OTL logfile created on: 2011-06-22 19:18:15 - Run 3 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Arek\Downloads 64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,80 Gb Total Physical Memory | 2,15 Gb Available Physical Memory | 56,46% Memory free 7,60 Gb Paging File | 5,80 Gb Available in Paging File | 76,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,25 Gb Total Space | 1,17 Gb Free Space | 0,26% Space Free | Partition Type: NTFS Drive D: | 13,22 Gb Total Space | 13,13 Gb Free Space | 99,32% Space Free | Partition Type: NTFS Drive E: | 99,02 Mb Total Space | 90,69 Mb Free Space | 91,58% Space Free | Partition Type: FAT32 Drive H: | 1,89 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive K: | 199,00 Mb Total Space | 165,04 Mb Free Space | 82,93% Space Free | Partition Type: NTFS Computer Name: AREK-KOMPUTER | User Name: Arek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-06-22 19:17:34 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Arek\Downloads\OTL(2).exe PRC - [2011-06-21 17:18:18 | 001,449,696 | ---- | M] (GameRanger Technologies) -- C:\Users\Arek\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe PRC - [2011-06-11 18:29:28 | 000,566,784 | RHS- | M] ( ) -- C:\ProgramData\jushed.exe PRC - [2011-06-09 18:06:56 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-06-01 15:14:56 | 013,349,472 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe PRC - [2011-05-29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011-05-25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2011-05-21 08:26:57 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011-04-29 18:57:07 | 000,400,760 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent\BitTorrent.exe PRC - [2011-04-17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe PRC - [2011-03-24 08:11:25 | 000,167,936 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files (x86)\Freecorder\FLVSrvc.exe PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2010-11-22 22:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe PRC - [2010-07-30 09:52:58 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\TP-LINK\Common\RaRegistry.exe PRC - [2010-07-30 09:52:52 | 001,638,400 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD. ) -- C:\Program Files (x86)\TP-LINK\Common\TWCU.exe PRC - [2010-04-12 10:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE PRC - [2009-06-11 13:14:02 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-06-22 19:17:34 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Arek\Downloads\OTL(2).exe MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-03-03 09:12:14 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011-06-13 14:31:11 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-06-09 18:06:56 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-05-29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011-05-25 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011-04-17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe -- (NAV) SRV - [2010-11-22 22:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2010-07-30 09:52:58 | 000,212,256 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\TP-LINK\Common\RaRegistry64.exe -- (RalinkRegistryWriter64) SRV - [2010-07-30 09:52:58 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\TP-LINK\Common\RaRegistry.exe -- (RalinkRegistryWriter) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-06-22 13:37:23 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2011-06-22 13:04:29 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2011-06-22 13:04:29 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2011-05-30 16:07:21 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:[b]64bit:[/b] - [2011-05-29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2011-05-15 15:56:59 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2011-04-27 09:37:40 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2011-04-26 19:28:34 | 000,556,120 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:[b]64bit:[/b] - [2011-03-31 05:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\srtsp64.sys -- (SRTSP) DRV:[b]64bit:[/b] - [2011-03-31 05:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV:[b]64bit:[/b] - [2011-03-22 02:39:49 | 000,382,584 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\symnets.sys -- (SymNetS) DRV:[b]64bit:[/b] - [2011-03-21 13:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-03-15 04:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\symefa64.sys -- (SymEFA) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-01-27 08:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\symds64.sys -- (SymDS) DRV:[b]64bit:[/b] - [2011-01-27 07:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\ironx64.sys -- (SymIRON) DRV:[b]64bit:[/b] - [2010-12-02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64) DRV:[b]64bit:[/b] - [2010-12-02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:[b]64bit:[/b] - [2010-11-23 18:33:00 | 000,300,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2010-06-09 17:44:00 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2) DRV:[b]64bit:[/b] - [2010-06-09 17:43:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1) DRV:[b]64bit:[/b] - [2010-05-27 22:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2010-05-27 04:30:00 | 001,121,632 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux) DRV:[b]64bit:[/b] - [2010-04-22 19:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:[b]64bit:[/b] - [2010-03-03 09:23:12 | 006,402,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010-03-03 08:08:12 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:[b]64bit:[/b] - [2010-03-03 08:08:12 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2010-03-03 08:07:34 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010-01-28 19:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009-11-02 20:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:[b]64bit:[/b] - [2009-09-16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-03-19 14:49:02 | 000,172,544 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:[b]64bit:[/b] - [2009-03-19 14:48:52 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64) DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:[b]64bit:[/b] - [2009-03-03 01:20:18 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64) DRV:[b]64bit:[/b] - [2009-02-09 08:38:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt) DRV:[b]64bit:[/b] - [2009-02-09 08:38:34 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:[b]64bit:[/b] - [2009-02-09 08:38:32 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64) DRV:[b]64bit:[/b] - [2007-11-06 22:23:14 | 000,040,464 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV - [2011-06-03 03:08:18 | 000,488,056 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20110622.001\IDSviA64.sys -- (IDSVia64) DRV - [2011-05-31 22:05:09 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\parldr2k.sys -- (PARLDR2K) DRV - [2011-05-30 16:06:47 | 002,011,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110621.035\EX64.SYS -- (NAVEX15) DRV - [2011-05-30 16:06:47 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2011-05-30 16:06:47 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2011-05-30 16:06:47 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110621.035\ENG64.SYS -- (NAVENG) DRV - [2011-05-19 21:37:05 | 001,143,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20110616.003\BHDrvx64.sys -- (BHDrvx64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {40f5f417-32bb-4296-9446-c1e0094e7d82} - C:\Program Files (x86)\Uptodown_EN\prxtbUpto.dll (Conduit Ltd.