15:28 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02E9B836.exe
[2014-03-04 05:15:17 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\027BAEE1.exe
[2014-03-04 03:15:07 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\020DA609.exe
[2014-03-04 01:14:56 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\019F9D7E.exe
[2014-03-03 21:13:57 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00C2FBCF.exe
[2014-03-03 19:13:46 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0054F25B.exe
[2014-03-03 17:43:36 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00026180.exe
[2014-03-02 23:26:35 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0296ABB6.exe
[2014-03-02 21:26:15 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02287DC2.exe
[2014-03-02 19:26:00 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01BA65FB.exe
[2014-03-02 17:25:45 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\014C4A5E.exe
[2014-03-02 15:25:34 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00DE40BB.exe
[2014-03-02 13:25:22 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00703479.exe
[2014-03-02 11:25:11 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00022B05.exe
[2014-03-02 09:06:34 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\005523E6.exe
[2014-03-02 07:36:06 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0002512B.exe
[2014-03-02 00:02:04 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00A3D5C8.exe
[2014-03-01 21:05:39 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00024E9C.exe
[2014-03-01 19:26:04 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\008BF74B.exe
[2014-03-01 18:25:52 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0054DBDE.exe
[2014-03-01 17:25:44 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\001DCC63.exe
[2014-03-01 15:25:06 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01BAC8E2.exe
[2014-03-01 13:24:54 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\014CBC43.exe
[2014-03-01 11:24:43 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00DEB37A.exe
[2014-03-01 09:24:31 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0070A851.exe
[2014-03-01 07:24:20 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00029E60.exe
[2014-02-28 19:27:29 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0086AC67.exe
[2014-02-28 17:02:54 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00024BFD.exe
[2014-02-28 15:09:25 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\005490AC.exe
[2014-02-28 13:39:16 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00020388.exe
[2014-02-28 07:32:44 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0002EF8C.exe
[2014-02-27 21:02:17 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02E9D086.exe
[2014-02-27 19:02:05 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\027BC4B2.exe
[2014-02-27 17:01:53 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\020DB8AE.exe
[2014-02-27 15:01:22 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\019F5EE9.exe
[2014-02-27 13:01:10 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0131541E.exe
[2014-02-27 11:00:59 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00C34A9A.exe
[2014-02-27 09:00:48 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00553EC5.exe
[2014-02-27 07:30:38 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0002AF51.exe
[2014-02-27 01:11:41 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0D043A07.exe
[2014-02-26 23:11:29 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0C962E71.exe
[2014-02-26 21:11:08 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0C27FBDB.exe
[2014-02-26 19:10:57 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0BB9F3EC.exe
[2014-02-26 17:10:46 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0B4BEA0B.exe
[2014-02-26 15:10:34 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0ADDE0C6.exe
[2014-02-26 13:10:23 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0A6FD84B.exe
[2014-02-26 11:10:12 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0A01D00F.exe
[2014-02-26 09:10:01 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0993C794.exe
[2014-02-26 07:09:50 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0925BEAC.exe
[2014-02-26 05:09:39 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\08B7B596.exe
[2014-02-26 03:09:27 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0849AD1B.exe
[2014-02-26 01:09:16 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\07DBA4EE.exe
[2014-02-25 23:09:05 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\076D9CF1.exe
[2014-02-25 21:08:53 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\06FF8EBC.exe
[2014-02-25 19:08:41 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\069182F7.exe
[2014-02-25 15:08:02 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\05B52E2E.exe
[2014-02-25 13:07:51 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\054722D7.exe
[2014-02-25 11:07:39 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\04D915AB.exe
[2014-02-25 09:07:27 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\046B09B7.exe
[2014-02-25 07:07:15 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03FD0052.exe
[2014-02-25 05:07:04 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\038EF5F4.exe
[2014-02-25 03:06:42 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0320C429.exe
[2014-02-25 02:06:33 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02E9B1B1.exe
[2014-02-25 01:06:24 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02B2A17A.exe
[2014-02-24 23:06:13 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0244975A.exe
[2014-02-24 21:36:02 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01F2066F.exe
[2014-02-24 21:05:47 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01D6546F.exe
[2014-02-24 19:05:35 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\016848AA.exe
[2014-02-24 17:05:13 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00FA1346.exe
[2014-02-24 15:05:01 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\008C059E.exe
[2014-02-24 13:04:49 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\001DFB7E.exe
[2014-02-24 12:34:42 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00026788.exe
[2014-02-23 23:18:16 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02E992FA.exe
[2014-02-23 21:18:04 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\027B8800.exe