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1422475991-2651340295-540079723-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=w7th IE - HKU\S-1-5-21-1422475991-2651340295-540079723-1000\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1422475991-2651340295-540079723-1000\..\URLSearchHook: {40f5f417-32bb-4296-9446-c1e0094e7d82} - C:\Program Files (x86)\Uptodown_EN\prxtbUpto.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1422475991-2651340295-540079723-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1422475991-2651340295-540079723-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/" FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.1.400 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.1.400 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {6E19037A-12E3-4295-8915-ED48BC341614}:1.3.329.2 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files (x86)\RelevantKnowledge FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2011-05-30 16:14:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-05-21 08:27:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-06-19 13:59:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011-06-07 21:00:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-05-30 16:06:45 | 000,000,000 | ---D | M] [2011-06-07 21:00:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arek\AppData\Roaming\mozilla\Extensions [2011-06-07 21:00:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arek\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011-06-22 17:29:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arek\AppData\Roaming\mozilla\Firefox\Profiles\1fkdauz4.default\extensions [2011-06-22 17:29:50 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Arek\AppData\Roaming\mozilla\Firefox\Profiles\1fkdauz4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-05-27 21:33:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011-04-27 08:27:10 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-05-02 19:48:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-05-03 18:56:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- [2011-05-30 16:14:44 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPLGN [2011-05-21 08:26:56 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-02-02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-05-21 08:26:59 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2011-05-21 08:26:59 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2011-05-03 20:48:31 | 000,002,047 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchw7th.xml [2011-05-21 08:26:59 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-05-21 08:26:59 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011-05-21 08:26:59 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-05-21 08:26:59 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-05-01 07:49:13 | 000,000,864 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Uptodown EN Toolbar) - {40f5f417-32bb-4296-9446-c1e0094e7d82} - C:\Program Files (x86)\Uptodown_EN\prxtbUpto.dll (Conduit Ltd.) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\18.6.0.29\IPS\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found O3 - HKLM\..\Toolbar: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files (x86)\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland) O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Uptodown EN Toolbar) - {40f5f417-32bb-4296-9446-c1e0094e7d82} - C:\Program Files (x86)\Uptodown_EN\prxtbUpto.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1422475991-2651340295-540079723-1000\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.) O3:[b]64bit:[/b] - HKU\S-1-5-21-1422475991-2651340295-540079723-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found O3 - HKU\S-1-5-21-1422475991-2651340295-540079723-1000\..\Toolbar\WebBrowser: (Uptodown EN Toolbar) - {40F5F417-32BB-4296-9446-C1E0094E7D82} - C:\Program Files (x86)\Uptodown_EN\prxtbUpto.dll (Conduit Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVP] File not found O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [WinampAgent] File not found O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1422475991-2651340295-540079723-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-1422475991-2651340295-540079723-1000..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-1422475991-2651340295-540079723-1000..\Run: [ares] File not found O4 - HKU\S-1-5-21-1422475991-2651340295-540079723-1000..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-21-1422475991-2651340295-540079723-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1422475991-2651340295-540079723-1000..\Run: [FreeRandomPasswordGenerator] File not found O4 - HKU\S-1-5-21-1422475991-2651340295-540079723-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1422475991-2651340295-540079723-1000..\Run: [jushed] C:\ProgramData\jushed.exe ( ) O4 - HKU\S-1-5-21-1422475991-2651340295-540079723-1000..\Run: [RGSC] File not found O4 - HKU\S-1-5-21-1422475991-2651340295-540079723-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found O4 - Startup: C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk = C:\Users\Arek\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies) O4 - Startup: C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files (x86)\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO) O20:[b]64bit:[/b] - Winlogon\Notify\WB: DllName - Reg Error: Key error. - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-09-03 15:44:44 | 000,218,376 | R--- | M] () - H:\AutoStarter.exe -- [ CDFS ] O32 - AutoRun File - [2009-09-08 17:08:46 | 000,002,813 | R--- | M] () - H:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2009-09-09 10:00:35 | 000,000,000 | ---D | M] - H:\autostarter -- [ CDFS ] O33 - MountPoints2\{c589bbff-7cd9-11e0-b1e4-ffa252c16bad}\Shell - "" = AutoRun O33 - MountPoints2\{c589bbff-7cd9-11e0-b1e4-ffa252c16bad}\Shell\AutoRun\command - "" = I:\Startme.exe O33 - MountPoints2\L\Shell - "" = AutoRun O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-06-22 18:19:32 | 000,000,000 | ---D | C] -- C:\Users\Arek\Desktop\Norton TrialReset 2011 v3.1.0 (Cracked by BOX!) [2011-06-22 13:49:45 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Risen [2011-06-22 12:58:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deep Silver [2011-06-22 00:18:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire [2011-06-22 00:10:02 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Xfire [2011-06-22 00:09:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire [2011-06-22 00:09:57 | 000,000,000 | --SD | C] -- C:\Program Files (x86)\Xfire [2011-06-22 00:02:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gothic III [2011-06-22 00:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic III [2011-06-21 23:35:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Worms Armageddon [2011-06-21 23:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team 17 [2011-06-21 20:45:15 | 000,000,000 | ---D | C] -- C:\Users\Arek\Desktop\WR_Spol_Upd4__PIKUSP [2011-06-21 20:02:15 | 000,000,000 | ---D | C] -- C:\Users\Arek\Documents\BioWare [2011-06-21 19:51:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare [2011-06-20 07:53:07 | 000,035,840 | R--- | C] (Avanquest Software) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS [2011-06-20 07:49:34 | 000,000,000 | ---D | C] -- C:\Netgear [2011-06-19 16:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Angielski - Mówisz i rozumiesz [2011-06-19 15:24:25 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\ABBYY [2011-06-19 15:21:52 | 000,006,656 | ---- | C] (Tracker Software) -- C:\Windows\SysNative\pxc35pm.dll [2011-06-19 15:21:51 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unicows.dll [2011-06-19 15:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY PDF Transformer 2.0 [2011-06-19 15:20:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ABBYY PDF Transformer 2.0 [2011-06-19 15:17:11 | 000,000,000 | ---D | C] -- C:\Temp [2011-06-19 15:16:53 | 000,000,000 | ---D | C] -- C:\Users\Arek\Desktop\ABBYY PDF Transformer [2011-06-19 14:59:43 | 000,000,000 | ---D | C] -- C:\Users\Arek\Documents\4Videosoft Studio [2011-06-19 14:54:08 | 000,000,000 | ---D | C] -- C:\Output Files [2011-06-19 14:53:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\office Convert Pdf to Image Free [2011-06-19 03:27:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Techland [2011-06-19 03:27:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Techland [2011-06-19 03:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Angielski dla leniwych 2 [2011-06-19 03:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Angielski dla leniwych 2 [2011-06-19 03:19:15 | 000,000,000 | ---D | C] -- C:\Users\Arek\Desktop\ETranslator 3.1 [2011-06-19 03:13:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Angielski dla leniwych [2011-06-19 03:12:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Angielski dla leniwych [2011-06-19 03:08:57 | 000,000,000 | ---D | C] -- C:\Users\Arek\Desktop\EnTrXT [2011-06-19 02:57:42 | 000,000,000 | ---D | C] -- C:\Users\Arek\Desktop\Angielski dla leniwych 2x iso [2011-06-19 00:15:37 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Real [2011-06-19 00:15:37 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Real [2011-06-19 00:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2011-06-18 13:40:49 | 004,537,856 | ---- | C] (ALLPlayer) -- C:\Users\Arek\Desktop\ALLPlayer.exe [2011-06-18 13:40:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer [2011-06-18 13:39:59 | 000,892,928 | ---- | C] (Free Software Foundation) -- C:\Windows\SysWow64\iconv.dll [2011-06-18 13:39:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ALLPlayer [2011-06-18 13:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Kulki [2011-06-18 13:33:58 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Balls [2011-06-18 13:33:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Super Kulki [2011-06-18 13:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NAPI-PROJEKT [2011-06-18 13:33:46 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\ALLPlayer [2011-06-18 13:33:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLPlayer [2011-06-17 13:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player [2011-06-17 13:42:02 | 000,000,000 | ---D | C] -- C:\Program Files\GRETECH [2011-06-15 20:44:27 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011-06-15 20:44:27 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011-06-15 20:44:26 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011-06-15 20:44:26 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011-06-15 20:44:26 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011-06-15 20:44:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011-06-15 20:44:25 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011-06-15 20:44:25 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011-06-15 20:42:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro [2011-06-15 20:42:14 | 000,000,000 | ---D | C] -- C:\rsit [2011-06-15 20:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2011-06-15 20:20:44 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2011-06-13 23:31:46 | 000,000,000 | ---D | C] -- C:\Users\Arek\Desktop\Gameranger [2011-06-13 23:27:04 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\GameRanger [2011-06-13 23:00:27 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\LogMeIn Hamachi [2011-06-13 23:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2011-06-13 23:00:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2011-06-13 19:51:02 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Lionhead Studios [2011-06-13 19:17:04 | 000,000,000 | ---D | C] -- C:\Users\Arek\Documents\Games for Windows - LIVE Demos [2011-06-13 19:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2011-06-13 19:14:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft [2011-06-13 19:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fable III [2011-06-13 14:27:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2011-06-13 14:27:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2011-06-13 14:27:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2011-06-13 00:52:16 | 000,000,000 | ---D | C] -- C:\Users\Arek\Documents\Tunngle [2011-06-13 00:52:16 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Tunngle [2011-06-13 00:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle [2011-06-13 00:51:57 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys [2011-06-13 00:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle [2011-06-13 00:51:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle [2011-06-13 00:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle [2011-06-12 23:11:06 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011-06-12 22:23:27 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Rockstar Games [2011-06-12 22:23:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM [2011-06-12 19:57:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games [2011-06-12 16:00:32 | 007,987,953 | ---- | C] (CCCP Project ) -- C:\Users\Arek\AppData\Local\Codecs.exe [2011-06-12 16:00:32 | 000,566,784 | ---- | C] ( ) -- C:\Users\Arek\AppData\Local\jushed.exe [2011-06-12 16:00:32 | 000,347,136 | ---- | C] (NirSoft) -- C:\Users\Arek\AppData\Local\nircmd.exe [2011-06-12 00:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2 Assassins of Kings [2011-06-11 23:42:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Witcher 2 Assassins of Kings [2011-06-11 18:29:29 | 000,566,784 | RHS- | C] ( ) -- C:\ProgramData\jushed.exe [2011-06-11 14:00:44 | 000,000,000 | ---D | C] -- C:\Users\Arek\LiU_print [2011-06-11 13:49:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO [2011-06-11 13:49:34 | 000,091,568 | ---- | C] (PowerISO Computing, Inc.) -- C:\Windows\SysNative\drivers\scdemu.sys [2011-06-11 13:49:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO [2011-06-11 00:28:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroPlus+ Angielski z Cambridge [2011-06-11 00:28:20 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe [2011-06-11 00:27:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EuroPlus+ Angielski z Cambridge [2011-06-10 19:16:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Magician [2011-06-10 19:16:25 | 000,526,184 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\SysWow64\XceedCry.dll [2011-06-10 19:16:25 | 000,456,536 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\SysWow64\XCEEDZIP.DLL [2011-06-10 19:16:25 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msinet.ocx [2011-06-10 18:56:37 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Wireshark [2011-06-10 18:55:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap [2011-06-10 18:55:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap [2011-06-10 18:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark [2011-06-10 18:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wireshark [2011-06-10 18:53:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2011-06-10 15:48:05 | 000,000,000 | ---D | C] -- C:\Users\Arek\Documents\FIFA 11 [2011-06-10 14:23:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fifa Master 11 [2011-06-10 14:23:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fifa Master [2011-06-10 12:29:49 | 001,437,488 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Arek\Desktop\TDSSKiller.exe [2011-06-09 23:43:00 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Malwarebytes [2011-06-09 23:42:52 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011-06-09 23:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011-06-09 23:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011-06-09 23:42:48 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011-06-09 23:42:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011-06-09 20:08:01 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\VirtuaTennis2009 [2011-06-09 18:16:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2011-06-09 18:06:54 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\PunkBuster [2011-06-09 17:41:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2011-06-09 16:40:53 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\SKIDROW [2011-06-09 16:33:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2011-06-09 16:10:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Valve [2011-06-08 19:37:30 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Leadertech [2011-06-08 19:32:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Sports [2011-06-07 21:00:54 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Thunderbird [2011-06-07 21:00:54 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Thunderbird [2011-06-07 21:00:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird [2011-06-07 21:00:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2011-06-05 19:07:04 | 000,000,000 | ---D | C] -- C:\Users\Arek\Desktop\Windows 7 Final Icons [2011-06-04 13:25:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2011-06-04 13:23:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works [2011-06-04 13:23:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2011-06-04 13:23:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2011-06-04 13:22:23 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011-06-04 13:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2011-06-04 13:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2011-06-04 13:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2011-06-04 13:17:25 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2011-06-04 13:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011-06-04 13:12:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2011-06-04 13:11:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player [2011-06-04 13:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2011-06-04 13:06:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2011-06-04 12:55:34 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Microsoft Help [2011-06-04 12:55:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2011-06-01 19:32:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS [2011-06-01 19:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters [2011-06-01 19:32:06 | 000,000,000 | ---D | C] -- C:\Users\Arek\Documents\My Games [2011-06-01 19:31:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2011-06-01 18:07:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011-06-01 18:06:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2011-06-01 17:31:51 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\2K Games [2011-06-01 16:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games [2011-05-31 22:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia [2011-05-31 22:05:09 | 000,010,454 | ---- | C] (Data Encryption Systems Limited) -- C:\Windows\SysWow64\drivers\parldr2k.sys [2011-05-31 22:04:27 | 000,066,560 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsx64.dll [2011-05-31 