[2014-02-23 19:17:53 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\020D7BBE.exe
[2014-02-23 17:17:38 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\019F6198.exe
[2014-02-23 13:16:59 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00C30D6B.exe
[2014-02-23 11:16:47 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00550030.exe
[2014-02-23 09:46:32 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00025F4E.exe
[2014-02-22 23:06:08 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\037275DC.exe
[2014-02-22 21:05:56 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03046A75.exe
[2014-02-22 19:05:44 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02965BC3.exe
[2014-02-22 17:05:31 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\02284A15.exe
[2014-02-22 15:05:19 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01BA3EAD.exe
[2014-02-22 13:05:08 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\014C343F.exe
[2014-02-22 11:04:55 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00DE25DC.exe
[2014-02-22 09:04:39 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0070081D.exe
[2014-02-22 07:04:27 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0001FAE1.exe
[2014-02-21 23:26:52 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0001EE73.exe
[2014-02-16 18:18:04 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\019E92C5.exe
[2014-02-16 10:47:34 | 000,244,377 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00021D6E.exe
[2014-02-15 21:45:40 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\03683303.exe
[2014-02-15 15:51:47 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\022432BE.exe
[2014-02-15 13:07:05 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\018D683C.exe
[2014-02-15 12:07:01 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\01566B75.exe
[2014-02-15 11:06:58 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\011F6ECE.exe
[2014-02-15 10:28:53 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00FC92F0.exe
[2014-02-15 07:28:51 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0057C072.exe
[2014-02-15 06:28:48 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\0020C3BC.exe
[2014-02-15 00:27:50 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\06853592.exe
[2014-02-14 23:27:47 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\064E38CC.exe
[2014-02-14 21:27:40 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\05E03F7E.exe
[2014-02-14 20:27:37 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\05A94269.exe
[2014-02-14 19:27:33 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\05724565.exe
[2014-02-12 00:28:35 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00C6655A.exe
[2014-02-11 23:28:32 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\008F6894.exe
[2014-02-11 21:28:25 | 000,320,466 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00216F75.exe
[2014-02-07 19:13:41 | 000,324,999 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\1070598A.exe
[2014-02-07 18:43:37 | 000,324,999 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\1054D222.exe
[2014-01-26 11:23:46 | 000,069,945 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\00E8087D.exe
[2013-12-22 11:16:05 | 000,000,142 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\WB.CFG
[2013-01-28 17:29:22 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2012-02-17 09:16:44 | 000,000,680 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\d3d9caps.dat
[2011-11-26 19:10:15 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\downloads.m3u
[2011-11-09 21:41:57 | 000,000,121 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\default.rss
[2011-09-30 14:44:00 | 000,088,064 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-09-30 14:40:17 | 000,146,187 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011-09-30 14:38:33 | 000,146,187 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008-01-21 04:24:27 | 000,069,945 | -HS- | C] () -- C:\ProgramData\msaakn.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2006-11-02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011-01-21 17:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-03-03 06:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-01-21 04:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2008-05-13 00:27:42 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008-05-13 00:27:42 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2012-10-06 18:39:37 | 000,000,000 | -HSD | M] -- C:\Users\Mateusz\AppData\Roaming\.#
[2011-09-30 14:46:31 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Acer
[2008-05-13 00:27:42 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Acer GameZone Console
[2011-10-27 20:47:17 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Autodesk
[2014-04-04 20:06:15 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\AVG
[2012-01-03 13:13:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Babylon
[2012-10-06 18:31:51 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Big Fish Games
[2012-03-12 17:14:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite
[2013-02-07 11:16:25 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DealPly
[2011-09-30 16:16:38 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\eSobi
[2013-02-04 21:03:51 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Expert PDF Reader
[2011-10-19 12:01:14 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Gadu-Gadu 10
[2013-12-26 11:42:37 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\NapiProjekt
[2014-04-14 18:35:39 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\newnext.me
[2014-04-04 19:57:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\OpenCandy
[2011-11-23 11:05:06 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\OpenFM
[2011-12-13 19:12:02 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\PeaZip
[2014-02-23 13:51:20 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\PhotoFiltre 7
[2014-01-17 19:46:03 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\PhotoScape
[2011-11-21 19:49:16 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\SumatraPDF
[2014-04-14 22:37:30 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\uTorrent
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 64 bytes -> C:\Users\Mateusz\Desktop\Public.Enemies.2009.PL.DVDRip.XviD.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Mateusz\Desktop\Połączenie__The_Call_(2013)_PL.DVDRip.XviD-GHW__Lektor_PL.avi:TOC.WMV

< End of report >