22:04:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phoenix [2011-05-31 22:03:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia [2011-05-30 21:29:38 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\CrashDumps [2011-05-30 17:45:37 | 000,000,000 | ---D | C] -- C:\Users\Arek\Documents\Witcher 2 [2011-05-30 17:22:46 | 000,347,136 | RHS- | C] (NirSoft) -- C:\ProgramData\nircmd.exe [2011-05-30 16:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2011-05-30 16:07:20 | 000,382,584 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\symnets.sys [2011-05-30 16:07:19 | 000,912,504 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\symefa64.sys [2011-05-30 16:07:18 | 000,744,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\srtsp64.sys [2011-05-30 16:07:18 | 000,450,680 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\symds64.sys [2011-05-30 16:07:18 | 000,171,128 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\ironx64.sys [2011-05-30 16:07:18 | 000,040,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\srtspx64.sys [2011-05-30 16:07:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D [2011-05-30 16:01:28 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2011-05-30 16:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2011-05-30 16:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2011-05-30 16:00:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64 [2011-05-30 16:00:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus [2011-05-30 16:00:42 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus [2011-05-30 16:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2011-05-30 16:00:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2011-05-30 16:00:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller [2011-05-30 15:14:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1C-SoftClub [2011-05-30 14:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Albion [2011-05-30 14:22:33 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAYit! FCE PR 4 [2011-05-30 14:22:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAYit! FCE PR 4 [2011-05-30 14:22:24 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAYit! FCE PR 3 [2011-05-30 14:22:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAYit! FCE PR 3 [2011-05-30 14:22:01 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAYit! FCE PR 2 [2011-05-30 14:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAYit! FCE PR 2 [2011-05-30 14:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MoreWords [2011-05-30 14:21:45 | 000,000,000 | ---D | C] -- C:\Windows\SAYit! FCE PR 4 [2011-05-30 14:21:22 | 000,000,000 | ---D | C] -- C:\Windows\SAYit! FCE PR 3 [2011-05-30 14:21:08 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAYit! FCE PR 1 [2011-05-30 14:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAYit! FCE PR 1 [2011-05-30 14:21:04 | 000,000,000 | ---D | C] -- C:\Windows\SAYit! FCE PR 2 [2011-05-30 14:20:34 | 000,000,000 | ---D | C] -- C:\Windows\SAYit! FCE PR 1 [2011-05-30 14:11:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\YDP [2011-05-30 14:11:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Business English [2011-05-30 14:10:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2011-05-30 14:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BE Inspired! Upper-Intermediate [2011-05-30 14:02:02 | 000,000,000 | ---D | C] -- C:\Windows\BE Inspired! Upper-Intermediate [2011-05-30 14:01:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BE Inspired! Intermediate [2011-05-30 14:00:07 | 000,000,000 | ---D | C] -- C:\Windows\BE Inspired! Intermediate [2011-05-30 13:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound [2011-05-30 13:41:14 | 019,087,360 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\SysWow64\mkl_blueripple.dll [2011-05-30 13:41:14 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll [2011-05-30 13:41:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS [2011-05-30 13:40:59 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2011-05-30 13:40:59 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2011-05-30 13:40:59 | 000,122,904 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2011-05-30 13:40:59 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2011-05-30 13:40:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL [2011-05-30 13:40:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2011-05-30 13:39:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2011-05-30 13:37:58 | 000,000,000 | ---D | C] -- C:\angielski [2011-05-30 13:37:17 | 000,000,000 | ---D | C] -- C:\angielski_tmp [2011-05-30 13:21:49 | 000,000,000 | ---D | C] -- C:\Games [2011-05-29 22:21:07 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2011-05-29 13:12:07 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\CyberLink [2011-05-29 13:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink [2011-05-29 13:09:55 | 000,000,000 | ---D | C] -- C:\Users\Arek\Documents\Youcam [2011-05-29 13:09:55 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\CyberLink [2011-05-29 13:08:41 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam [2011-05-29 13:07:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink [2011-05-29 13:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp [2011-05-26 22:39:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2011 [2011-05-26 22:01:55 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\ESET [2011-05-26 22:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-06-22 19:22:32 | 004,456,448 | -HS- | M] () -- C:\Users\Arek\ntuser.dat [2011-06-22 19:11:37 | 000,021,824 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-06-22 19:11:37 | 000,021,824 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-06-22 19:04:03 | 000,000,002 | ---- | M] () -- C:\ProgramData\datesavefile [2011-06-22 19:04:03 | 000,000,001 | ---- | M] () -- C:\ProgramData\varsavefile [2011-06-22 19:02:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2011-06-22 19:02:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-06-22 19:02:44 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys [2011-06-22 19:02:06 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat [2011-06-22 19:01:55 | 003,846,952 | -H-- | M] () -- C:\Users\Arek\AppData\Local\IconCache.db [2011-06-22 13:37:23 | 000,513,080 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2011-06-22 13:04:29 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys [2011-06-22 13:04:29 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2011-06-22 00:16:44 | 000,001,935 | ---- | M] () -- C:\Users\Public\Desktop\Gothic III.lnk [2011-06-22 00:14:50 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Gothic III CP.lnk [2011-06-22 00:10:02 | 000,001,040 | ---- | M] () -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk [2011-06-22 00:10:01 | 000,001,004 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk [2011-06-21 20:49:22 | 000,001,638 | ---- | M] () -- C:\Users\Arek\Desktop\ET — skrót.lnk [2011-06-21 19:58:12 | 000,000,831 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Age II.lnk [2011-06-21 17:25:47 | 000,000,868 | ---- | M] () -- C:\Users\Arek\Desktop\Fable III.lnk [2011-06-20 07:31:40 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-06-20 07:31:40 | 000,697,912 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011-06-20 07:31:40 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-06-20 07:31:40 | 000,134,990 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011-06-20 07:31:40 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-06-19 20:13:51 | 000,921,654 | ---- | M] () -- C:\Users\Arek\Desktop\DSC03948X.bmp [2011-06-19 15:21:41 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Utwórz plik PDF.lnk [2011-06-19 13:59:51 | 000,002,060 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011-06-19 03:29:54 | 000,002,227 | ---- | M] () -- C:\Users\Public\Desktop\English Translator XT.lnk [2011-06-19 03:29:54 | 000,002,132 | ---- | M] () -- C:\Users\Public\Desktop\Słownik Podręczny.lnk [2011-06-19 03:20:21 | 000,001,134 | ---- | M] () -- C:\Users\Arek\Desktop\Angielski dla leniwych 2.lnk [2011-06-19 03:13:16 | 000,001,124 | ---- | M] () -- C:\Users\Arek\Desktop\Angielski dla leniwych.lnk [2011-06-19 02:56:07 | 307,274,723 | R--- | M] () -- C:\Users\Arek\Desktop\Angielski_dla_leniwych_2x_iso.part3.rar [2011-06-19 02:47:11 | 473,956,352 | R--- | M] () -- C:\Users\Arek\Desktop\Angielski_dla_leniwych_2x_iso.part2.rar [2011-06-19 02:42:56 | 473,956,352 | R--- | M] () -- C:\Users\Arek\Desktop\Angielski_dla_leniwych_2x_iso.part1.rar [2011-06-18 13:38:56 | 008,086,982 | R--- | M] () -- C:\Users\Arek\Desktop\ALLPlayer V4.1.6.5 Crack LiveUpdate.rar [2011-06-17 13:44:58 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk [2011-06-16 13:04:44 | 000,000,353 | R--- | M] () -- C:\Users\Arek\Desktop\glowny_64aac.m3u [2011-06-16 12:55:15 | 002,210,816 | ---- | M] () -- C:\Users\Arek\Documents\barak.mp3 [2011-06-15 21:14:08 | 004,973,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-06-15 20:44:56 | 001,584,970 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\Cat.DB [2011-06-15 10:02:33 | 002,602,214 | ---- | M] () -- C:\Users\Arek\Desktop\Aes(aka Raksta) - Bezpowrotna Droga (gosc. Lysu, Muszla).mp3 [2011-06-13 23:27:11 | 000,001,088 | ---- | M] () -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2011-06-13 23:27:11 | 000,001,074 | ---- | M] () -- C:\Users\Arek\Desktop\GameRanger.lnk [2011-06-13 22:40:46 | 000,000,414 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2011-06-13 21:04:15 | 000,109,992 | ---- | M] () -- C:\Users\Arek\AppData\Local\GDIPFONTCACHEV1.DAT [2011-06-13 20:44:59 | 000,000,531 | ---- | M] () -- C:\Windows\win.ini [2011-06-13 19:48:39 | 000,144,339 | ---- | M] () -- C:\Users\Arek\Documents\49e6bff58c028c6c329bc7eedde8d496.jpg [2011-06-13 14:21:52 | 000,002,616 | ---- | M] () -- C:\{DA67E12F-48D4-41B0-8BFE-C402A7B4153B} [2011-06-13 12:00:14 | 000,000,970 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk [2011-06-12 16:00:32 | 007,987,953 | ---- | M] (CCCP Project ) -- C:\Users\Arek\AppData\Local\Codecs.exe [2011-06-12 16:00:32 | 000,566,784 | ---- | M] ( ) -- C:\Users\Arek\AppData\Local\jushed.exe [2011-06-12 16:00:32 | 000,347,136 | RHS- | M] (NirSoft) -- C:\ProgramData\nircmd.exe [2011-06-12 16:00:32 | 000,347,136 | ---- | M] (NirSoft) -- C:\Users\Arek\AppData\Local\nircmd.exe [2011-06-12 16:00:32 | 000,004,768 | ---- | M] () -- C:\Users\Arek\AppData\Local\operaprefs.ini [2011-06-12 16:00:32 | 000,004,768 | ---- | M] () -- C:\ProgramData\operaprefs.ini [2011-06-11 18:29:28 | 000,566,784 | RHS- | M] ( ) -- C:\ProgramData\jushed.exe [2011-06-11 13:55:53 | 000,000,000 | ---- | M] () -- C:\Users\Arek\Documents\SLUB(2).wmv [2011-06-11 13:53:53 | 000,000,000 | ---- | M] () -- C:\Users\Arek\Documents\SLUB(1).wmv [2011-06-11 13:50:43 | 031,779,840 | ---- | M] () -- C:\Users\Arek\Documents\SLUB.wmv [2011-06-11 13:49:38 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk [2011-06-11 00:28:39 | 000,002,223 | ---- | M] () -- C:\Users\Public\Desktop\EuroPlus+ Angielski z Cambridge.lnk [2011-06-10 18:39:34 | 000,001,063 | ---- | M] () -- C:\Users\Arek\Desktop\Pobranee — skrót.lnk [2011-06-09 18:06:59 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-06-09 18:06:56 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-06-09 16:33:25 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\Portal 2.lnk [2011-06-08 23:16:39 | 044,070,179 | ---- | M] () -- C:\Users\Arek\Desktop\FSIE-1.mp3 [2011-06-07 17:32:48 | 001,437,488 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Arek\Desktop\TDSSKiller.exe [2011-06-07 13:44:51 | 000,001,747 | ---- | M] () -- C:\Users\Arek\Desktop\praca — skrót.lnk [2011-06-05 19:09:31 | 000,001,616 | ---- | M] () -- C:\Users\Arek\Desktop\Biblioteki — skrót.lnk [2011-06-05 14:01:48 | 000,001,554 | ---- | M] () -- C:\Users\Arek\Desktop\angielski — skrót.lnk [2011-06-04 14:44:32 | 000,001,871 | ---- | M] () -- C:\Users\Arek\Desktop\p_slownictwo_60 — skrót.lnk [2011-06-01 20:01:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf [2011-05-31 22:24:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01007.Wdf [2011-05-31 22:05:09 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) -- C:\Windows\SysWow64\drivers\parldr2k.sys [2011-05-30 17:23:39 | 000,000,002 | ---- | M] () -- C:\ProgramData\timerxfile [2011-05-30 16:07:21 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2011-05-30 16:07:21 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2011-05-30 16:07:21 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2011-05-30 14:17:52 | 000,000,023 | ---- | M] () -- C:\Windows\Q [2011-05-30 13:40:59 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2011-05-30 13:40:59 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2011-05-30 13:40:59 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2011-05-30 13:40:59 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2011-05-29 22:16:37 | 000,001,117 | ---- | M] () -- C:\Users\Arek\Desktop\CyberLink YouCam.lnk [2011-05-29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011-05-29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011-05-26 22:43:50 | 000,524,288 | -HS- | M] () -- C:\Users\Arek\ntuser.dat{46b4da01-87d5-11e0-8a1c-8f65d63863a3}.TMContainer00000000000000000002.regtrans-ms [2011-05-26 22:43:50 | 000,524,288 | -HS- | M] () -- C:\Users\Arek\ntuser.dat{46b4da01-87d5-11e0-8a1c-8f65d63863a3}.TMContainer00000000000000000001.regtrans-ms [2011-05-26 22:43:50 | 000,065,536 | -HS- | M] () -- C:\Users\Arek\ntuser.dat{46b4da01-87d5-11e0-8a1c-8f65d63863a3}.TM.blf [2011-05-26 20:22:02 | 000,004,224 | ---- | M] () -- C:\Users\Arek\Desktop\sigpic12301_8.gif.jpg [2011-05-24 18:44:23 | 000,152,233 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-22 13:37:23 | 000,513,080 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys [2011-06-22 00:34:27 | 004,743,862 | ---- | C] () -- C:\Users\Arek\Desktop\Gothic_3_Forsaken_Gods_-_Poradnik_Gry-OnLine.pdf [2011-06-22 00:16:44 | 000,001,935 | ---- | C] () -- C:\Users\Public\Desktop\Gothic III.lnk [2011-06-22 00:14:50 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\Gothic III CP.lnk [2011-06-22 00:10:02 | 000,001,040 | ---- | C] () -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk [2011-06-22 00:10:00 | 000,001,004 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk [2011-06-22 00:08:59 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys [2011-06-22 00:08:39 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2011-06-21 20:49:22 | 000,001,638 | ---- | C] () -- C:\Users\Arek\Desktop\ET — skrót.lnk [2011-06-21 19:58:12 | 000,000,831 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Age II.lnk [2011-06-21 17:25:47 | 000,000,868 | ---- | C] () -- C:\Users\Arek\Desktop\Fable III.lnk [2011-06-19 20:13:51 | 000,921,654 | ---- | C] () -- C:\Users\Arek\Desktop\DSC03948X.bmp [2011-06-19 15:21:41 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Utwórz plik PDF.lnk [2011-06-19 13:59:50 | 000,002,060 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011-06-19 13:59:49 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011-06-19 03:28:00 | 000,002,227 | ---- | C] () -- C:\Users\Public\Desktop\English Translator XT.lnk [2011-06-19 03:28:00 | 000,002,132 | ---- | C] () -- C:\Users\Public\Desktop\Słownik Podręczny.lnk [2011-06-19 03:20:20 | 000,001,134 | ---- | C] () -- C:\Users\Arek\Desktop\Angielski dla leniwych 2.lnk [2011-06-19 03:13:16 | 000,001,124 | ---- | C] () -- C:\Users\Arek\Desktop\Angielski dla leniwych.lnk [2011-06-19 02:56:27 | 307,274,723 | R--- | C] () -- C:\Users\Arek\Desktop\Angielski_dla_leniwych_2x_iso.part3.rar [2011-06-19 02:22:55 | 473,956,352 | R--- | C] () -- C:\Users\Arek\Desktop\Angielski_dla_leniwych_2x_iso.part1.rar [2011-06-19 02:22:30 | 473,956,352 | R--- | C] () -- C:\Users\Arek\Desktop\Angielski_dla_leniwych_2x_iso.part2.rar [2011-06-18 13:39:59 | 000,675,840 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.ax [2011-06-18 13:38:49 | 008,086,982 | R--- | C] () -- C:\Users\Arek\Desktop\ALLPlayer V4.1.6.5 Crack LiveUpdate.rar [2011-06-18 13:33:46 | 000,795,648 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011-06-17 13:44:58 | 000,001,150 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk [2011-06-16 13:05:04 | 000,000,353 | R--- | C] () -- C:\Users\Arek\Desktop\glowny_64aac.m3u [2011-06-16 12:44:21 | 002,210,816 | ---- | C] () -- C:\Users\Arek\Documents\barak.mp3 [2011-06-16 12:07:04 | 002,392,953 | ---- | C] () -- C:\Users\Arek\Documents\20110104232.JPG [2011-06-16 12:07:02 | 002,408,550 | ---- | C] () -- C:\Users\Arek\Documents\20110104231.JPG [2011-06-16 12:07:01 | 002,170,224 | ---- | C] () -- C:\Users\Arek\Documents\20110104230.JPG [2011-06-16 12:07:00 | 002,525,023 | ---- | C] () -- C:\Users\Arek\Documents\20110104229.JPG [2011-06-16 12:06:57 | 002,297,093 | ---- | C] () -- C:\Users\Arek\Documents\20110104228.JPG [2011-06-16 12:06:57 | 002,226,697 | ---- | C] () -- C:\Users\Arek\Documents\20110104233.JPG [2011-06-15 10:02:22 | 002,602,214 | ---- | C] () -- C:\Users\Arek\Desktop\Aes(aka Raksta) - Bezpowrotna Droga (gosc. Lysu, Muszla).mp3 [2011-06-13 23:27:11 | 000,001,088 | ---- | C] () -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2011-06-13 23:27:11 | 000,001,074 | ---- | C] () -- C:\Users\Arek\Desktop\GameRanger.lnk [2011-06-13 23:27:10 | 000,001,060 | ---- | C] () -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk [2011-06-13 22:40:46 | 000,000,414 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011-06-13 20:53:22 | 000,001,379 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2011-06-13 19:47:55 | 000,144,339 | ---- | C] () -- C:\Users\Arek\Documents\49e6bff58c028c6c329bc7eedde8d496.jpg [2011-06-13 14:21:51 | 000,002,616 | ---- | C] () -- C:\{DA67E12F-48D4-41B0-8BFE-C402A7B4153B} [2011-06-13 12:00:44 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat [2011-06-13 00:52:03 | 000,000,970 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk [2011-06-12 16:00:32 | 000,004,768 | ---- | C] () -- C:\Users\Arek\AppData\Local\operaprefs.ini [2011-06-11 13:55:53 | 000,000,000 | ---- | C] () -- C:\Users\Arek\Documents\SLUB(2).wmv [2011-06-11 13:53:53 | 000,000,000 | ---- | C] () -- C:\Users\Arek\Documents\SLUB(1).wmv [2011-06-11 13:49:38 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk [2011-06-11 13:39:04 | 031,779,840 | ---- | C] () -- C:\Users\Arek\Documents\SLUB.wmv [2011-06-11 00:28:39 | 000,002,223 | ---- | C] () -- C:\Users\Public\Desktop\EuroPlus+ Angielski z Cambridge.lnk [2011-06-10 20:36:55 | 000,164,852 | ---- | C] () -- C:\Users\Arek\Desktop\1000 slow i zwrotow w pracy.pdf [2011-06-10 19:16:26 | 000,110,602 | ---- | C] () -- C:\Windows\SysWow64\xcdsfx32.bin [2011-06-10 11:48:39 | 044,070,179 | ---- | C] () -- C:\Users\Arek\Desktop\FSIE-1.mp3 [2011-06-09 18:06:59 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-06-09 18:06:56 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-06-09 16:33:25 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\Portal 2.lnk [2011-06-07 13:44:51 | 000,001,747 | ---- | C] () -- C:\Users\Arek\Desktop\praca — skrót.lnk [2011-06-05 19:04:57 | 000,001,616 | ---- | C] () -- C:\Users\Arek\Desktop\Biblioteki — skrót.lnk [2011-06-05 14:01:30 | 000,001,554 | ---- | C] () -- C:\Users\Arek\Desktop\angielski — skrót.lnk [2011-06-04 14:44:32 | 000,001,871 | ---- | C] () -- C:\Users\Arek\Desktop\p_slownictwo_60 — skrót.lnk [2011-06-04 13:17:06 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk [2011-06-04 13:15:56 | 000,001,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk [2011-06-04 13:12:23 | 000,001,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk [2011-06-04 13:11:57 | 000,001,262 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk [2011-06-04 13:08:31 | 000,001,353 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk [2011-06-04 13:08:12 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk [2011-06-04 13:06:39 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2011-06-01 20:01:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf [2011-05-31 22:24:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01007.Wdf [2011-05-30 17:22:50 | 000,000,002 | ---- | C] () -- C:\ProgramData\timerxfile [2011-05-30 17:22:50 | 000,000,002 | ---- | C] () -- C:\ProgramData\datesavefile [2011-05-30 17:22:50 | 000,000,001 | ---- | C] () -- C:\ProgramData\varsavefile [2011-05-30 17:22:46 | 000,004,768 | ---- | C] () -- C:\ProgramData\operaprefs.ini [2011-05-30 16:13:11 | 001,584,970 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\Cat.DB [2011-05-30 16:07:20 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\symnet64.cat [2011-05-30 16:07:19 | 000,001,446 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\symnet.inf [2011-05-30 16:07:18 | 000,007,492 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\iron.cat [2011-05-30 16:07:18 | 000,007,462 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\srtspx64.cat [2011-05-30 16:07:18 | 000,007,460 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\symefa64.cat [2011-05-30 16:07:18 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\srtsp64.cat [2011-05-30 16:07:18 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\symefa.inf [2011-05-30 16:07:18 | 000,002,792 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\symds.inf [2011-05-30 16:07:18 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\srtsp64.inf [2011-05-30 16:07:18 | 000,001,422 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\srtspx64.inf [2011-05-30 16:07:18 | 000,000,772 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\iron.inf [2011-05-30 16:07:05 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\symds64.cat [2011-05-30 16:07:03 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1206000.01D\isolate.ini [2011-05-30 16:01:28 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2011-05-30 16:01:28 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2011-05-30 14:11:48 | 000,000,023 | ---- | C] () -- C:\Windows\Q [2011-05-29 13:08:41 | 000,001,117 | ---- | C] () -- C:\Users\Arek\Desktop\CyberLink YouCam.lnk [2011-05-26 22:32:56 | 000,524,288 | -HS- | C] () -- C:\Users\Arek\ntuser.dat{46b4da01-87d5-11e0-8a1c-8f65d63863a3}.TMContainer00000000000000000002.regtrans-ms [2011-05-26 22:32:56 | 000,524,288 | -HS- | C] () -- C:\Users\Arek\ntuser.dat{46b4da01-87d5-11e0-8a1c-8f65d63863a3}.TMContainer00000000000000000001.regtrans-ms [2011-05-26 22:32:56 | 000,065,536 | -HS- | C] () -- C:\Users\Arek\ntuser.dat{46b4da01-87d5-11e0-8a1c-8f65d63863a3}.TM.blf [2011-05-26 20:22:00 | 000,004,224 | ---- | C] () -- C:\Users\Arek\Desktop\sigpic12301_8.gif.jpg [2011-05-26 19:46:18 | 000,063,488 | ---- | C] () -- C:\Users\Arek\AppData\Roaming\chrtmp [2011-05-15 16:07:57 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2011-05-15 14:51:58 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2011-05-08 15:21:45 | 000,007,605 | ---- | C] () -- C:\Users\Arek\AppData\Local\Resmon.ResmonCfg [2011-05-07 23:13:17 | 000,057,856 | ---- | C] () -- C:\Windows\Fce32.dll [2011-05-07 23:13:14 | 000,092,672 | ---- | C] () -- C:\Windows\SysWow64\See32.dll [2011-05-07 23:13:14 | 000,057,856 | ---- | C] () -- C:\Windows\SysWow64\Fce32.dll [2011-05-06 21:50:28 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll [2011-05-01 16:20:02 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2011-05-01 16:19:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-05-01 10:34:06 | 000,109,992 | ---- | C] () -- C:\Users\Arek\AppData\Local\GDIPFONTCACHEV1.DAT [2011-04-27 08:32:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011-04-26 17:52:58 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat [2011-04-26 17:25:42 | 003,846,952 | -H-- | C] () -- C:\Users\Arek\AppData\Local\IconCache.db [2011-04-18 12:31:42 | 000,197,744 | ---- | C] () -- C:\Users\Arek\AppData\Local\ConduitInstaller.exe [2011-04-16 18:51:16 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011-04-05 22:09:48 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011-03-27 21:43:08 | 000,096,768 | ---- | C] () -- C:\Users\Arek\AppData\Local\Bloson.exe [2011-03-21 13:36:30 | 000,026,456 | ---- | C] () -- C:\Users\Arek\AppData\Local\bloson.bmp [2010-11-13 12:14:46 | 000,062,648 | ---- | C] () -- C:\Users\Arek\AppData\Local\toolbar3.bmp [2010-11-12 12:09:56 | 000,195,108 | ---- | C] () -- C:\Users\Arek\AppData\Local\lateral3.bmp [2010-11-12 11:44:14 | 000,193,744 | ---- | C] () -- C:\Users\Arek\AppData\Local\lateral1.bmp [2010-11-12 11:10:58 | 000,193,744 | ---- | C] () -- C:\Users\Arek\AppData\Local\lateral2.bmp [2010-03-03 08:08:14 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010-03-03 08:08:14 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010-03-03 08:08:14 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010-03-03 08:08:12 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010-03-03 08:08:10 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010-02-23 21:15:02 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009-07-14 04:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2009-07-14 04:34:57 | 000,000,531 | ---- | C] () -- C:\Windows\win.ini [2009-07-14 04:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2007-11-06 22:19:28 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\SysWow64\DK2WIN32.DLL [color=#E56717]========== LOP Check ==========[/color] [2011-06-22 18:40:20 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\AIMP [2011-06-22 19:14:28 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\BitTorrent [2011-04-27 09:40:05 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\DAEMON Tools Lite [2011-05-01 10:34:16 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Easeware [2011-06-22 13:48:17 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Gadu-Gadu 10 [2011-06-13 23:27:10 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\GameRanger [2011-05-06 20:14:12 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\IrfanView [2011-06-08 19:37:30 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Leadertech [2011-06-13 19:51:02 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Lionhead Studios [2011-06-09 18:06:54 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\PunkBuster [2011-04-26 18:05:03 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Sports Interactive [2011-06-07 21:00:54 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Thunderbird [2011-06-13 23:30:38 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Tunngle [2011-05-03 20:48:33 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Windows-7-Themes.com [2011-06-10 18:56:37 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Wireshark [2011-06-07 23:08:10 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >